HTTP.Proxy.Get.SSL.URL.Format.String

description-logoDescription

This indicates a possible exploit of format string vulnerability in the mod_proxy hook functions in ssl_engine_log.c in mod_ssl for Apache.
This vulnerability is caused by a failure of the application to properly implement a formatted string function. It may allow a remote attacker to gain control of the execution flow and execute arbitrary code.

affected-products-logoAffected Products

Conectiva: Conectiva Linux 8.0
Debian: Debian Linux 3.0
Gentoo Technologies, Inc.: Gentoo Linux Any version
Hewlett-Packard Company: HP-UX 11.00
Hewlett-Packard Company: HP-UX 11.11
Hewlett-Packard Company: HP-UX 11.20
Hewlett-Packard Company: HP-UX 11.22
MandrakeSoft, Inc.: Mandrake Linux 10.0
MandrakeSoft, Inc.: Mandrake Linux 9.1
MandrakeSoft, Inc.: Mandrake Linux 9.2
MandrakeSoft, Inc.: Mandrake Linux Corporate Server 2.1
MandrakeSoft, Inc.: Mandrake Multi Network Firewall 8.2
OpenPKG Project: OpenPKG 1.3
OpenPKG Project: OpenPKG 2.0
OpenPKG Project: OpenPKG 2.1
OpenPKG Project: OpenPKG CURRENT
Ralf S. Engelschall: mod_ssl 2.x
Red Hat, Inc.: Red Hat Advanced Workstation 2.1
Red Hat, Inc.: Red Hat Enterprise Linux AS 2.1
Red Hat, Inc.: Red Hat Enterprise Linux ES 2.1
Red Hat, Inc.: Red Hat Enterprise Linux WS 2.1
Slackware: Slackware Linux 10.0
Slackware: Slackware Linux 8.1
Slackware: Slackware Linux 9.0
Slackware: Slackware Linux 9.1
Slackware: Slackware Linux current
Various: Any operating system running mod_ssl; Any version with mod_ssl 2.8.18 or earlier

Impact logoImpact

Arbitrary code execution

recomended-action-logoRecommended Actions

Upgrade to the latest version of mod_ssl (2.8.19-1.3.31 or later), available from the mod_ssl Web site.
http://www.modssl.org/

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)