Intrusion Prevention

HTTP.Server.Authorization.Basic.Remote.Format.String

Description

This indicates an attempt to exploit a Format String vulnerability in Apache server.
The vulnerability is caused by an input validation error in the "auth_ldap_log_reason" function. It allows remote attackers to execute arbitrary code via a maliciously crafted "username".

Affected Products

RedHat Linux 7.3 i386
RedHat Enterprise Linux WS 2.1 IA64
RedHat Enterprise Linux WS 2.1
RedHat Enterprise Linux ES 2.1 IA64
RedHat Enterprise Linux ES 2.1
RedHat Enterprise Linux AS 2.1 IA64
RedHat Enterprise Linux AS 2.1
RedHat Advanced Workstation for the Itanium Processor 2.1 IA64
RedHat Advanced Workstation for the Itanium Processor 2.1
MandrakeSoft Corporate Server 2.1 x86_64
MandrakeSoft Corporate Server 2.1
Debian Linux 3.1 sparc
Debian Linux 3.1 s/390
Debian Linux 3.1 ppc
Debian Linux 3.1 mipsel
Debian Linux 3.1 mips
Debian Linux 3.1 m68k
Debian Linux 3.1 ia-64
Debian Linux 3.1 ia-32
Debian Linux 3.1 hppa
Debian Linux 3.1 arm
Debian Linux 3.1 amd64
Debian Linux 3.1 alpha
Debian Linux 3.1
Debian Linux 3.0 sparc
Debian Linux 3.0 s/390
Debian Linux 3.0 ppc
Debian Linux 3.0 mipsel
Debian Linux 3.0 mips
Debian Linux 3.0 m68k
Debian Linux 3.0 ia-64
Debian Linux 3.0 ia-32
Debian Linux 3.0 hppa
Debian Linux 3.0 arm
Debian Linux 3.0 alpha
Debian Linux 3.0
Dave Carrigan auth_ldap 1.6 .0
Dave Carrigan auth_ldap 1.4 .X
Dave Carrigan auth_ldap 1.3 .X
Dave Carrigan auth_ldap 1.2 .X

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Upgrade to auth_ldap (1.6.1 or later), available from the web site below:
http://www.rudedog.org/auth_ldap/Changes.html

CVE References

CVE-2006-0150