| VID |
210238 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The version of Apache httpd installed on the remote host is prior to 2.4.56. It is, therefore, affected by multiple vulnerabilities as referenced in the 2.4.56 advisory.
- HTTP request splitting with mod_rewrite and mod_proxy: Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack. Configurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-supplied request-target (URL) data and is then re-inserted into the proxied request-target using variable substitution.
For example, something like:
RewriteEngine on RewriteRule ^/here/(.*) http://example.com:8080/elsewhere?$1 http://example.com:8080/elsewhere ; [P] ProxyPassReverse /here/ http://example.com:8080/ http://example.com:8080/ Request splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Acknowledgements (CVE-2023-25690)
- Apache HTTP Server: mod_proxy_uwsgi HTTP response splitting: HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55.
Special characters in the origin response header can truncate/split the response forwarded to the client. (CVE-2023-27522)
* References:
https://httpd.apache.org/security/vulnerabilities_24.html
* Platforms Affected:
Apache HTTP versions 2.4.x prior to 2.4.56
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of Apache HTTP Server (2.4.56 or later), available from the Apache Software Foundation download site, http://httpd.apache.org/download.cgi |
| Related URL |
CVE-2023-25690,CVE-2023-27522 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
