Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> Web Servers >> mod_gzip format string attack

Vulnerability Assessment Details

mod_gzip format string attack
Vulnerability Assessment Summary
mod_gzip detection

Detailed Explanation for this Vulnerability Assessment

Summary :

The remote web server is prone to a format string attack.

Description :

The remote host is running mod_gzip with debug symbols compiled in.
The debug code includes vulnerabilities that can be exploited by an
attacker to gain a shell on this host.

See also :

http://archives.neohapsis.com/archives/bugtraq/2003-06/0003.html

Solution :

If you do not use this module, disable it completely, or
recompile it without the debug symbols.

Network Security Threat Level:

High / CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2003-2006 Tenable Network Security
Cables, Connectors


Supermicro Server Tower Xeon BOOTS E5-2620 v4 2.10GHz 64GB RAM NO HDD NO OS picture

Supermicro Server Tower Xeon BOOTS E5-2620 v4 2.10GHz 64GB RAM NO HDD NO OS

$199.99


HP ProLiant Xeon E3-1220L V2 16 GB RAM 2.30 GHz MicroServer Gen8 NO DRIVES picture

HP ProLiant Xeon E3-1220L V2 16 GB RAM 2.30 GHz MicroServer Gen8 NO DRIVES

$174.99


HPE PROLIANT MICROSERVER GEN10 PLUS MICRO TOWER SERVER - USED picture

HPE PROLIANT MICROSERVER GEN10 PLUS MICRO TOWER SERVER - USED

$550.00


HP ProLiant HSTNS-5151 Micro Server 8GB RAM No Drives/Key/Caddies *READ* picture

HP ProLiant HSTNS-5151 Micro Server 8GB RAM No Drives/Key/Caddies *READ*

$94.99


HPE Proliant Microserver Gen10 X3421 Perf AMS, P03698-S01, 16GB Ram picture

HPE Proliant Microserver Gen10 X3421 Perf AMS, P03698-S01, 16GB Ram

$299.00


SuperMicro Server 505-2 Intel Atom 2.4GHz 8GB RAM SYS-5018A-FTN4 1U Rackmount picture

SuperMicro Server 505-2 Intel Atom 2.4GHz 8GB RAM SYS-5018A-FTN4 1U Rackmount

$202.49


Supermicro CSE-512 1U Sever Intel G550 2.60GHz 4GB w/ X9SCM Motherboard picture

Supermicro CSE-512 1U Sever Intel G550 2.60GHz 4GB w/ X9SCM Motherboard

$99.98


HP/HPE ProLiant AMD Opteron X3216 APU 16 GB RAM MicroServer Gen 10 NO DRIVES picture

HP/HPE ProLiant AMD Opteron X3216 APU 16 GB RAM MicroServer Gen 10 NO DRIVES

$299.99


1U Supermicro Server 10 Bay 2x Intel Xeon 3.3Ghz 8C 128GB RAM 480GB SSD 2x 10GBE picture

1U Supermicro Server 10 Bay 2x Intel Xeon 3.3Ghz 8C 128GB RAM 480GB SSD 2x 10GBE

$297.00


2U 12 Bay SAS3 SuperMicro Server 6028U-TR4T+ W/ X10DRU-i+ Barebone 12 Caddy RAIL picture

2U 12 Bay SAS3 SuperMicro Server 6028U-TR4T+ W/ X10DRU-i+ Barebone 12 Caddy RAIL

$299.00


Discussions

No Discussions have been posted on this vulnerability.