OSVDB ID: 9742 Title: Apache HTTP Server mod_ssl char_buffer_read Function Reverse Proxy DoS |
Info |
|
|
Dates |
||||
|
|
Description |
Apache contains a flaw that may allow a remote denial of service. The issue is triggered when a remote attacker aborts an SSL connection in a particular state causing an infinite loop to occur. The flaw occurs in ssl_engine_io.c when using a RewriteRule to do reverse proxying to an SSL server. |
Classification |
Location:
Remote/Network Access Required
Attack Type: Denial of Service Impact: Loss of Availability Exploit: Exploit Available Disclosure: OSVDB Verified |
Solution |
Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround: 1. Disable mod_ssl in your Apache configuration file. 2. If your running one of the Redhat Enterprise Operating Systems, you can apply an appropriate RPM from: RHSA link above. 3. There's a workaround available from CVS. It has not been tested and should be considered unstable: --- httpd-2.0/modules/ssl/ssl_engine_io.c 2004/07/13 18:11:22 1.124 +++ httpd-2.0/modules/ssl/ssl_engine_io.c 2004/08/11 13:19:24 1.125 @@ -589,6 +589,10 @@ while (1) { if (!inctx->filter_ctx->pssl) { + /* Ensure a non-zero error code is returned */ + if (inctx->rc == APR_SUCCESS) { + inctx->rc = APR_EGENERAL; + } break; } |
Products |
|
References |
|
Credit |
|
rsasecurity.com -