CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
99.5%
Issue Overview:
In Apache HTTP Server with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. (CVE-2019-0211)
A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes (‘/’), directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing will implicitly collapse them.(CVE-2019-0220)
In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in mod_ssl when using per-location client certificate verification with TLSv1.3 allowed a client to bypass configured access control restrictions.(CVE-2019-0215)
A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparison when determining the method of a request and thus process the request incorrectly.(CVE-2019-0196)
A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. Server that never enabled the h2 protocol or that only enabled it for https: and did not set “H2Upgrade on” are unaffected by this issue.(CVE-2019-0197)
A race condition was found in mod_auth_digest when the web server was running in a threaded MPM configuration. It could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions.(CVE-2019-0217)
Affected Packages:
httpd24
Issue Correction:
Run yum update httpd24 to update your system.
New Packages:
i686:
httpd24-debuginfo-2.4.39-1.87.amzn1.i686
mod24_proxy_html-2.4.39-1.87.amzn1.i686
httpd24-2.4.39-1.87.amzn1.i686
httpd24-tools-2.4.39-1.87.amzn1.i686
httpd24-devel-2.4.39-1.87.amzn1.i686
mod24_session-2.4.39-1.87.amzn1.i686
mod24_ldap-2.4.39-1.87.amzn1.i686
mod24_ssl-2.4.39-1.87.amzn1.i686
mod24_md-2.4.39-1.87.amzn1.i686
noarch:
httpd24-manual-2.4.39-1.87.amzn1.noarch
src:
httpd24-2.4.39-1.87.amzn1.src
x86_64:
mod24_session-2.4.39-1.87.amzn1.x86_64
mod24_md-2.4.39-1.87.amzn1.x86_64
mod24_ssl-2.4.39-1.87.amzn1.x86_64
httpd24-tools-2.4.39-1.87.amzn1.x86_64
httpd24-devel-2.4.39-1.87.amzn1.x86_64
httpd24-2.4.39-1.87.amzn1.x86_64
mod24_proxy_html-2.4.39-1.87.amzn1.x86_64
mod24_ldap-2.4.39-1.87.amzn1.x86_64
httpd24-debuginfo-2.4.39-1.87.amzn1.x86_64
Red Hat: CVE-2019-0196, CVE-2019-0197, CVE-2019-0211, CVE-2019-0215, CVE-2019-0217, CVE-2019-0220
Mitre: CVE-2019-0196, CVE-2019-0197, CVE-2019-0211, CVE-2019-0215, CVE-2019-0217, CVE-2019-0220
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Amazon Linux | 1 | i686 | httpd24-debuginfo | < 2.4.39-1.87.amzn1 | httpd24-debuginfo-2.4.39-1.87.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | mod24_proxy_html | < 2.4.39-1.87.amzn1 | mod24_proxy_html-2.4.39-1.87.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | httpd24 | < 2.4.39-1.87.amzn1 | httpd24-2.4.39-1.87.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | httpd24-tools | < 2.4.39-1.87.amzn1 | httpd24-tools-2.4.39-1.87.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | httpd24-devel | < 2.4.39-1.87.amzn1 | httpd24-devel-2.4.39-1.87.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | mod24_session | < 2.4.39-1.87.amzn1 | mod24_session-2.4.39-1.87.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | mod24_ldap | < 2.4.39-1.87.amzn1 | mod24_ldap-2.4.39-1.87.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | mod24_ssl | < 2.4.39-1.87.amzn1 | mod24_ssl-2.4.39-1.87.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | mod24_md | < 2.4.39-1.87.amzn1 | mod24_md-2.4.39-1.87.amzn1.i686.rpm |
Amazon Linux | 1 | noarch | httpd24-manual | < 2.4.39-1.87.amzn1 | httpd24-manual-2.4.39-1.87.amzn1.noarch.rpm |
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
99.5%