Resource management error in Apache HTTP Server

1) Resource management error

EUVDB-ID: #VU33325

Risk: Low

CVSSv4.0: 2 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2012-0031

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: Yes

Description

The vulnerability allows a local non-authenticated attacker to read and manipulate data.

scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Apache HTTP Server: 2.2.0 - 2.2.21

CPE2.3

• cpe:2.3:a:apache_foundation:apache_http_server:2.2.0:*:*:*:*:*:*:*
• cpe:2.3:a:apache_foundation:apache_http_server:2.2.2:*:*:*:*:*:*:*
• cpe:2.3:a:apache_foundation:apache_http_server:2.2.3:*:*:*:*:*:*:*

External links

https://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041
https://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html
https://lists.opensuse.org/opensuse-security-announce/2012-02/msg00026.html
https://lists.opensuse.org/opensuse-security-announce/2012-03/msg00002.html
https://marc.info/?l=bugtraq&m=133294460209056&w=2
https://marc.info/?l=bugtraq&m=133494237717847&w=2
https://marc.info/?l=bugtraq&m=134987041210674&w=2
https://rhn.redhat.com/errata/RHSA-2012-0128.html
https://rhn.redhat.com/errata/RHSA-2012-0542.html
https://rhn.redhat.com/errata/RHSA-2012-0543.html
https://secunia.com/advisories/47410
https://secunia.com/advisories/48551
https://support.apple.com/kb/HT5501
https://svn.apache.org/viewvc?view=revision&revision=1230065
https://www.debian.org/security/2012/dsa-2405
https://www.halfdog.net/Security/2011/ApacheScoreboardInvalidFreeOnShutdown/
https://www.mandriva.com/security/advisories?name=MDVSA-2012:012
https://www.mandriva.com/security/advisories?name=MDVSA-2013:150
https://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html
https://www.securityfocus.com/bid/51407
https://bugzilla.redhat.com/show_bug.cgi?id=773744
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.