Home arrow Apache arrow Page 4 - Common Attacks in Apache

Directory Displayed - Apache

Because Apache is complex, coding errors are possible. Fortunately, Apache is mature enough that this is not a frequent occurrence, and occasionally, overlooked errors are found and fixed. This chapter covers some basics of Apache’s vulnerabilities and recent known security problems. (From Hardening Apache by Tony Mobily, Apress, 2004, ISBN: 1590593782.)

TABLE OF CONTENTS:
  1. Common Attacks in Apache
  2. Types of Attacks
  3. Apache Vulnerabilities: Practical Examples
  4. Directory Displayed
  5. Common Attacks
  6. SSL Buffer Overflow
By: Apress Publishing
Rating: starstarstarstarstar / 14
September 13, 2004

print this article
SEARCH DEV SHED

TOOLS YOU CAN USE

advertisement

CAN-2001-0925: Requests Can Cause Directory Listing to Be Displayed

This vulnerability is listed at http://www.apacheweek.com/features
/security-13
. Detailed information about this problem is documented here: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0925.

Exploiting this problem, an attacker can view the list of files stored in a directory, even if an index.html file is present, if an extraordinary number of slashes (/) are sent to Apache in the requested resource. A request made this way would look like this:

GET ////////////////////////////////////////////// HTTP/1.1

The number of slashes depends on the attacked server.

The attacker can also view the content of any file, if its correct file name is placed where the slashes would have been:

GET ////////////////////////////////////a_file.txt HTTP/1.1

This is an example of a perfectly legal HTTP request that causes problems for Apache (RFC 2396 explains what the syntactic components of a URI are, and of course there is no mention of a limitation on the number of slashes that a URI can have).

The first resource provided by CVE is the Apache announcement:

BUGTRAQ:20010312 FORW: [ANNOUNCE] Apache 1.3.19 Released

It is a link to BUGTRAQ. Using BUGTRAQ’s mail archive at http://www.securityfocus.com/archive/1, you can find the messages posted on March 12, 2001 (from 20010312). Figure 2-1 shows the message: the problem was acknowledged and fixed by the Apache Group. This is enough to prove that a problem actually was there.


Figure 2-1. The message on BUGTRAQ that confirms the problem

  

This chapter is from Hardening Apache, by Tony Mobily. (Apress, 2004, ISBN: 1590593782). Check it out at your favorite bookstore today. Buy this book now.



 
 
>>> More Apache Articles          >>> More By Apress Publishing
 

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort
   

APACHE ARTICLES

- Apache Unveils Cassandra 1.2
- Apache on ARM Chips? Dell and Calxeda Help M...
- The Down Side of Open Source Software
- VMware Unveils Serengeti for Apache Hadoop
- SAP Takes Steps to Improve Hadoop Integration
- Looking to Hone Apache Hadoop Skills?
- How to Install Joomla on WAMPP
- Working with XAMPP and Wordpress
- GUI Available for Apache Camel
- Reduce Server Load for Apache and PHP Websit...
- Creating a VAMP (Vista, Apache, MySQL, PHP) ...
- Putting Apache in Jail
- Containing Intrusions in Apache
- Server Limits for Apache Security
- Setting Permissions in Apache

Developer Shed Affiliates

 


Dev Shed Tutorial Topics: