Apache HTTP Server 2.4.60 Information Disclosure Vulnerability - Windows

2024-07-0400:00:00

plugins.openvas.org

apache

http server

information disclosure

vulnerability

windows

update

version 2.4.60

source code disclosure

content-type

configuration

AI Score

6.2

Confidence

Low

EPSS

Percentile

16.0%

JSON

Apache HTTP Server is prone to an information disclosure
vulnerability.

# SPDX-FileCopyrightText: 2024 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:apache:http_server";

if (description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.152555");
  script_version("2024-07-05T05:05:40+0000");
  script_tag(name:"last_modification", value:"2024-07-05 05:05:40 +0000 (Fri, 05 Jul 2024)");
  script_tag(name:"creation_date", value:"2024-07-04 08:34:30 +0000 (Thu, 04 Jul 2024)");
  script_tag(name:"cvss_base", value:"5.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");

  script_cve_id("CVE-2024-39884");

  script_tag(name:"qod_type", value:"remote_banner");

  script_tag(name:"solution_type", value:"VendorFix");

  script_name("Apache HTTP Server 2.4.60 Information Disclosure Vulnerability - Windows");

  script_category(ACT_GATHER_INFO);

  script_copyright("Copyright (C) 2024 Greenbone AG");
  script_family("Web Servers");
  script_dependencies("gb_apache_http_server_consolidation.nasl", "os_detection.nasl");
  script_mandatory_keys("apache/http_server/detected", "Host/runs_windows");

  script_tag(name:"summary", value:"Apache HTTP Server is prone to an information disclosure
  vulnerability.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"A regression in the core of Apache HTTP Server ignores some use
  of the legacy content-type based configuration of handlers. 'AddType' and similar configuration,
  under some circumstances where files are requested indirectly, result in source code disclosure
  of local content. For example, PHP scripts may be served instead of interpreted.");

  script_tag(name:"affected", value:"Apache HTTP Server version 2.4.60 only.");

  script_tag(name:"solution", value:"Update to version 2.4.61 or later.");

  script_xref(name:"URL", value:"https://httpd.apache.org/security/vulnerabilities_24.html#2.4.61");

  exit(0);
}

include("host_details.inc");
include("version_func.inc");

if (isnull(port = get_app_port(cpe: CPE)))
  exit(0);

if (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE,
                                          version_regex: "^[0-9]+\.[0-9]+\.[0-9]+"))
  exit(0);

version = infos["version"];
location = infos["location"];

if (version_is_equal(version: version, test_version: "2.4.60")) {
  report = report_fixed_ver(installed_version: version, fixed_version: "2.4.61", install_path: location);
  security_message(port: port, data: report);
  exit(0);
}

exit(99);