(WEB HOST INDUSTRY REVIEW) — Some serious vulnerabilities have been reported in popular open source web server Apache HTTP Server (httpd.apache.org) that could let an intruder gain access to potentially sensitive information, cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
The root of the problem is a core module of the Apache package, mod_isapi, which implements the Internet Server extension API that lets Apache serve Internet Server extensions (ISAPI .dll modules) for Microsoft Windows based hosts. According to research from Australian IT security and risk management firm Sense of Security (www.senseofsecurity.com.au), a malicious user can trigger a vulnerability in Apache mod_isapi that will unload the target Internet Server API .dll module from memory by sending a specially crafted request followed by a reset packet. Function pointers, however, still remain in memory and are called when published ISAPI functions are referenced, resulting in a dangling pointer vulnerability.
Sense of Security Labs’ Brett Gervasoni has made proof of concept code available for this vulnerability, which writes a text file (sos.txt) to the Apache working directory to demonstrate that code execution is possible. The vulnerabilities seem to be effective in versions 2.2.0, 2.2.2, 2.2.3, 2.2.4, 2.2.5, 2.2.6, 2.2.8, 2.2.9, 2.2.11, 2.2.12, 2.2.13, and 2.2.14. To correct for this problem, administrators need to upgrade to the latest version of Apache HTTP Server — currently 2.2.15.
According to UK-based Internet services firm Netcraft (www.netcraft.com), Apache (in its various forms) is the most popular web server by far, accounting for 54.46 percent of hostnames.
No related posts.
