Overview
» IDS/IPS Signatures
Security Sites
Products
White Papers
Data Sheets
Case Studies
Support Login
Locate a Partner
iPolicy Networks Security Advisory
 

Apache SSL ExpandCert Environment Variable Overwrite Vulnerability
Date Discovered: 04/02/2008
Severity: High
Applications Affected: Apache-SSL Apache-SSL 1.3.34 +1.57
Synopsis
Apache-SSL is prone to a remote information disclosure and privilege escalation vulnerability because it fails to adequately validate user supplied input.
Recommended Actions
Update the patches as guided by vendor at :
http://www.securityfocus.com/bid/28576/solution
Threat Analysis
Apache-SSL provides environment variables that are filled with (client) certificate data. If the subject of a client certificate contains special characters, parts of these variables can be overwritten or be filled with other parts of memory.

A remote user can supply a specially crafted client certificate that will trigger a flaw in ExpandCert() and cause Apache-SSL to set the client certificate environment variables incorrectly.

An attacker can exploit this issue to obtain sensitive information or gain control of applications that use environment variables provided by Apache-SSL; this may lead to further attacks.
References

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0555
http://securitytracker.com/alerts/2008/Apr/1019784.html

Write-up by: Aditya Chaturvedi
Security Sites
 
“iPolicy is one of the most visionary firewall vendors in the firewall Magic Quadrant. Its architecture of a central session processing engine and multiple content blades that are able to block based on signatures, rules and so on is the closest to the network security ideal.”
 
Greg Young, John Pescatore
Magic Quadrant for Network Firewalls, 2H04, Gartner
 

 
Home | About Us | Products | Technology | Solutions | Support | Partners | News & Events | Resources | Contact Us
Copyright ©2008 iPolicy Networks - Security Product Division of Tech Mahindra Limited | Privacy Policy | Site Map