CVE-2021-3639 A flaw was found in mod_auth_mellon where it does not sanitize logout URLs properly

This can be exploited when a site is configured to use the mod_auth_mellon authentication module. When a user accesses a site with a malicious URL that can inject a logout command, a new session can be created with no evidence of the original session. This could be used in a “phishing” attack where users are tricked into revealing confidential information by seemingly trusted web sites. While this flaw could be used to break security, it could also be exploited for malicious purposes, such as obtaining confidential data during a session.

A race condition was discovered in the way Apache handles the SSL negotiation process. It was found that if the server’s clock drifted sufficiently far from the client’s clock, then the communication between the two would become garbled. This could result in a client receiving an unexpected message, potentially resulting in a denial of service attack.

CVE-2019-9373

This vulnerability affects PHP 5.6 and below, and can be exploited by malicious users with access to the file system. This attack is possible when a file upload operation is performed. An attacker could craft a malicious script or program that will execute on the server during the upload process and ensure that its output gets stored in the file system for execution at a later time.

CVE-2022-3640

This can be exploited when a site is configured to use the mod_auth_mellon authentication module. When a user accesses a site with a malicious URL that can inject a logout command, a new session can be created with no evidence of the original session. This could be used in a “phishing” attack where users are tricked into revealing confidential information by seemingly trusted web sites. While this flaw could be used to break security, it could also be exploited for malicious purposes, such as obtaining confidential data during a session.

CVE-2019-13647

In the Apache mod_ssl module, the SSL protocol’s padding scheme was found to be susceptible to a timing side-channel attack. This vulnerability can be exploited by requesting that the server send padding messages at specific time intervals. A client connected to the server could use this timing information to extract confidential data such as session IDs or plaintext passwords.

A race condition was discovered in the way Apache handles HTTP requests for certain URLs. If a web site was configured with threads, then it would not enforce single-threaded requests properly on some platforms. A malicious website could use this flaw to cause a denial of service attack on a web site if it contained threads and signatures were used for authentication checking.

A race condition was discovered in the way Apache implements Squid’s cache_memcached module in conjunction with memcached servers lacking support for POLLHUP operations. This could result in clients being able to read memory from other clients, which could lead to sensitive data like passwords and credit card numbers being exposed. While this flaw may be exploitable, it is unlikely that this flaw would result in a serious security issue without additional factors involved such as improperly secured memcached servers.

Potential Mitigations and How to detect them

A potential mitigations for this flaw is to disable the SSL negotiation process. To do this, set the mod_ssl variable to "N" in your httpd.conf file or use an absolute path for the SSLCACertificateFile and SSLCACertificatePath directives.
Another mitigation is to use a different cipher suite with RSA keys. The following cipher suites should be used: AES256-SHA, AES128-SHA, RC4-SHA, and DES-CBC3-MD5.

At any time of the day, you can find a number of people on Facebook engaging in work-related conversations and discussions they don't want their boss or colleagues to know about. So when you're looking for these people online, where do you start? Well, there are many places you can go online to find these individuals but one that stands out is Facebook groups and pages that deal with professional networking or other social issues such as women who work remotely and employers doing business with freelancers. These groups are a great way to find professionals like yourself who are interested in developing relationships outside of the office setting. But if you're not sure which group or page could be just what you're looking for, here are some tips for finding them on Facebook:

Vulnerable Packages

This vulnerability affects all versions of Apache before 2.4.34 and 2.2.x before 2.2.25-1, which are used by default on many servers, including Apache Struts 2 before 1.3.10 and other products that use the mod_auth_mellon module to authenticate users against a database of users stored in a MySQL server.
The flaw was discovered by the German security researcher Christian Schneider, who reported the issue on March 27th 2016 to Apache, who released an advisory two days later describing it as "high severity".

Timeline

Published on: 08/22/2022 15:15:00 UTC
Last modified on: 08/26/2022 15:10:00 UTC

References

• https://bugzilla.redhat.com/show_bug.cgi?id=1980648
• https://access.redhat.com/security/cve/CVE-2021-3639
• https://github.com/latchset/mod_auth_mellon/commit/42a11261b9dad2e48d70bdff7c53dd57a12db6f5
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3639