ID RHSA-2012:0035 Type redhat Reporter RedHat Modified 2018-06-07T02:42:41
Description
mod_cluster-native provides a native build of mod_cluster for the Apache
HTTP Server (httpd). mod_cluster is an httpd-based load balancer. Like
mod_jk, it uses a communication channel to forward requests from httpd to
an application server node.
It was found that mod_cluster allowed worker nodes to register on any
virtual host (vhost), regardless of the security constraints applied to
other vhosts. In a typical environment, there will be one vhost configured
internally for worker nodes, and another configured externally for serving
content. A remote attacker could use this flaw to register an
attacker-controlled worker node via an external vhost that is not
configured to apply security constraints, then use that worker node to
serve malicious content, intercept credentials, and hijack user sessions.
(CVE-2011-4608)
This update also upgrades mod_cluster to version 1.0.10.GA_CP02.
Users of mod_cluster should upgrade to these updated packages, which
resolve this issue. After installing the updated packages, Red Hat
Enterprise Linux 4 users must restart the httpd22 service, and Red Hat
Enterprise Linux 5 and 6 users must restart the httpd service, for the
update to take effect.
{"id": "RHSA-2012:0035", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2012:0035) Important: mod_cluster-native security update", "description": "mod_cluster-native provides a native build of mod_cluster for the Apache\nHTTP Server (httpd). mod_cluster is an httpd-based load balancer. Like\nmod_jk, it uses a communication channel to forward requests from httpd to\nan application server node.\n\nIt was found that mod_cluster allowed worker nodes to register on any\nvirtual host (vhost), regardless of the security constraints applied to\nother vhosts. In a typical environment, there will be one vhost configured\ninternally for worker nodes, and another configured externally for serving\ncontent. A remote attacker could use this flaw to register an\nattacker-controlled worker node via an external vhost that is not\nconfigured to apply security constraints, then use that worker node to\nserve malicious content, intercept credentials, and hijack user sessions.\n(CVE-2011-4608)\n\nThis update also upgrades mod_cluster to version 1.0.10.GA_CP02.\n\nUsers of mod_cluster should upgrade to these updated packages, which\nresolve this issue. After installing the updated packages, Red Hat\nEnterprise Linux 4 users must restart the httpd22 service, and Red Hat\nEnterprise Linux 5 and 6 users must restart the httpd service, for the\nupdate to take effect.\n", "published": "2012-01-18T05:00:00", "modified": "2018-06-07T02:42:41", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "https://access.redhat.com/errata/RHSA-2012:0035", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2011-4608"], "lastseen": "2019-08-13T18:46:36", "viewCount": 3, "enchantments": {"score": {"value": 5.8, "vector": "NONE", "modified": "2019-08-13T18:46:36", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-4608"]}, {"type": "redhat", "idList": ["RHSA-2012:0037", "RHSA-2012:0039", "RHSA-2012:0038", "RHSA-2012:0036"]}, {"type": "seebug", "idList": ["SSV:30038"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2012-0037.NASL"]}], "modified": "2019-08-13T18:46:36", "rev": 2}, "vulnersScore": 5.8}, "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "arch": "src", "packageName": "mod_cluster-native", "packageVersion": "1.0.10-4.1.1.GA_CP02.ep5.el6", "packageFilename": "mod_cluster-native-1.0.10-4.1.1.GA_CP02.ep5.el6.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "noarch", "packageName": "mod_cluster-demo", "packageVersion": "1.0.10-3.2.GA_CP02.ep5.el6", "packageFilename": "mod_cluster-demo-1.0.10-3.2.GA_CP02.ep5.el6.noarch.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "noarch", "packageName": "mod_cluster-jbossweb2", "packageVersion": "1.0.10-3.1.GA_CP02.ep5.el5", "packageFilename": "mod_cluster-jbossweb2-1.0.10-3.1.GA_CP02.ep5.el5.noarch.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "src", "packageName": "mod_cluster-native", "packageVersion": "1.0.10-4.1.GA_CP02.ep5.el5", "packageFilename": "mod_cluster-native-1.0.10-4.1.GA_CP02.ep5.el5.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "mod_cluster-native", "packageVersion": "1.0.10-4.1.1.GA_CP02.ep5.el6", "packageFilename": "mod_cluster-native-1.0.10-4.1.1.GA_CP02.ep5.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "src", "packageName": "mod_cluster", "packageVersion": "1.0.10-3.2.GA_CP02.ep5.el6", "packageFilename": "mod_cluster-1.0.10-3.2.GA_CP02.ep5.el6.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "noarch", "packageName": "mod_cluster-jbossweb2", "packageVersion": "1.0.10-3.2.GA_CP02.ep5.el6", "packageFilename": "mod_cluster-jbossweb2-1.0.10-3.2.GA_CP02.ep5.el6.noarch.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "src", "packageName": "mod_cluster", "packageVersion": "1.0.10-3.1.GA_CP02.ep5.el5", "packageFilename": "mod_cluster-1.0.10-3.1.GA_CP02.ep5.el5.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i386", "packageName": "mod_cluster-native", "packageVersion": "1.0.10-4.1.GA_CP02.ep5.el5", "packageFilename": "mod_cluster-native-1.0.10-4.1.GA_CP02.ep5.el5.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "noarch", "packageName": "mod_cluster-jbossas", "packageVersion": "1.0.10-3.1.GA_CP02.ep5.el5", "packageFilename": "mod_cluster-jbossas-1.0.10-3.1.GA_CP02.ep5.el5.noarch.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "noarch", "packageName": "mod_cluster-tomcat6", "packageVersion": "1.0.10-3.1.GA_CP02.ep5.el5", "packageFilename": "mod_cluster-tomcat6-1.0.10-3.1.GA_CP02.ep5.el5.noarch.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "noarch", "packageName": "mod_cluster-demo", "packageVersion": "1.0.10-3.1.GA_CP02.ep5.el5", "packageFilename": "mod_cluster-demo-1.0.10-3.1.GA_CP02.ep5.el5.noarch.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i386", "packageName": "mod_cluster-native", "packageVersion": "1.0.10-4.1.1.GA_CP02.ep5.el6", "packageFilename": "mod_cluster-native-1.0.10-4.1.1.GA_CP02.ep5.el6.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "noarch", "packageName": "mod_cluster-tomcat6", "packageVersion": "1.0.10-3.2.GA_CP02.ep5.el6", "packageFilename": "mod_cluster-tomcat6-1.0.10-3.2.GA_CP02.ep5.el6.noarch.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "packageName": "mod_cluster-native", "packageVersion": "1.0.10-4.1.GA_CP02.ep5.el5", "packageFilename": "mod_cluster-native-1.0.10-4.1.GA_CP02.ep5.el5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "noarch", "packageName": "mod_cluster-jbossas", "packageVersion": "1.0.10-3.2.GA_CP02.ep5.el6", "packageFilename": "mod_cluster-jbossas-1.0.10-3.2.GA_CP02.ep5.el6.noarch.rpm", "operator": "lt"}]}
{"cve": [{"lastseen": "2020-10-03T11:39:33", "description": "mod_cluster in JBoss Enterprise Application Platform 5.1.2 for Red Hat Linux allows worker nodes to register with arbitrary virtual hosts, which allows remote attackers to bypass intended access restrictions and provide malicious content, hijack sessions, and steal credentials by registering from an external vhost that does not enforce security constraints.", "edition": 3, "cvss3": {}, "published": "2012-01-27T15:55:00", "title": "CVE-2011-4608", "type": "cve", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4608"], "modified": "2017-08-29T01:30:00", "cpe": ["cpe:/a:redhat:jboss_enterprise_application_platform:5.1.2"], "id": "CVE-2011-4608", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4608", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.1.2:*:*:*:*:*:*:*"]}], "redhat": [{"lastseen": "2019-08-13T18:46:46", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4608"], "description": "mod_cluster-native provides a native build of mod_cluster for the Apache\nHTTP Server (httpd). mod_cluster is an httpd-based load balancer. Like\nmod_jk, it uses a communication channel to forward requests from httpd to\nan application server node.\n\nIt was found that mod_cluster allowed worker nodes to register on any\nvirtual host (vhost), regardless of the security constraints applied to\nother vhosts. In a typical environment, there will be one vhost configured\ninternally for worker nodes, and another configured externally for serving\ncontent. A remote attacker could use this flaw to register an\nattacker-controlled worker node via an external vhost that is not\nconfigured to apply security constraints, then use that worker node to\nserve malicious content, intercept credentials, and hijack user sessions.\n(CVE-2011-4608)\n\nUsers of mod_cluster-native should upgrade to this updated package, which\ncontains a backported patch to resolve this issue. Refer to the Solution\nsection for installation instructions.\n", "modified": "2018-06-07T02:39:14", "published": "2012-01-18T05:00:00", "id": "RHSA-2012:0039", "href": "https://access.redhat.com/errata/RHSA-2012:0039", "type": "redhat", "title": "(RHSA-2012:0039) Important: mod_cluster-native security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:45:18", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4608"], "description": "mod_cluster-native provides a native build of mod_cluster for the Apache\nHTTP Server (httpd). mod_cluster is an httpd-based load balancer. Like\nmod_jk, it uses a communication channel to forward requests from httpd to\nan application server node.\n\nIt was found that mod_cluster allowed worker nodes to register on any\nvirtual host (vhost), regardless of the security constraints applied to\nother vhosts. In a typical environment, there will be one vhost configured\ninternally for worker nodes, and another configured externally for serving\ncontent. A remote attacker could use this flaw to register an\nattacker-controlled worker node via an external vhost that is not\nconfigured to apply security constraints, then use that worker node to\nserve malicious content, intercept credentials, and hijack user sessions.\n(CVE-2011-4608)\n\nUsers of mod_cluster-native should upgrade to this updated package, which\ncontains a backported patch to resolve this issue. Refer to the Solution\nsection for installation instructions.\n", "modified": "2018-06-07T02:37:45", "published": "2012-01-18T05:00:00", "id": "RHSA-2012:0037", "href": "https://access.redhat.com/errata/RHSA-2012:0037", "type": "redhat", "title": "(RHSA-2012:0037) Important: mod_cluster-native security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T14:35:17", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4608"], "description": "Part of the Native components for JBoss Enterprise Application Platform is\nmod_cluster, an Apache HTTP Server (httpd) based load balancer. Like\nmod_jk, it uses a communication channel to forward requests from httpd to\nan application server node.\n\nIt was found that mod_cluster allowed worker nodes to register on any\nvirtual host (vhost), regardless of the security constraints applied to\nother vhosts. In a typical environment, there will be one vhost configured\ninternally for worker nodes, and another configured externally for serving\ncontent. A remote attacker could use this flaw to register an\nattacker-controlled worker node via an external vhost that is not\nconfigured to apply security constraints, then use that worker node to\nserve malicious content, intercept credentials, and hijack user sessions.\n(CVE-2011-4608)\n\nAll users of JBoss Enterprise Application Platform 5.1.2 as provided from\nthe Red Hat Customer Portal are advised to apply this update. Refer to the\nSolution section for installation instructions.", "modified": "2019-02-20T17:33:08", "published": "2012-01-19T00:20:23", "id": "RHSA-2012:0038", "href": "https://access.redhat.com/errata/RHSA-2012:0038", "type": "redhat", "title": "(RHSA-2012:0038) Important: mod_cluster-native security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T14:34:04", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4608"], "description": "The mod_cluster native component provides a native build of mod_cluster for\nthe Apache HTTP Server (httpd). mod_cluster is an httpd-based load\nbalancer. Like mod_jk, it uses a communication channel to forward requests\nfrom httpd to an application server node.\n\nIt was found that mod_cluster allowed worker nodes to register on any\nvirtual host (vhost), regardless of the security constraints applied to\nother vhosts. In a typical environment, there will be one vhost configured\ninternally for worker nodes, and another configured externally for serving\ncontent. A remote attacker could use this flaw to register an\nattacker-controlled worker node via an external vhost that is not\nconfigured to apply security constraints, then use that worker node to\nserve malicious content, intercept credentials, and hijack user sessions.\n(CVE-2011-4608)\n\nThis update also upgrades mod_cluster to version 1.0.10.GA_CP02.\n\nAll users of JBoss Enterprise Web Server 1.0.2 as provided from the Red\nHat Customer Portal are advised to apply this update.", "modified": "2019-02-20T17:34:13", "published": "2012-01-19T00:16:15", "id": "RHSA-2012:0036", "href": "https://access.redhat.com/errata/RHSA-2012:0036", "type": "redhat", "title": "(RHSA-2012:0036) Important: mod_cluster-native security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "seebug": [{"lastseen": "2017-11-19T18:00:51", "description": "Bugtraq ID: 51554\r\nCVE ID\uff1aCVE-2011-4608\r\n\r\nJBOSS\u662f\u4e00\u4e2a\u57fa\u4e8eJ2EE\u7684\u5f00\u653e\u6e90\u4ee3\u7801\u7684\u5e94\u7528\u670d\u52a1\u5668\u3002\r\n\r\nmod_cluster\u5141\u8bb8worker\u8282\u70b9\u5728\u4efb\u610f\u865a\u62df\u4e3b\u673a(vhost)\u4e0a\u6ce8\u518c\uff0c\u800c\u65e0\u89c6\u5e94\u7528\u5728\u5176\u4ed6\u865a\u62df\u4e3b\u673a\u4e0a\u7684\u5b89\u5168\u6027\u9650\u5236\u3002\u5728\u67d0\u4e9b\u73af\u5883\u4e0b\uff0c\u4e00\u4e2avhost\u914d\u7f6e\u4e3a\u5185\u90e8worker\u8282\u70b9\uff0c\u800c\u53e6\u4e00\u4e2a\u914d\u7f6e\u4e3a\u670d\u52a1\u5916\u90e8\u5185\u5bb9\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6b64\u7f3a\u9677\u901a\u8fc7\u6ca1\u6709\u914d\u7f6e\u5e94\u7528\u5b89\u5168\u9650\u5236\u7684\u5916\u90e8\u865a\u62df\u4e3b\u673a\u6ce8\u518c\u4e3a\u653b\u51fb\u8005\u63a7\u5236\u7684worker\u8282\u70b9\uff0c\u7136\u540e\u4f7f\u7528worker\u8282\u70b9\u670d\u52a1\u6076\u610f\u5185\u5bb9\uff0c\u622a\u83b7\u9a8c\u8bc1\u51ed\u636e\uff0c\u52ab\u6301\u7528\u6237\u4f1a\u8bdd\u3002\n0\nRed Hat JBoss Enterprise Web Server for RHEL 6 1.0.2\r\nRed Hat JBoss Enterprise Web Server for RHEL 6 1.0\r\nRed Hat JBoss Enterprise Web Server for RHEL 5 Server 1.0.2\r\nRed Hat JBoss Enterprise Web Server for RHEL 5 Server 1.0\r\nRed Hat JBoss Enterprise Web Server for RHEL 4 ES 1.0.2\r\nRed Hat JBoss Enterprise Web Server for RHEL 4 ES 1.0\r\nRed Hat JBoss Enterprise Web Server for RHEL 4 AS 1.0.2\r\nRed Hat JBoss Enterprise Web Server for RHEL 4 AS 1.0\r\nRed Hat JBoss Enterprise Web Platform for RHEL 6 Server 5\r\nRed Hat JBoss Enterprise Web Platform for RHEL 5 Server 5\r\nRed Hat JBoss Enterprise Web Platform for RHEL 4ES 5\r\nRed Hat JBoss Enterprise Web Platform for RHEL 4AS 5\n\u5382\u5546\u89e3\u51b3\u65b9\u6848\r\n\r\n\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://rhn.redhat.com/errata/RHSA-2012-0040.html\r\nhttps://rhn.redhat.com/errata/RHSA-2012-0035.html\r\nhttps://rhn.redhat.com/errata/RHSA-2012-0036.html\r\nhttps://rhn.redhat.com/errata/RHSA-2012-0037.html\r\nhttps://rhn.redhat.com/errata/RHSA-2012-0038.html\r\nhttps://rhn.redhat.com/errata/RHSA-2012-0039.html", "published": "2012-01-19T00:00:00", "title": "JBoss 'mod_cluster'\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2011-4608"], "modified": "2012-01-19T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-30038", "id": "SSV:30038", "sourceData": "", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": ""}], "nessus": [{"lastseen": "2021-01-17T13:10:16", "description": "An updated mod_cluster-native package that fixes one security issue is\nnow available for JBoss Enterprise Application Platform 5.1.2 for Red\nHat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nmod_cluster-native provides a native build of mod_cluster for the\nApache HTTP Server (httpd). mod_cluster is an httpd-based load\nbalancer. Like mod_jk, it uses a communication channel to forward\nrequests from httpd to an application server node.\n\nIt was found that mod_cluster allowed worker nodes to register on any\nvirtual host (vhost), regardless of the security constraints applied\nto other vhosts. In a typical environment, there will be one vhost\nconfigured internally for worker nodes, and another configured\nexternally for serving content. A remote attacker could use this flaw\nto register an attacker-controlled worker node via an external vhost\nthat is not configured to apply security constraints, then use that\nworker node to serve malicious content, intercept credentials, and\nhijack user sessions. (CVE-2011-4608)\n\nUsers of mod_cluster-native should upgrade to this updated package,\nwhich contains a backported patch to resolve this issue. Refer to the\nSolution section for installation instructions.", "edition": 22, "published": "2013-01-24T00:00:00", "title": "RHEL 5 / 6 : mod_cluster-native (RHSA-2012:0037)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4608"], "modified": "2013-01-24T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:mod_cluster-native", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2012-0037.NASL", "href": "https://www.tenable.com/plugins/nessus/64019", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0037. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64019);\n script_version(\"1.28\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-4608\");\n script_bugtraq_id(51554);\n script_xref(name:\"RHSA\", value:\"2012:0037\");\n script_xref(name:\"IAVB\", value:\"2012-B-0011\");\n\n script_name(english:\"RHEL 5 / 6 : mod_cluster-native (RHSA-2012:0037)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated mod_cluster-native package that fixes one security issue is\nnow available for JBoss Enterprise Application Platform 5.1.2 for Red\nHat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nmod_cluster-native provides a native build of mod_cluster for the\nApache HTTP Server (httpd). mod_cluster is an httpd-based load\nbalancer. Like mod_jk, it uses a communication channel to forward\nrequests from httpd to an application server node.\n\nIt was found that mod_cluster allowed worker nodes to register on any\nvirtual host (vhost), regardless of the security constraints applied\nto other vhosts. In a typical environment, there will be one vhost\nconfigured internally for worker nodes, and another configured\nexternally for serving content. A remote attacker could use this flaw\nto register an attacker-controlled worker node via an external vhost\nthat is not configured to apply security constraints, then use that\nworker node to serve malicious content, intercept credentials, and\nhijack user sessions. (CVE-2011-4608)\n\nUsers of mod_cluster-native should upgrade to this updated package,\nwhich contains a backported patch to resolve this issue. Refer to the\nSolution section for installation instructions.\"\n );\n # http://docs.redhat.com/docs/en-US/index.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/documentation/en-us/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:0037\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4608\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mod_cluster-native package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_cluster-native\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:0037\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"mod_cluster-native-1.0.10-4.1.GA_CP02.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"mod_cluster-native-1.0.10-4.1.GA_CP02.ep5.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"mod_cluster-native-1.0.10-4.1.1.GA_CP02.ep5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"mod_cluster-native-1.0.10-4.1.1.GA_CP02.ep5.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mod_cluster-native\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}
