ID CVE-2007-1862
Summary The recall_headers function in mod_mem_cache in Apache 2.2.4 does not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously used data, which could be used by remote attackers to obtain potentially sensitive information.
References
Vulnerable Configurations
  • Apache Software Foundation Apache HTTP Server 2.2.4
    cpe:2.3:a:apache:http_server:2.2.4
CVSS
Base: 5.0 (as of 06-06-2007 - 09:09)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
nessus via4
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2007-127.NASL
    description The recall_headers function in mod_mem_cache in Apache 2.2.4 does not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously-used data, which could be used to obtain potentially sensitive information by unauthorized users. Updated packages have been patched to prevent this issue.
    last seen 2019-01-16
    modified 2018-07-19
    plugin id 38078
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=38078
    title Mandrake Linux Security Advisory : apache (MDKSA-2007:127)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200711-06.NASL
    description The remote host is affected by the vulnerability described in GLSA-200711-06 (Apache: Multiple vulnerabilities) Multiple cross-site scripting vulnerabilities have been discovered in mod_status and mod_autoindex (CVE-2006-5752, CVE-2007-4465). An error has been discovered in the recall_headers() function in mod_mem_cache (CVE-2007-1862). The mod_cache module does not properly sanitize requests before processing them (CVE-2007-1863). The Prefork module does not properly check PID values before sending signals (CVE-2007-3304). The mod_proxy module does not correctly check headers before processing them (CVE-2007-3847). Impact : A remote attacker could exploit one of these vulnerabilities to inject arbitrary script or HTML content, obtain sensitive information or cause a Denial of Service. Workaround : There is no known workaround at this time.
    last seen 2019-01-16
    modified 2018-07-11
    plugin id 27823
    published 2007-11-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27823
    title GLSA-200711-06 : Apache: Multiple vulnerabilities
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2007-0704.NASL
    description The Apache HTTP Server did not verify that a process was an Apache child process before sending it signals. A local attacker with the ability to run scripts on the Apache HTTP Server could manipulate the scoreboard and cause arbitrary processes to be terminated which could lead to a denial of service (CVE-2007-3304). This issue is not exploitable on Fedora if using the default SELinux targeted policy. A flaw was found in the Apache HTTP Server mod_status module. On sites where the server-status page is publicly accessible and ExtendedStatus is enabled this could lead to a cross-site scripting attack. On Fedora the server-status page is not enabled by default and it is best practice to not make this publicly available. (CVE-2006-5752) A bug was found in the Apache HTTP Server mod_cache module. On sites where caching is enabled, a remote attacker could send a carefully crafted request that would cause the Apache child process handling that request to crash. This could lead to a denial of service if using a threaded Multi-Processing Module. (CVE-2007-1863) A bug was found in the mod_mem_cache module. On sites where caching is enabled using this module, an information leak could occur which revealed portions of sensitive memory to remote users. (CVE-2007-1862) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2015-10-21
    plugin id 27675
    published 2007-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27675
    title Fedora 7 : httpd-2.2.4-4.1.fc7 (2007-0704)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2007-2214.NASL
    description This update includes the latest stable release of the Apache HTTP Server. A flaw was found in the Apache HTTP Server mod_proxy module. On sites where a reverse proxy is configured, a remote attacker could send a carefully crafted request that would cause the Apache child process handling that request to crash. On sites where a forward proxy is configured, an attacker could cause a similar crash if a user could be persuaded to visit a malicious site using the proxy. This could lead to a denial of service if using a threaded Multi-Processing Module. (CVE-2007-3847) A flaw was found in the mod_autoindex module. On sites where directory listings are used, and the AddDefaultCharset directive has been removed from the configuration, a cross-site-scripting attack may be possible against browsers which do not correctly derive the response character set following the rules in RFC 2616. (CVE-2007-4465) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2015-10-21
    plugin id 27758
    published 2007-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27758
    title Fedora 7 : httpd-2.2.6-1.fc7 (2007-2214)
  • NASL family Web Servers
    NASL id APACHE_2_2_6.NASL
    description According to its banner, the version of Apache 2.2.x running on the remote host is prior to 2.2.6. It is, therefore, affected by the following vulnerabilities : - A denial of service vulnerability in mod_proxy. - A cross-site scripting vulnerability in mod_status. - A local denial of service vulnerability associated with the Prefork MPM module. - An information leak in mod_cache. - A denial of service vulnerability in mod_cache. In addition, it offers a workaround for a cross-site scripting issue in mod_autoindex. Note that the remote web server may not actually be affected by these vulnerabilities. Nessus did not try to determine whether any of the affected modules are in use on the remote server or to check for the issues themselves.
    last seen 2019-01-16
    modified 2018-06-29
    plugin id 26023
    published 2007-09-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=26023
    title Apache 2.2.x < 2.2.6 Multiple Vulnerabilities (DoS, XSS, Info Disc)
refmap via4
bid 24553
confirm
fedora FEDORA-2007-2214
gentoo GLSA-200711-06
mandriva
  • MDKSA-2007:127
  • MDVSA-2013:150
osvdb 38641
secunia
  • 26273
  • 26842
  • 27563
vupen
  • ADV-2007-2231
  • ADV-2007-2727
statements via4
  • contributor Mark J Cox
    lastmodified 2008-07-02
    organization Apache
    statement Fixed in Apache HTTP Server 2.2.6. http://httpd.apache.org/security/vulnerabilities_22.html
  • contributor Mark J Cox
    lastmodified 2007-06-11
    organization Red Hat
    statement Not vulnerable. This issue was specific to httpd version 2.2.4 and did not affect the versions of httpd as shipped with Red Hat Enterprise Linux 2.1, 3, 4 or 5.
Last major update 10-10-2013 - 22:33
Published 04-06-2007 - 19:30
Back to Top