Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Debian Security Advisory DSA 3896-1 (apache2 - security update)

🗓️ 22 Jun 2017 00:00:00Reported by Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.netType 
openvas
 openvas🔗 plugins.openvas.org👁 47 Views

Debian Security Advisory DSA 3896-1 addresses vulnerabilities in Apache HTTPD serve

Related
Refs
Code
ReporterTitlePublishedViews
Family
FreeBSD		Apache httpd -- several vulnerabilities
20 Jun 201700:00
freebsd
Gitee		Exploit for Cross-site Scripting in Jquery
6 Sep 202502:16
gitee
Gitee		Exploit for CVE-2017-3143
27 Jul 202503:52
gitee
IBM Security Bulletins		Security Bulletin: Vulnerabilities in httpd affect Power Hardware Management Console
23 Sep 202101:45
ibm
IBM Security Bulletins		Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Tivoli Federated Identity Manager and IBM Tivoli Federated Identity Manager Business Gateway
16 Jun 201822:01
ibm
IBM Security Bulletins		Security Bulletin: Multiple security vulnerabilities affect IBM WebSphere Application Server for Bluemix
15 Jun 201807:08
ibm
IBM Security Bulletins		Security Bulletin: A Security vulnerability has been identified in IBM HTTP Server bundled with IBM WebSphere Application Server Patterns and IBM WebSphere Application Server for Cloud (CVE-2017-7679, CVE-2017-7668, CVE-2017-3167)
15 Jun 201807:07
ibm
IBM Security Bulletins		Security Bulletin: Vulnerabilities in HTTPD affect IBM BladeCenter Advanced Management Module (AMM)
14 Apr 202314:32
ibm
IBM Security Bulletins		Security Bulletin: Multiple Security Issues in IBM Tealeaf Customer Experience on Cloud Network Capture Add-On
10 Jul 201816:24
ibm
IBM Security Bulletins		Security Bulletin: Multiple vulnerabilities in apache2 affect IBM Flex System Manager (FSM)
18 Jun 201801:42
ibm
Rows per page
# OpenVAS Vulnerability Test
# $Id: deb_3896.nasl 6906 2017-08-11 13:21:18Z cfischer $
# Auto-generated from advisory DSA 3896-1 using nvtgen 1.0
# Script version: 1.0
#
# Author:
# Greenbone Networks
#
# Copyright:
# Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net
# Text descriptions are largely excerpted from the referenced
# advisory, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#


if(description)
{
    script_id(703896);
    script_version("$Revision: 6906 $");
    script_cve_id("CVE-2017-3167", "CVE-2017-3169", "CVE-2017-7659", "CVE-2017-7668", "CVE-2017-7679");
    script_name("Debian Security Advisory DSA 3896-1 (apache2 - security update)");
    script_tag(name: "last_modification", value: "$Date: 2017-08-11 15:21:18 +0200 (Fri, 11 Aug 2017) $");
    script_tag(name: "creation_date", value: "2017-06-22 00:00:00 +0200 (Thu, 22 Jun 2017)");
    script_tag(name:"cvss_base", value:"7.5");
    script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
    script_tag(name: "solution_type", value: "VendorFix");
    script_tag(name: "qod_type", value: "package");

    script_xref(name: "URL", value: "http://www.debian.org/security/2017/dsa-3896.html");

    script_category(ACT_GATHER_INFO);

    script_copyright("Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net");
    script_family("Debian Local Security Checks");
    script_dependencies("gather-package-list.nasl");
    script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages");
    script_tag(name: "affected",  value: "apache2 on Debian Linux");
        script_tag(name: "insight",   value: "The Apache HTTP Server Project's goal is to build a secure, efficient and
extensible HTTP server as standards-compliant open source software. The
result has long been the number one web server on the Internet.");
    script_tag(name: "solution",  value: "For the oldstable distribution (jessie), these problems have been fixed
in version 2.4.10-10+deb8u9. The oldstable distribution (jessie) is not
affected by CVE-2017-7659 
.

For the stable distribution (stretch), these problems have been fixed in
version 2.4.25-3+deb9u1.

For the unstable distribution (sid), these problems have been fixed in
version 2.4.25-4.

We recommend that you upgrade your apache2 packages.");
    script_tag(name: "summary",   value: "Several vulnerabilities have been found in the Apache HTTPD server.

CVE-2017-3167 
Emmanuel Dreyfus reported that the use of ap_get_basic_auth_pw() by
third-party modules outside of the authentication phase may lead to
authentication requirements being bypassed.

CVE-2017-3169 
Vasileios Panopoulos of AdNovum Informatik AG discovered that
mod_ssl may dereference a NULL pointer when third-party modules call
ap_hook_process_connection() during an HTTP request to an HTTPS port
leading to a denial of service.

CVE-2017-7659 
Robert Swiecki reported that a specially crafted HTTP/2 request
could cause mod_http2 to dereference a NULL pointer and crash the
server process.

CVE-2017-7668 
Javier Jimenez reported that the HTTP strict parsing contains a
flaw leading to a buffer overread in ap_find_token(). A remote
attacker can take advantage of this flaw by carefully crafting a
sequence of request headers to cause a segmentation fault, or to
force ap_find_token() to return an incorrect value.

CVE-2017-7679 
ChenQin and Hanno Boeck reported that mod_mime can read one byte
past the end of a buffer when sending a malicious Content-Type
response header.");
    script_tag(name: "vuldetect", value: "This check tests the installed software version using the apt package manager.");

    exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-deb.inc");

res = "";
report = "";
if ((res = isdpkgvuln(pkg:"apache2", ver:"2.4.10-10+deb8u9", rls_regex:"DEB8.[0-9]+", remove_arch:TRUE )) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"apache2-bin", ver:"2.4.10-10+deb8u9", rls_regex:"DEB8.[0-9]+", remove_arch:TRUE )) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"apache2-data", ver:"2.4.10-10+deb8u9", rls_regex:"DEB8.[0-9]+", remove_arch:TRUE )) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"apache2-dbg", ver:"2.4.10-10+deb8u9", rls_regex:"DEB8.[0-9]+", remove_arch:TRUE )) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"apache2-dev", ver:"2.4.10-10+deb8u9", rls_regex:"DEB8.[0-9]+", remove_arch:TRUE )) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"apache2-doc", ver:"2.4.10-10+deb8u9", rls_regex:"DEB8.[0-9]+", remove_arch:TRUE )) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"apache2-mpm-event", ver:"2.4.10-10+deb8u9", rls_regex:"DEB8.[0-9]+", remove_arch:TRUE )) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"apache2-mpm-itk", ver:"2.4.10-10+deb8u9", rls_regex:"DEB8.[0-9]+", remove_arch:TRUE )) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"apache2-mpm-prefork", ver:"2.4.10-10+deb8u9", rls_regex:"DEB8.[0-9]+", remove_arch:TRUE )) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"apache2-mpm-worker", ver:"2.4.10-10+deb8u9", rls_regex:"DEB8.[0-9]+", remove_arch:TRUE )) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"apache2-suexec", ver:"2.4.10-10+deb8u9", rls_regex:"DEB8.[0-9]+", remove_arch:TRUE )) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"apache2-suexec-custom", ver:"2.4.10-10+deb8u9", rls_regex:"DEB8.[0-9]+", remove_arch:TRUE )) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"apache2-suexec-pristine", ver:"2.4.10-10+deb8u9", rls_regex:"DEB8.[0-9]+", remove_arch:TRUE )) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"apache2-utils", ver:"2.4.10-10+deb8u9", rls_regex:"DEB8.[0-9]+", remove_arch:TRUE )) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"apache2.2-bin", ver:"2.4.10-10+deb8u9", rls_regex:"DEB8.[0-9]+", remove_arch:TRUE )) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"apache2.2-common", ver:"2.4.10-10+deb8u9", rls_regex:"DEB8.[0-9]+", remove_arch:TRUE )) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"libapache2-mod-macro", ver:"2.4.10-10+deb8u9", rls_regex:"DEB8.[0-9]+", remove_arch:TRUE )) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"libapache2-mod-proxy-html", ver:"2.4.10-10+deb8u9", rls_regex:"DEB8.[0-9]+", remove_arch:TRUE )) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"apache2", ver:"2.4.25-3+deb9u1", rls_regex:"DEB9.[0-9]+", remove_arch:TRUE )) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"apache2-bin", ver:"2.4.25-3+deb9u1", rls_regex:"DEB9.[0-9]+", remove_arch:TRUE )) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"apache2-data", ver:"2.4.25-3+deb9u1", rls_regex:"DEB9.[0-9]+", remove_arch:TRUE )) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"apache2-dbg", ver:"2.4.25-3+deb9u1", rls_regex:"DEB9.[0-9]+", remove_arch:TRUE )) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"apache2-dev", ver:"2.4.25-3+deb9u1", rls_regex:"DEB9.[0-9]+", remove_arch:TRUE )) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"apache2-doc", ver:"2.4.25-3+deb9u1", rls_regex:"DEB9.[0-9]+", remove_arch:TRUE )) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"apache2-ssl-dev", ver:"2.4.25-3+deb9u1", rls_regex:"DEB9.[0-9]+", remove_arch:TRUE )) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"apache2-suexec-custom", ver:"2.4.25-3+deb9u1", rls_regex:"DEB9.[0-9]+", remove_arch:TRUE )) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"apache2-suexec-pristine", ver:"2.4.25-3+deb9u1", rls_regex:"DEB9.[0-9]+", remove_arch:TRUE )) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"apache2-utils", ver:"2.4.25-3+deb9u1", rls_regex:"DEB9.[0-9]+", remove_arch:TRUE )) != NULL) {
    report += res;
}

if (report != "") {
    security_message(data:report);
} else if (__pkg_match) {
    exit(99); # Not vulnerable.
}

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
11 Aug 2017 00:00Current
0.3Low risk
Vulners AI Score0.3
EPSS0.64829
apache httpd security vulnerabilitiescve-2017-3167cve-2017-3169cve-2017-7659cve-2017-7668cve-2017-7679authentication bypassnull pointer dereferencedenial of servicehttp/2 requestbuffer overreadremote code executionmod_mime vulnerability
47