Lucene search
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.MARINER_HTTPD_CVE-2009-1890.NASLHistoryMar 28, 2023 - 12:00 a.m.
CBL Mariner 2.0 Security Update: httpd (CVE-2009-1890)
2023-03-2800:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
11
The version of httpd installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2009-1890 advisory.
- The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service (CPU consumption) via crafted requests. (CVE-2009-1890)
Note that Nessus has not tested for this issue but has instead relied only on the applicationβs self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(173501);
script_version("1.0");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/03/28");
script_cve_id("CVE-2009-1890");
script_name(english:"CBL Mariner 2.0 Security Update: httpd (CVE-2009-1890)");
script_set_attribute(attribute:"synopsis", value:
"The remote CBL Mariner host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The version of httpd installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected
by a vulnerability as referenced in the CVE-2009-1890 advisory.
- The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server
before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that
exceeds the Content-Length value, which allows remote attackers to cause a denial of service (CPU
consumption) via crafted requests. (CVE-2009-1890)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://nvd.nist.gov/vuln/detail/CVE-2009-1890");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2009-1890");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2008/01/21");
script_set_attribute(attribute:"patch_publication_date", value:"2022/05/10");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/03/28");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:cbl-mariner:httpd");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:cbl-mariner:httpd-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:cbl-mariner:httpd-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:cbl-mariner:httpd-docs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:cbl-mariner:httpd-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:cbl-mariner:mod_ldap");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:cbl-mariner:mod_proxy_html");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:cbl-mariner:mod_session");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:cbl-mariner:mod_ssl");
script_set_attribute(attribute:"cpe", value:"x-cpe:/o:microsoft:cbl-mariner");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"MarinerOS Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/CBLMariner/release", "Host/CBLMariner/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var release = get_kb_item('Host/CBLMariner/release');
if (isnull(release) || 'CBL-Mariner' >!< release) audit(AUDIT_OS_NOT, 'CBL-Mariner');
var os_ver = pregmatch(pattern: "CBL-Mariner ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CBL-Mariner');
os_ver = os_ver[1];
if (! preg(pattern:"^2([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'CBL-Mariner 2.0', 'CBL-Mariner ' + os_ver);
if (!get_kb_item('Host/CBLMariner/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 'aarch64' >!< cpu)
audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CBL-Mariner', cpu);
var pkgs = [
{'reference':'httpd-2.4.54-1.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'httpd-2.4.54-1.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'httpd-debuginfo-2.4.54-1.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'httpd-debuginfo-2.4.54-1.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'httpd-devel-2.4.54-1.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'httpd-devel-2.4.54-1.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'httpd-docs-2.4.54-1.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'httpd-docs-2.4.54-1.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'httpd-tools-2.4.54-1.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'httpd-tools-2.4.54-1.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mod_ldap-2.4.54-1.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mod_ldap-2.4.54-1.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mod_proxy_html-2.4.54-1.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mod_proxy_html-2.4.54-1.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mod_session-2.4.54-1.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mod_session-2.4.54-1.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mod_ssl-2.4.54-1.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mod_ssl-2.4.54-1.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE}
];
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = 'CBLMariner-' + package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'httpd / httpd-debuginfo / httpd-devel / httpd-docs / httpd-tools / etc');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | cbl-mariner | httpd | p-cpe:/a:microsoft:cbl-mariner:httpd |
| microsoft | cbl-mariner | httpd-debuginfo | p-cpe:/a:microsoft:cbl-mariner:httpd-debuginfo |
| microsoft | cbl-mariner | httpd-devel | p-cpe:/a:microsoft:cbl-mariner:httpd-devel |
| microsoft | cbl-mariner | httpd-docs | p-cpe:/a:microsoft:cbl-mariner:httpd-docs |
| microsoft | cbl-mariner | httpd-tools | p-cpe:/a:microsoft:cbl-mariner:httpd-tools |
| microsoft | cbl-mariner | mod_ldap | p-cpe:/a:microsoft:cbl-mariner:mod_ldap |
| microsoft | cbl-mariner | mod_proxy_html | p-cpe:/a:microsoft:cbl-mariner:mod_proxy_html |
| microsoft | cbl-mariner | mod_session | p-cpe:/a:microsoft:cbl-mariner:mod_session |
| microsoft | cbl-mariner | mod_ssl | p-cpe:/a:microsoft:cbl-mariner:mod_ssl |
| microsoft | cbl-mariner | x-cpe:/o:microsoft:cbl-mariner |
Related
seebug
seebug
Apache mod_proxyεε代ηζη»ζε‘ζΌζ΄
2009-07-07 00:00:00
cve
cve
CVE-2009-1890
2009-07-05 16:30:00
openvas
openvas
Apache 'mod_proxy_http.c' Denial Of Service Vulnerability
2009-07-07 00:00:00
Apache HTTP Server 'mod_proxy_http.c' Denial Of Service Vulnerability
2009-07-07 00:00:00
CentOS Update for httpd CESA-2009:1148 centos5 i386
2011-08-09 00:00:00
debiancve
debiancve
CVE-2009-1890
2009-07-05 16:30:00
cbl_mariner
cbl_mariner
CVE-2009-1890 affecting package httpd 2.4.53-1
2022-11-16 02:26:12
CVE-2009-1890 affecting package httpd 2.4.53-1
2022-11-24 00:45:35
httpd
httpd
Apache Httpd < 2.2.12 : mod_proxy reverse proxy DoS
2009-06-30 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:34:58
prion
prion
Code injection
2009-07-05 16:30:00
ubuntucve
ubuntucve
CVE-2009-1890
2009-07-05 00:00:00
oraclelinux
oraclelinux
httpd security update
2009-07-09 00:00:00
ubuntu
ubuntu
Apache regression
2009-08-19 00:00:00
Apache vulnerabilities
2009-07-13 00:00:00
nessus
nessus
CentOS 5 : httpd (CESA-2009:1148)
2010-01-06 00:00:00
Apache < 2.2.12 Multiple Vulnerabilities
2009-08-03 00:00:00
Oracle Linux 5 : httpd (ELSA-2009-1148)
2013-07-12 00:00:00
redhat
redhat
(RHSA-2009:1148) Important: httpd security update
2009-07-09 00:00:00
(RHSA-2009:1156) Important: httpd security update
2009-07-14 00:00:00
(RHSA-2009:1155) Important: httpd security update
2009-07-14 00:00:00
centos
centos
httpd, mod_ssl security update
2009-07-14 12:16:38
securityvulns
securityvulns
[ MDVSA-2009:149 ] apache
2009-07-09 00:00:00
Apache DoS
2009-07-09 00:00:00
debian
debian
[SECURITY] [DSA 1834-1] New apache2 packages fix denial of service
2009-07-15 19:01:57
[SECURITY] [DSA 1834-2] New apache/apache2-mpm-itk fix regression
2009-07-30 16:37:19
osv
osv
apache2 apache2-mpm-itk - denial of service
2009-07-15 00:00:00
gentoo
gentoo
Apache: Multiple vulnerabilities
2009-07-12 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: httpd-2.2.13-1.fc11
2009-08-31 23:39:38
suse
suse
potential code execution in apache2,libapr1
2009-10-26 13:21:56
freebsd
freebsd
apache22 -- several vulnerabilities
2009-07-28 00:00:00
slackware
slackware
httpd
2009-08-02 15:33:03
altlinux
altlinux
Security fix for the ALT Linux 9 package apache2 version 2.2.12-alt1
2009-07-30 00:00:00
Security fix for the ALT Linux 8 package apache2 version 2.2.12-alt1
2009-07-30 00:00:00
Security fix for the ALT Linux 10 package apache2 version 2.2.12-alt1
2009-07-30 00:00:00
oracle
oracle
Oracle Critical Patch Update - April 2013
2013-04-16 00:00:00
Related for MARINER_HTTPD_CVE-2009-1890.NASL