|
|
Apache Mod_Access_Referer NULL指针废弃拒绝服务攻击漏洞
发布时间:2003-04-16
更新时间:2003-04-16
严重程度:中
威胁程度:远程拒绝服务
错误类型:意外情况处置错误
利用方式:服务器模式
BUGTRAQ ID:7375
受影响系统mod_access_referer mod_access_referer 1.0.2
- Apache Software Foundation Apache 1.3
- Apache Software Foundation Apache 1.3.1
- Apache Software Foundation Apache 1.3.3
- Apache Software Foundation Apache 1.3.4
- Apache Software Foundation Apache 1.3.6
- Apache Software Foundation Apache 1.3.9
- Apache Software Foundation Apache 1.3.11
- Apache Software Foundation Apache 1.3.12
- Apache Software Foundation Apache 1.3.14
- Apache Software Foundation Apache 1.3.17
- Apache Software Foundation Apache 1.3.18
- Apache Software Foundation Apache 1.3.19
- Apache Software Foundation Apache 1.3.20
- Apache Software Foundation Apache 1.3.22
- Apache Software Foundation Apache 1.3.23
- Apache Software Foundation Apache 1.3.24
- Apache Software Foundation Apache 1.3.25
- Apache Software Foundation Apache 1.3.26
- Apache Software Foundation Apache 1.3.27
- Apache Software Foundation Apache 2.0
- Apache Software Foundation Apache 2.0.28
- Apache Software Foundation Apache 2.0.32
- Apache Software Foundation Apache 2.0.35
- Apache Software Foundation Apache 2.0.36
- Apache Software Foundation Apache 2.0.37
- Apache Software Foundation Apache 2.0.38
- Apache Software Foundation Apache 2.0.39
- Apache Software Foundation Apache 2.0.40
- Apache Software Foundation Apache 2.0.41
- Apache Software Foundation Apache 2.0.42
- Apache Software Foundation Apache 2.0.43
- Apache Software Foundation Apache 2.0.44
- Apache Software Foundation Apache 2.0.45 详细描述
mod_access_referer是Apache服务器的一个模块。
这个模块当解析非法HTTP referer头字段时存在问题,如果这个漏洞被出发,就可以触发NULL指针废弃,造成APACHE出现段错误。
测试代码
尚无
解决方案
补丁下载:
http://sourceforge.net/project/showfiles.php?group_id=924&release_id=151905
相关信息
zillion <zillion@safemode.org>.
参考:http://www.securityfocus.com/bid/7375
http://accessreferer.sourceforge.net/
|
