Heap-based buffer overflow in apache2 (Alpine package)

1) Heap-based buffer overflow

EUVDB-ID: #VU32516

Risk: Medium

CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Green]

CVE-ID: CVE-2014-0226

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in Race condition in the mod_status module in the Apache HTTP Server before 2.4.10. A remote attacker can use a crafted request that triggers improper scoreboard handling within the status_handler function in modules to trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

apache2 (Alpine package): 2.4.4-r0 - 2.4.9-r1

CPE2.3

• cpe:2.3:a:alpine:apache2_alpine_package:2.4.4-r0:*:*:*:*:alpine_linux:*:2.4
• cpe:2.3:a:alpine:apache2_alpine_package:2.4.4-r1:*:*:*:*:alpine_linux:*:2.4
• cpe:2.3:a:alpine:apache2_alpine_package:2.4.6-r0:*:*:*:*:alpine_linux:*:2.4

External links

https://git.alpinelinux.org/aports/commit/?id=4de2cfda9305bfb7c6d4ba3585d8197690d1f63e
https://git.alpinelinux.org/aports/commit/?id=ae6e654f890c70e348839f5d8f8ce8fe4b527861
https://git.alpinelinux.org/aports/commit/?id=ca0e870c60ad78ba2a6ce5eb3b5cc9b4e8ed4844

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.