Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 HTTP:APACHE:HTTPD-ERROR-400

Severity

 Minor

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Apache HTTPD Error Code 400 httpOnly Cookie Handling Information Disclosure

Release Date

 2013/01/24

Update Number

 2228

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: Apache HTTPD Error Code 400 httpOnly Cookie Handling Information Disclosure


This signature detects attempts to exploit a known vulnerability against Apache httpd. A successful attack can lead to unauthorized information disclosure and loss of sensitive information.

Extended Description

Apache HTTP Server is prone to an information-disclosure vulnerability. The issue occurs in the default error response for status code 400. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. The vulnerability affects Apache HTTP Server versions 2.2.0 through 2.2.21.

Affected Products

  • Apache_software_foundation apache 2.2.0
  • Apache_software_foundation apache 2.2.10
  • Apache_software_foundation apache 2.2.11
  • Apache_software_foundation apache 2.2.12
  • Apache_software_foundation apache 2.2.13
  • Apache_software_foundation apache 2.2.14
  • Apache_software_foundation apache 2.2.15
  • Apache_software_foundation apache 2.2.16
  • Apache_software_foundation apache 2.2.17
  • Apache_software_foundation apache 2.2.18
  • Apache_software_foundation apache 2.2.19
  • Apache_software_foundation apache 2.2.2
  • Apache_software_foundation apache 2.2.20
  • Apache_software_foundation apache 2.2.21
  • Apache_software_foundation apache 2.2.3
  • Apache_software_foundation apache 2.2.4
  • Apache_software_foundation apache 2.2.5
  • Apache_software_foundation apache 2.2.6
  • Apache_software_foundation apache 2.2.8
  • Apache_software_foundation apache 2.2.9
  • Avaya aura_application_enablement_services 5.2
  • Avaya aura_application_enablement_services 5.2.1
  • Avaya aura_application_enablement_services 5.2.2
  • Avaya aura_application_enablement_services 5.2.3
  • Avaya aura_application_enablement_services 6.1
  • Avaya aura_application_enablement_services 6.1.1
  • Avaya aura_communication_manager 6.0
  • Avaya aura_communication_manager 6.0.1
  • Avaya aura_communication_manager_utility_services 6.0
  • Avaya aura_communication_manager_utility_services 6.1
  • Avaya aura_communication_manager_utility_services 6.2
  • Avaya aura_experience_portal 6.0
  • Avaya aura_messaging 6.0
  • Avaya aura_messaging 6.0.1
  • Avaya aura_messaging 6.1
  • Avaya aura_session_manager 1.0
  • Avaya aura_session_manager 1.1
  • Avaya aura_session_manager 5.2
  • Avaya aura_session_manager 5.2 SP1
  • Avaya aura_session_manager 5.2 SP2
  • Avaya aura_session_manager 6.0
  • Avaya aura_session_manager 6.0 SP1
  • Avaya aura_session_manager 6.1
  • Avaya aura_session_manager 6.1.1
  • Avaya aura_session_manager 6.1.2
  • Avaya aura_session_manager 6.1.3
  • Avaya aura_session_manager 6.1 Sp1
  • Avaya aura_session_manager 6.1 SP2
  • Avaya ip_office_application_server 6.0
  • Avaya ip_office_application_server 6.1
  • Avaya ip_office_application_server 7.0
  • Avaya ip_office_application_server 8.0
  • Avaya voice_portal 5.0
  • Avaya voice_portal 5.0 SP1
  • Avaya voice_portal 5.0 SP2
  • Avaya voice_portal 5.1
  • Avaya voice_portal 5.1
  • Avaya voice_portal 5.1.1
  • Avaya voice_portal 5.1.2
  • Avaya voice_portal 5.1 SP1
  • Debian linux 6.0 amd64
  • Debian linux 6.0 arm
  • Debian linux 6.0 ia-32
  • Debian linux 6.0 ia-64
  • Debian linux 6.0 mips
  • Debian linux 6.0 powerpc
  • Debian linux 6.0 s/390
  • Debian linux 6.0 sparc
  • Gentoo linux
  • Hp hp-ux B.11.11
  • Hp hp-ux B.11.23
  • Hp hp-ux B.11.31
  • Hp onboard_administrator 3.50
  • Hp onboard_administrator 3.55
  • Hp openview_network_node_manager 7.53 - Hp-Ux
  • Hp openview_network_node_manager 7.53 - Linux
  • Hp openview_network_node_manager 7.53 - Solaris
  • Hp system_management_homepage 6.0
  • Hp system_management_homepage 6.1
  • Hp system_management_homepage 6.2
  • Hp system_management_homepage 6.3
  • Hp system_management_homepage 7.0
  • Hp system_management_homepage 7.1
  • Mandriva enterprise_server 5
  • Mandriva enterprise_server 5 X86 64
  • Mandriva linux_mandrake 2010.1
  • Mandriva linux_mandrake 2010.1 X86 64
  • Mandriva linux_mandrake 2011
  • Mandriva linux_mandrake 2011 x86_64
  • Oracle enterprise_linux 5
  • Oracle enterprise_linux 6
  • Oracle enterprise_linux 6.2
  • Red_hat enterprise_linux 5 Server
  • Red_hat enterprise_linux_desktop 5 Client
  • Red_hat enterprise_linux_desktop 6
  • Red_hat enterprise_linux_desktop_optional 6
  • Red_hat enterprise_linux_desktop_workstation 5 Client
  • Red_hat enterprise_linux_hpc_node 6
  • Red_hat enterprise_linux_hpc_node_optional 6
  • Red_hat enterprise_linux_server 6
  • Red_hat enterprise_linux_workstation 6
  • Red_hat fedora 15
  • Red_hat fedora 16
  • Red_hat jboss_enterprise_web_server_for_rhel_5_server 1.0.0
  • Red_hat jboss_enterprise_web_server_for_rhel_6 1.0.0
  • Slackware linux 12.0
  • Slackware linux 12.1
  • Slackware linux 12.2
  • Slackware linux 13.0
  • Slackware linux 13.0 X86 64
  • Slackware linux 13.1
  • Slackware linux 13.1 X86 64
  • Slackware linux 13.37
  • Slackware linux 13.37 x86_64
  • Slackware linux -Current
  • Slackware linux X86 64 -Current
  • Suse suse_linux_enterprise_sdk 10 SP4
  • Suse suse_linux_enterprise_sdk 11 SP1
  • Suse suse_linux_enterprise_server 10 SP4
  • Suse suse_linux_enterprise_server 11 SP1
  • Suse suse_linux_enterprise_server_for_vmware 11 SP1
  • Ubuntu ubuntu_linux 10.04 Amd64
  • Ubuntu ubuntu_linux 10.04 ARM
  • Ubuntu ubuntu_linux 10.04 I386
  • Ubuntu ubuntu_linux 10.04 Powerpc
  • Ubuntu ubuntu_linux 10.04 Sparc
  • Ubuntu ubuntu_linux 10.10 amd64
  • Ubuntu ubuntu_linux 10.10 ARM
  • Ubuntu ubuntu_linux 10.10 i386
  • Ubuntu ubuntu_linux 10.10 powerpc
  • Ubuntu ubuntu_linux 11.04 amd64
  • Ubuntu ubuntu_linux 11.04 ARM
  • Ubuntu ubuntu_linux 11.04 i386
  • Ubuntu ubuntu_linux 11.04 powerpc
  • Ubuntu ubuntu_linux 11.10 amd64
  • Ubuntu ubuntu_linux 11.10 i386
  • Ubuntu ubuntu_linux 8.04 LTS Amd64
  • Ubuntu ubuntu_linux 8.04 LTS I386
  • Ubuntu ubuntu_linux 8.04 LTS Lpia
  • Ubuntu ubuntu_linux 8.04 LTS Powerpc
  • Ubuntu ubuntu_linux 8.04 LTS Sparc

References

  • BugTraq: 51706
  • CVE: CVE-2012-0053

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out