Allele Security Alert
ASA-2019-00517
Identifier(s)
ASA-2019-00517, CVE-2019-10097
Title
Stack buffer overflow and NULL pointer dereference in mod_remoteip
Vendor(s)
The Apache Software Foundation
Product(s)
Apache HTTP Server
Affected version(s)
Apache HTTP Server versions 2.4.32 to 2.4.39
Fixed version(s)
Apache HTTP Server version 2.4.41
Proof of concept
Unknown
Description
When mod_remoteip was configured to use a trusted intermediary proxy server using the “PROXY” protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted proxy and not by untrusted HTTP clients.
Technical details
Unknown
Credits
Daniel McCarney (Let’s Encrypt / Internet Security Research Group (ISRG))
Reference(s)
httpd 2.4 vulnerabilities – The Apache HTTP Server Project
https://httpd.apache.org/security/vulnerabilities_24.html
CVE-2019-10097: mod_remoteip stack buffer overflow and NULL pointer dereference
https://seclists.org/oss-sec/2019/q3/140
Apache HTTP Server 2.4.41 Released
https://www.apache.org/dist/httpd/Announcement2.4.html
CVE-2019-10097
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10097
CVE-2019-10097
https://nvd.nist.gov/vuln/detail/CVE-2019-10097
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: August 21, 2019