Guest

Preview Tool

Cisco Bug: CSCut36549 - Cisco PNSC Apache Multiple Security Vulnerabilities

Last Modified

Nov 16, 2017

Products (1)

  • Cisco Intercloud Fabric

Known Affected Releases

3.2(4.0) 7.2(0)ZN(99.190)

Description (partial)

Symptoms:
All Versions of Cisco Prime Network Services Controller prior to the release bundled with Cisco Intercloud
Fabric 2.2.1 are shipping with a version of the Apache Web server that is affected by the following
vulnerabilities:

CVE-2013-5704: The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass
''RequestHeader unset'' directives by placing a header in the trailer portion of data sent with chunked transfer
coding. NOTE: the vendor states ''this is not a security issue in httpd as such.'' This has been classified by
the vendor as having a CVSSv2 score of 5.0 (AV:N/AC:L/AU:N/C:N/I:P/A:N)

CVE-2013-6438: The dav_xml_get_cdata function in main/util.c in the mod_dav module in the Apache HTTP Server
before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers
to cause a denial of service (daemon crash) via a crafted DAV WRITE request. This has been classified by the
vendor as having a CVSSv2 score of 5.0 (AV:N/AC:L/AU:N/C:N/I:N/A:P)

CVE-2014-0098: The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP
Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash)
via a crafted cookie that is not properly handled during truncation. This has been classified by the vendor as
having a CVSSv2 score of 5.0 (AV:N/AC:L/AU:N/C:N/I:N/A:P)

CVE-2014-0118: The deflate_in_filter function in mod_deflate.c in the mod_deflate module in the Apache HTTP
Server before 2.4.10, when request body decompression is enabled, allows remote attackers to cause a denial of
service (resource consumption) via crafted request data that decompresses to a much larger size. This has been
classified by the vendor as having a CVSSv2 score of 4.3 (AV:N/AC:M/AU:N/C:N/I:N/A:P)

CVE-2014-0226: Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote
attackers to cause a denial of service (heap-based buffer overflow), or possibly obtain sensitive credential
information or execute arbitrary code, via a crafted request that triggers improper scoreboard handling within
the status_handler function in modules/generators/mod_status.c and the lua_ap_scoreboard_worker function in
modules/lua/lua_request.c. This has been classified by the vendor as having a CVSSv2 score of 6.8
(AV:N/AC:M/AU:N/C:P/I:P/A:P)

CVE-2014-0231: The mod_cgid module in the Apache HTTP Server before 2.4.10 does not have a timeout mechanism,
which allows remote attackers to cause a denial of service (process hang) via a request to a CGI script that
does not read from its stdin file descriptor. This has been classified by the vendor as having a CVSSv2 score
of 5.0 (AV:N/AC:L/AU:N/C:N/I:N/A:P)

This bug was opened to address the potential impact on this product.

Conditions:
Running version of the software prior to the Known Fixed Releases.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.