SB2022072037 - Multiple vulnerabilities in Oracle HTTP Server

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2022072037

SB2022072037 - Multiple vulnerabilities in Oracle HTTP Server

Published: July 20, 2022 Updated: January 19, 2024

Security Bulletin ID SB2022072037
Severity
High
Patch available
YES
Number of vulnerabilities 5
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

High 20% Medium 60% Low 20%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.


1) Input validation error (CVE-ID: CVE-2019-0220)

The vulnerability allows a remote attacker to bypass certain security restrictions.

The vulnerability exists due to the web server does not merge consecutive slashes in URLs, that can lead to incorrect processing of requests when accessing CGI programs. Such web server behavior may lead to security restrictions bypass.


2) Open redirect (CVE-ID: CVE-2020-1927)

The vulnerability allows a remote attacker to redirect victims to arbitrary URL.

The vulnerability exists due to improper sanitization of user-supplied data in some "mod_rewrite" configurations. A remote attacker can create a link that leads to a trusted website, however, when clicked, redirects the victim to arbitrary domain.

Successful exploitation of this vulnerability may allow a remote attacker to perform a phishing attack and steal potentially sensitive information.


3) Out-of-bounds read (CVE-ID: CVE-2021-35940)

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to a boundary condition in the "apr_time_exp*()" functions. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system or perform a denial of service (DoS) attack.

Note, the vulnerability exists due to a missing patch for #VU9477 (CVE-2017-12613).


4) Improper input validation (CVE-ID: CVE-2020-35169)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The vulnerability exists due to improper input validation. A remote non-authenticated attacker can exploit this vulnerability to read and manipulate data.


5) Use-after-free (CVE-ID: CVE-2019-10082)

The vulnerability allows a remote attacker to perform denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the mod_http2 when handling connection shutdown. A remote attacker can send specially crafted requests to the affected server and make the mod_http2 to read memory that was already freed.



Remediation

Install update from vendor's website.

References