Apache vulnerability 'Apache HTTP Server mod_rewrite' from scan
Originally Published: 2007-04-05
Article Number
Applies To
RSA Registration Manager
Keon Certificate Authority
Apache Webserver
Issue
ISOC detected high vulnerabilities "Apache HTTP Server mod_rewrite Vulnerability" on the web servers.
The Apache HTTP Server mod rewrite vulnerability exists in Apache that may allow for code execution or a denial of service.
Apache is a popular, open source web server application. A vulnerability is present in Apache that may allow remote code execution or a denial of service attack. The flaws reside in the mod_rewrite module through:
1) allowing control of a portion of a rewritten URL, and
2) no flag control is available such as Forbidden, Gone or NoEscape.
The default installation of Apache is not vulnerable as it does not include use of this rewrite module. Recommendation:
The vendor has made updates available for remediation here:
<http://httpd.apache.org/> Sun Microsystems has released patches for affected Solaris 8, 9, and 10 systems. Please refer to the vendor's advisories for more information:
<http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1>
<http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1>
Cause
RSA Certificate Manager (RCM) and RSA Registration Manager (RRM) web servers are compiled with mod_rewrite module. Resolution
apache -l
But the rewrite engine is turned on only for SCEP server. The rule RCM uses is listed below, and as per this rule, the URL http://myserver:446/<jur_id>/pkiclient.exe gets converted to http://myserver:446/pkiclient.exe?id=<jur_id>:
RewriteRule ^/([^/]*)/pkiclient.exe /pkiclient.exe?id=$1 [QSA]
Based on this, RCM and RRM are not susceptible.
Notes
BZ 46551
Related Articles
Security scan shows a possible denial of service vulnerability Number of Views Scan of RSA Certificate Manager 6.7 show vulnerabilities with Apache 1.3.33 Number of Views StandAlone Scan Number of Views KCA Apache web server showing security vulnerability with scan due patch level/version Number of Views What files on a workstation with RSA Authentication Agent 7.4.x for Windows may potentially show as false positive from a … Number of Views
Trending Articles
How a Multi-App Entitlement Collector (MAEDC) resolves entitlement relationships with accounts and groups collected by a M… RSA Governance & Lifecycle 8.0 Patch 10 Release Notes RSA SecurID software token .sdtid file fails to import into RSA SecurID Software Token 5.0 for Windows User Event Monitor Messages for Cloud Access Service (20601 - 38000) How to test RSA Identity Router (IDR) Secure Connector connectivity to the RSA ID Plus Cloud Access Service
Don't see what you're looking for?
