| VID |
22192 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The mod_ntlm, a NTLM authentication module in the Apache web server is vulnerable to multiple vulnerabilities.
mod_ntlm is an Apache module (originally designed for Apache 1.3, now available for Apache 2.0) that provides the ability for Apache services to authenticate users via the NTLM authentication technology that is largely specific to Microsoft IIS. The module has been found to contain a pair of remotely exploitable vulnerabilities that would allow attacker to cause the server to execute arbitrary code.
The first vulnerability is a heap overflow -- if any user-supplied input is greater than 2048 characters, memory management structures are overwritten, and arbitrary code execution is possible. Secondly, a format string. By passing malicious format specifiers in a request, it may be possibile for an attacker to corrupt sensitive locations in memory. This may result in a denial of service or under certain circumstances could allow a remote attacker to execute arbitrary code.
* References:
http://www.securiteam.com/unixfocus/5OP0L0A9QC.html
http://sourceforge.net/tracker/index.php?func=detail&aid=723468&group_id=4906&atid=104906
http://www.securityfocus.com/archive/1/319239
* Platforms Affected:
mod_ntlm v0.4 and prior for Apache 1.3
mod_ntlmv2 v0.1 for Apache 2.0 |
| Recommendation |
No remedy available as of June 2014. Disable NTLM authentication until a patch or an upgrade is released. |
| Related URL |
(CVE) |
| Related URL |
7393,7388 (SecurityFocus) |
| Related URL |
(ISS) |
|
