This site is deprecated. Please
CLICK HERE for latest updates
Short Name |
HTTP:APACHE:NOSEJOB
|
Severity |
Critical
|
Recommended |
No
|
Recommended Action |
Drop
|
Category |
HTTP
|
Keywords |
Apache-nosejob.c Attempt
|
Release Date |
2003/04/22
|
Update Number |
1213
|
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+
|
HTTP: Apache-nosejob.c Attempt
This signature detects attempts to exploit a known vulnerability in Apache Web servers. Apache improperly calculates required buffer sizes for chunked encoded requests due to a signed interpretation of an unsigned integer value. Attackers can send chunked encoded requests with the unique Host header value "Apache-nosejob.c." in the GET request to create a buffer overflow and execute arbitrary code.
Extended Description
When processing requests coded with the 'Chunked Encoding' mechanism, Apache fails to properly calculate required buffer sizes. This is believed to be due to improper (signed) interpretation of an unsigned integer value. Consequently, several conditions that have security implications may occur. Reportedly, a buffer overrun and signal race condition occur. Exploiting these conditions may allow arbitrary code to run.
**Update**: Reportedly, at least one worm is exploiting this vulnerability to propagate in the wild. The worm targets FreeBSD 4.5 systems running Apache 1.3.22-24 and 1.3.20. Other versions may also be affected.
Affected Products
- Apache_software_foundation apache 1.0.0
- Apache_software_foundation apache 1.0.2
- Apache_software_foundation apache 1.0.3
- Apache_software_foundation apache 1.0.5
- Apache_software_foundation apache 1.1.0
- Apache_software_foundation apache 1.1.1
- Apache_software_foundation apache 1.2.0
- Apache_software_foundation apache 1.2.5
- Apache_software_foundation apache 1.3.0
- Apache_software_foundation apache 1.3.1
- Apache_software_foundation apache 1.3.11
- Apache_software_foundation apache 1.3.12
- Apache_software_foundation apache 1.3.13
- Apache_software_foundation apache 1.3.14
- Apache_software_foundation apache 1.3.14 Mac
- Apache_software_foundation apache 1.3.15
- Apache_software_foundation apache 1.3.16
- Apache_software_foundation apache 1.3.17
- Apache_software_foundation apache 1.3.18
- Apache_software_foundation apache 1.3.19
- Apache_software_foundation apache 1.3.20
- Apache_software_foundation apache 1.3.22
- Apache_software_foundation apache 1.3.23
- Apache_software_foundation apache 1.3.24
- Apache_software_foundation apache 1.3.3
- Apache_software_foundation apache 1.3.4
- Apache_software_foundation apache 1.3.9
- Apache_software_foundation apache 2.0.0
- Apache_software_foundation apache 2.0.28
- Apache_software_foundation apache 2.0.32
- Apache_software_foundation apache 2.0.35
- Apache_software_foundation apache 2.0.36
- Apache_software_foundation apache 2.0.37
- Apache_software_foundation apache 2.0.38
- Hp compaq_secure_web_server_for_openvms 1.0.0 -1
- Hp compaq_secure_web_server_for_openvms 1.1.0 -1
- Hp compaq_secure_web_server_for_openvms 1.2.0
- Hp hp-ux 11.0.0
- Hp hp-ux 11.0.0 4
- Hp hp-ux 11.11.0
- Hp hp-ux 11.20.0
- Hp hp-ux 11.22.0
- Hp hp-ux_(vvos) 11.0.0 4
- Hp internet_express_eak 2.0.0
- Hp openview_network_node_manager 6.1.0
- Hp openview_network_node_manager 6.10.0
- Hp openview_network_node_manager 6.2.0
- Hp openview_network_node_manager 6.31.0
- Hp openview_service_information_portal 1.0.0
- Hp openview_service_information_portal 2.0.0
- Hp openview_service_information_portal 3.0.0
- Hp tru64_unix_compaq_secure_web_server 5.8.1
- Hp tru64_unix_compaq_secure_web_server 5.8.2
- Hp tru64_unix_internet_express 5.9.0
- Hp virtualvault 4.5.0
- Hp virtualvault 4.6.0
- Ibm http_server 1.3.19
- Macromedia coldfusion_server MX Developer
- Macromedia coldfusion_server MX Enterprise
- Macromedia coldfusion_server MX Professional
- Macromedia jrun 4.0.0
- Oracle oracle_http_server 1.0.2 .0
- Oracle oracle_http_server 1.0.2 .1
- Oracle oracle_http_server 1.0.2 .2
- Oracle oracle_http_server 1.0.2 .2 Roll up 2
- Oracle oracle_http_server 8.1.7
- Oracle oracle_http_server 9.0.1
- Oracle oracle_http_server 9.0.2
- Oracle oracle_http_server 9.1.0
- Oracle oracle_http_server 9.2.0 .0
- Oracle oracle_http_server_for_apps_only 1.0.2 .1s
- Red_hat secure_web_server 3.2.0 i386
References