CVE-2003-0789
CVSS10.0
发布时间 :2003-11-03 00:00:00
修订时间 :2016-10-17 22:37:25
NMCOS    

[原文]mod_cgid in Apache before 2.0.48, when using a threaded MPM, does not properly handle CGI redirect paths, which could cause Apache to send the output of a CGI program to the wrong client.


[CNNVD]Apache Web Server mod_cgid模块CGI数据重定向漏洞(CNNVD-200311-017)

        
        Apache是一款流行的WEB服务程序。
        Apache包含的mod_cgid模块在当使用线程的MPM时存在问题,可导致数据重定向泄露敏感信息或不正确授权访问。
        当线程的MPM使用时,mod_cgid错误处理CGI重定向路径,会导致把CGI输出错误的定向到客户端,数据错误重定向可泄露敏感信息或不正确授权访问。
        

- CVSS (基础分值)

CVSS分值: 10 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0789
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0789
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200311-017
(官方数据源) CNNVD

- 其它链接及资源

http://apache.secsup.org/dist/httpd/Announcement2.html
(VENDOR_ADVISORY)  CONFIRM  http://apache.secsup.org/dist/httpd/Announcement2.html
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000775
(UNKNOWN)  CONECTIVA  CLA-2003:775
http://docs.info.apple.com/article.html?artnum=61798
(UNKNOWN)  CONFIRM  http://docs.info.apple.com/article.html?artnum=61798
http://lists.apple.com/archives/security-announce/2004/Jan/msg00000.html
(UNKNOWN)  APPLE  APPLE-SA-2004-01-26
http://lists.apple.com/mhonarc/security-announce/msg00045.html
(UNKNOWN)  CONFIRM  http://lists.apple.com/mhonarc/security-announce/msg00045.html
http://marc.info/?l=bugtraq&m=106761802305141&w=2
(UNKNOWN)  BUGTRAQ  20031031 GLSA: apache (200310-04)
http://security.gentoo.org/glsa/glsa-200310-04.xml
(UNKNOWN)  GENTOO  200310-04
http://www.ciac.org/ciac/bulletins/o-015.shtml
(UNKNOWN)  CIAC  O-015
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:103
(UNKNOWN)  MANDRAKE  MDKSA-2003:103
http://www.redhat.com/support/errata/RHSA-2003-320.html
(VENDOR_ADVISORY)  REDHAT  RHSA-2003:320
http://www.securityfocus.com/advisories/6079
(UNKNOWN)  HP  HPSBUX0311-301
http://www.securityfocus.com/bid/8926
(UNKNOWN)  BID  8926
http://www.securityfocus.com/bid/9504
(UNKNOWN)  BID  9504
http://xforce.iss.net/xforce/xfdb/13552
(UNKNOWN)  XF  apache-modcgi-info-disclosure(13552)

- 漏洞信息

Apache Web Server mod_cgid模块CGI数据重定向漏洞
危急 未知
2003-11-03 00:00:00 2005-10-20 00:00:00
远程※本地  
        
        Apache是一款流行的WEB服务程序。
        Apache包含的mod_cgid模块在当使用线程的MPM时存在问题,可导致数据重定向泄露敏感信息或不正确授权访问。
        当线程的MPM使用时,mod_cgid错误处理CGI重定向路径,会导致把CGI输出错误的定向到客户端,数据错误重定向可泄露敏感信息或不正确授权访问。
        

- 公告与补丁

        厂商补丁:
        Apache Software Foundation
        --------------------------
        目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
        Apache Software Foundation Upgrade httpd-2.0.48.tar.gz
        
        http://apache.sunsite.ualberta.ca/httpd/httpd-2.0.48.tar.gz

- 漏洞信息

15889
Apache HTTP Server mod_cgid Threaded MPM CGI Output Misdirection
Remote / Network Access
Loss of Integrity Upgrade
Vendor Verified

- 漏洞描述

- 时间线

2003-10-31 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 2.0.48 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Apache Web Server mod_cgid Module CGI Data Redirection Vulnerability
Failure to Handle Exceptional Conditions 8926
Yes No
2003-10-29 12:00:00 2009-07-11 11:56:00
This vulnerability was reported by Apache.

- 受影响的程序版本

Conectiva Linux 9.0
Conectiva Linux 8.0
Conectiva Linux 7.0
Apache Software Foundation Apache 2.0.47
+ Apple Mac OS X Server 10.3.5
+ Apple Mac OS X Server 10.3.4
+ Apple Mac OS X Server 10.3.3
+ Apple Mac OS X Server 10.3.2
+ Apple Mac OS X Server 10.3.1
+ Apple Mac OS X Server 10.3
+ Apple Mac OS X Server 10.2.8
+ Apple Mac OS X Server 10.2.7
+ Apple Mac OS X Server 10.2.6
+ Apple Mac OS X Server 10.2.5
+ Apple Mac OS X Server 10.2.4
+ Apple Mac OS X Server 10.2.3
+ Apple Mac OS X Server 10.2.2
+ Apple Mac OS X Server 10.2.1
+ Apple Mac OS X Server 10.2
+ Apple Mac OS X Server 10.1.5
+ Apple Mac OS X Server 10.1.4
+ Apple Mac OS X Server 10.1.3
+ Apple Mac OS X Server 10.1.2
+ Apple Mac OS X Server 10.1.1
+ Apple Mac OS X Server 10.1
+ Mandriva Linux Mandrake 9.2 amd64
+ Mandriva Linux Mandrake 9.2
+ Mandriva Linux Mandrake 9.1 ppc
+ Mandriva Linux Mandrake 9.1
Apache Software Foundation Apache 2.0.46
+ Red Hat Enterprise Linux AS 3
+ RedHat Desktop 3.0
+ RedHat Enterprise Linux ES 3
+ RedHat Enterprise Linux WS 3
+ Trustix Secure Linux 2.0
Apache Software Foundation Apache 2.0.45
- Apple Mac OS X 10.2.6
- Apple Mac OS X 10.2.5
- Apple Mac OS X 10.2.4
- Apple Mac OS X 10.2.3
- Apple Mac OS X 10.2.2
- Apple Mac OS X 10.2.1
- Apple Mac OS X 10.2
- Apple Mac OS X 10.1.5
- Apple Mac OS X 10.1.4
- Apple Mac OS X 10.1.3
- Apple Mac OS X 10.1.2
- Apple Mac OS X 10.1.1
- Apple Mac OS X 10.1
- Apple Mac OS X 10.1
- Apple Mac OS X 10.0.4
- Apple Mac OS X 10.0.3
- Apple Mac OS X 10.0.2
- Apple Mac OS X 10.0.1
- Apple Mac OS X 10.0
+ Conectiva Linux 9.0
Apache Software Foundation Apache 2.0.44
Apache Software Foundation Apache 2.0.43
Apache Software Foundation Apache 2.0.42
+ Gentoo Linux 1.4 _rc1
+ Gentoo Linux 1.2
Apache Software Foundation Apache 2.0.41
Apache Software Foundation Apache 2.0.40
+ RedHat Linux 9.0 i386
+ RedHat Linux 8.0
+ Terra Soft Solutions Yellow Dog Linux 3.0
Apache Software Foundation Apache 2.0.39
Apache Software Foundation Apache 2.0.38
Apache Software Foundation Apache 2.0.37
Apache Software Foundation Apache 2.0.36
Apache Software Foundation Apache 2.0.35
Apache Software Foundation Apache 2.0.32
Apache Software Foundation Apache 2.0.28
Apache Software Foundation Apache 2.0
Apache Software Foundation Apache 2.0.48
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
+ S.u.S.E. Linux 8.1
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
+ S.u.S.E. Linux Personal 8.2
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0

- 不受影响的程序版本

Apache Software Foundation Apache 2.0.48
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
+ S.u.S.E. Linux 8.1
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
+ S.u.S.E. Linux Personal 8.2
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0

- 漏洞讨论

Apache has reported a vulnerability in the mod_cgid module when the threaded MPM is used. The problem is said to occur due to mishandling of CGI redirect paths. The condition may potentially cause CGI data to inadvertently be sent to the wrong client. Depending on the context of the data being redirected, this could potentially expose sensitive information or incorrectly grant unauthorized access.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

Apache has released version 2.0.48 to address this issue. Users are advised to upgrade as soon as possible.

Conectiva have released an advisory (CLA-2003:775) and fixes to address this issue for Conectiva Linux. Affected users are advised to apply upgrades as soon as possible. Further information regarding obtaining and applying these upgrades is available in the referenced advisory.

Gentoo has released an advisory (200310-04) to address this issue. Affected users are advised to upgrade using the following procedure:
emerge sync
emerge '>=net-www/apache-2.0.48'
emerge clean

Mandrake has released an advisory (MDKSA-2003:103) to address this issue.
Please see the attached advisory for details on obtaining and applying fixes.

Further information regarding the application of this upgrade can be found in the referenced advisory.

Trustix has released security advisory 2003-0041 with fixes to address this issue.

HP has released security advisory HPSBUX0311-301 with fixes to address this issue. Affected users are advised to apply upgrades as soon as possible. Further information regarding obtaining and applying these upgrades is available in the referenced advisory.

Revised HP advisory has been released to address this issue.

Red Hat has released advisory RHSA-2003:320-01 to address this issue.

Apple has released advisory 2004-01-26 to address this issue.


Apache Software Foundation Apache 2.0

Apache Software Foundation Apache 2.0.28

Apache Software Foundation Apache 2.0.32

Apache Software Foundation Apache 2.0.35

Apache Software Foundation Apache 2.0.36

Apache Software Foundation Apache 2.0.37

Apache Software Foundation Apache 2.0.38

Apache Software Foundation Apache 2.0.39

Apache Software Foundation Apache 2.0.40

Apache Software Foundation Apache 2.0.41

Apache Software Foundation Apache 2.0.42

Apache Software Foundation Apache 2.0.43

Apache Software Foundation Apache 2.0.44

Apache Software Foundation Apache 2.0.45

Apache Software Foundation Apache 2.0.46

Apache Software Foundation Apache 2.0.47

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站