CVE-2003-0993
CVSS7.5
发布时间 :2004-03-29 00:00:00
修订时间 :2016-10-17 22:38:56
NMCOPS    

[原文]mod_access in Apache 1.3 before 1.3.30, when running big-endian 64-bit platforms, does not properly parse Allow/Deny rules using IP addresses without a netmask, which could allow remote attackers to bypass intended access restrictions.


[CNNVD]Apache Mod_Access访问控制规则绕过漏洞(CNNVD-200403-135)

        
        mod_access在Apache服务器上的用于访问控制设置,用来为Apache Web服务器提供加密支持。
        mod_access存在一个安全问题,远程攻击者可以利用这个漏洞绕过此模块设置的访问规则。
        当允许或拒绝的规则被指定,而用于规则中的IP地址没有使用子网掩码,受此漏洞影响的模块将匹配规则错误,结果导致绕过访问限制,访问受限资源。
        

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:apache:http_server:1.3.26Apache Software Foundation Apache HTTP Server 1.3.26
cpe:/a:apache:http_server:1.3.27Apache Software Foundation Apache HTTP Server 1.3.27
cpe:/a:apache:http_server:1.3.17Apache Software Foundation Apache HTTP Server 1.3.17
cpe:/a:apache:http_server:1.3.28Apache Software Foundation Apache HTTP Server 1.3.28
cpe:/a:apache:http_server:1.3.18Apache Software Foundation Apache HTTP Server 1.3.18
cpe:/a:apache:http_server:1.3.29Apache Software Foundation Apache HTTP Server 1.3.29
cpe:/a:apache:http_server:1.3.7::dev
cpe:/a:apache:http_server:1.3.11Apache Software Foundation Apache HTTP Server 1.3.11
cpe:/a:apache:http_server:1.3.22Apache Software Foundation Apache HTTP Server 1.3.22
cpe:/a:apache:http_server:1.3.12Apache Software Foundation Apache HTTP Server 1.3.12
cpe:/a:apache:http_server:1.3.23Apache Software Foundation Apache HTTP Server 1.3.23
cpe:/a:apache:http_server:1.3.24Apache Software Foundation Apache HTTP Server 1.3.24
cpe:/a:apache:http_server:1.3.14Apache Software Foundation Apache HTTP Server 1.3.14
cpe:/a:apache:http_server:1.3.25Apache Software Foundation Apache HTTP Server 1.3.25
cpe:/a:apache:http_server:1.3.19Apache Software Foundation Apache HTTP Server 1.3.19
cpe:/a:apache:http_server:1.3.9Apache Software Foundation Apache HTTP Server 1.3.9
cpe:/a:apache:http_server:1.3.6Apache Software Foundation Apache HTTP Server 1.3.6
cpe:/a:apache:http_server:1.3.20Apache Software Foundation Apache HTTP Server 1.3.20
cpe:/a:apache:http_server:1.3.4Apache Software Foundation Apache HTTP Server 1.3.4
cpe:/a:apache:http_server:1.3.3Apache Software Foundation Apache HTTP Server 1.3.3
cpe:/a:apache:http_server:1.3Apache Software Foundation Apache HTTP Server 1.3
cpe:/a:apache:http_server:1.3.1Apache Software Foundation Apache HTTP Server 1.3.1

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:4670Apache Mod_Access Access Control Rule Bypass Vulnerability
oval:org.mitre.oval:def:100111Apache Allow/Deny Parsing Error
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0993
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0993
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200403-135
(官方数据源) CNNVD

- 其它链接及资源

http://frontal2.mandriva.com/security/advisories?name=MDKSA-2004:046
(UNKNOWN)  MANDRAKE  MDKSA-2004:046
http://issues.apache.org/bugzilla/show_bug.cgi?id=23850
(UNKNOWN)  CONFIRM  http://issues.apache.org/bugzilla/show_bug.cgi?id=23850
http://marc.info/?l=apache-cvs&m=107869603013722
(UNKNOWN)  MLIST  [apache-cvs] 20040307 cvs commit: apache-1.3/src/modules/standard mod_access.c
http://marc.info/?l=bugtraq&m=108437852004207&w=2
(UNKNOWN)  BUGTRAQ  20040512 [OpenPKG-SA-2004.021] OpenPKG Security Advisory (apache)
http://security.gentoo.org/glsa/glsa-200405-22.xml
(UNKNOWN)  GENTOO  GLSA-200405-22
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1
(UNKNOWN)  SUNALERT  101555
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1
(UNKNOWN)  SUNALERT  101841
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1
(UNKNOWN)  SUNALERT  57628
http://www.apacheweek.com/features/security-13
(VENDOR_ADVISORY)  CONFIRM  http://www.apacheweek.com/features/security-13
http://www.securityfocus.com/bid/9829
(VENDOR_ADVISORY)  BID  9829
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.529643
(UNKNOWN)  SLACKWARE  SSA:2004-133
http://www.trustix.org/errata/2004/0027
(UNKNOWN)  TRUSTIX  2004-0027
http://xforce.iss.net/xforce/xfdb/15422
(VENDOR_ADVISORY)  XF  apache-modaccess-obtain-information(15422)

- 漏洞信息

Apache Mod_Access访问控制规则绕过漏洞
高危 未知
2004-03-29 00:00:00 2005-05-13 00:00:00
远程※本地  
        
        mod_access在Apache服务器上的用于访问控制设置,用来为Apache Web服务器提供加密支持。
        mod_access存在一个安全问题,远程攻击者可以利用这个漏洞绕过此模块设置的访问规则。
        当允许或拒绝的规则被指定,而用于规则中的IP地址没有使用子网掩码,受此漏洞影响的模块将匹配规则错误,结果导致绕过访问限制,访问受限资源。
        

- 公告与补丁

        厂商补丁:
        Apache Software Foundation
        --------------------------
        Apache CVS版本已经修正此漏洞:
        
        http://cvs.apache.org/viewcvs.cgi/apache-1.3/src/modules/standard/mod_access.c?r1=1.46&r2=1.47

- 漏洞信息 (F33414)

apache_1.3.31.tar.gz (PacketStormID:F33414)
2004-05-25 00:00:00
 
unix
CVE-2003-0987,CVE-2003-0020,CVE-2004-0174,CVE-2003-0993
[点击下载]

Apache is the most popular webserver on the Internet, quite possibly the best in terms of security, functionality, efficiency, and speed.

- 漏洞信息

4181
Apache HTTP Server mod_access IP Address Netmask Rule Bypass
Remote / Network Access Information Disclosure
Loss of Confidentiality
Exploit Unknown

- 漏洞描述

Apache Web Server contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when mod_access is used to restrict access to files and directories and a subnet mask is not specified when setting IP addresses to allow or deny, which may cause the server to incorrectly evaluate the IP address. This flaw may allow an attacker to gain unauthorized access to files and/or directories.

- 时间线

2004-03-08 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 1.3.30 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

- 漏洞信息

Oracle July Security Update Multiple Vulnerabilities
Unknown 14238
Yes Yes
2005-07-12 12:00:00 2009-07-12 04:06:00
Discovery of these issues is credited to Gerhard Eschelbeck of Qualys, Esteban Martínez Fayó of Application Security, Inc., Alexander Kornbrust of Red Database Security, Stephen Kost of Integrigy, David Litchfield of NGSS, Michael Murray of nCircle Netwo

- 受影响的程序版本

Oracle Workflow 11.5.9 .5
Oracle Workflow 11.5.1
Oracle Oracle9i Standard Edition 9.2 .6
Oracle Oracle9i Standard Edition 9.2 .0.5
Oracle Oracle9i Standard Edition 9.0.1 .5
Oracle Oracle9i Standard Edition 9.0.1 .4
Oracle Oracle9i Personal Edition 9.2 .6
Oracle Oracle9i Personal Edition 9.2 .0.5
Oracle Oracle9i Personal Edition 9.0.1 .5
Oracle Oracle9i Personal Edition 9.0.1 .4
Oracle Oracle9i Enterprise Edition 9.2 .6.0
Oracle Oracle9i Enterprise Edition 9.2 .0.5
Oracle Oracle9i Enterprise Edition 9.0.1 .5
Oracle Oracle9i Enterprise Edition 9.0.1 .4
Oracle Oracle9i Application Server 9.0.3 .1
Oracle Oracle9i Application Server 9.0.2 .3
Oracle Oracle9i Application Server 1.0.2 .2
Oracle Oracle8i Standard Edition 8.1.7 .4
Oracle Oracle8i Enterprise Edition 8.1.7 .4.0
Oracle Oracle8 8.0.6 .3
Oracle Oracle8 8.0.6
Oracle Oracle10g Standard Edition 10.1 .0.4
Oracle Oracle10g Standard Edition 10.1 .0.3
Oracle Oracle10g Standard Edition 10.1 .0.2
Oracle Oracle10g Personal Edition 10.1 .0.4
Oracle Oracle10g Personal Edition 10.1 .0.3
Oracle Oracle10g Personal Edition 10.1 .0.2
Oracle Oracle10g Enterprise Edition 10.1 .0.4
Oracle Oracle10g Enterprise Edition 10.1 .0.3
Oracle Oracle10g Enterprise Edition 10.1 .0.2
Oracle Oracle10g Application Server 9.0.4 .1
Oracle Oracle10g Application Server 9.0.4 .0
Oracle JInitiator 1.3.1
Oracle JInitiator 1.1.8
Oracle Forms And Reports 6.0.8 .25
Oracle Forms And Reports 4.5.10 .22
Oracle Express Server 6.3.4 .0
Oracle Enterprise Manager Grid Control 10g 10.1 .3
Oracle Enterprise Manager Grid Control 10g 10.1 .0.2
Oracle Enterprise Manager Database Control 10g 10.1 .0.4
Oracle Enterprise Manager Database Control 10g 10.1 .0.3
Oracle Enterprise Manager Database Control 10g 10.1 .0.2
Oracle Enterprise Manager Application Server Control 9.0.4 .1
Oracle Enterprise Manager Application Server Control 9.0.4 .0
Oracle E-Business Suite 11i 11.5.10
Oracle E-Business Suite 11i 11.5.9
Oracle E-Business Suite 11i 11.5.8
Oracle E-Business Suite 11i 11.5.7
Oracle E-Business Suite 11i 11.5.6
Oracle E-Business Suite 11i 11.5.5
Oracle E-Business Suite 11i 11.5.4
Oracle E-Business Suite 11i 11.5.3
Oracle E-Business Suite 11i 11.5.2
Oracle E-Business Suite 11i 11.5.1
Oracle E-Business Suite 11.0
Oracle Developer Suite 10.1.2
Oracle Developer Suite 9.0.5
Oracle Developer Suite 9.0.4 .1
Oracle Developer Suite 9.0.4
Oracle Developer Suite 9.0.2 .3
Oracle Collaboration Suite Release 2 9.0.4 .2
Oracle Collaboration Suite Release 2 9.0.4 .1
HP HP-UX B.11.23
HP HP-UX B.11.11

- 漏洞讨论

Various Oracle Database Server, Oracle Enterprise Manager, Oracle Application Server, Oracle Collaboration Suite, Oracle E-Business Suite and Applications, Oracle Workflow, Oracle Forms and Reports, Oracle JInitiator, Oracle Developer Suite, and Oracle Express Server are affected by multiple vulnerabilities.

The issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats.

Oracle has released a Critical Patch Update advisory for July 2005 to address these vulnerabilities. This Critical Patch Update addresses the vulnerabilities for supported releases. Earlier, unsupported releases are likely to be affected by the issues as well.

- 漏洞利用

An exploit would not be required for some of these issues such as the SQL injection vulnerabilities. Other issues would likely require exploit code.

---
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

Oracle has released a Critical Patch Update (Critical Patch Update - July 2005) to address these issues. Information regarding obtaining and applying an appropriate patch can be found in the Oracle Critical Patch Update in references.

Pre-installation notes for Oracle Database Server can be found at the following location:
http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=311062.1

Pre-installation notes for Oracle Application Server can be found at the following location:
http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=311038.1

Pre-installation notes for Oracle Collaboration Suite can be found at the following location:
http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=311039.1

Pre-installation notes for Oracle E-Business and Applications can be found at the following location:
http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=311040.1

Pre-installation notes for Oracle Enterprise Manager can be found at the following location:
http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=311061.1

HP has released advisory HPSBMA01211 (SSRT4682 rev.0 - Oracle for Openview (OfO) Critical Patch Update July 2005) to identify vulnerable HP packages and fixes. HP advises users of Oracle for Openview who have support contracts with Oracle to obtain Critical Patch Update - July 2005 from Oracle. Users of Oracle for Openview who have support contracts with HP can contact HP for fixes. Please see the referenced advisory for more information.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站