CVE-2020-35452

EUVD-2020-23126
Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.3 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 93%
Affected Products (NVD)
VendorProductVersion
apachehttp_server
2.4.0 ≤
𝑥
≤ 2.4.46
debiandebian_linux
9.0
debiandebian_linux
10.0
oracleenterprise_manager_ops_center
12.4.0.0
oracleinstantis_enterprisetrack
17.1
oracleinstantis_enterprisetrack
17.2
oracleinstantis_enterprisetrack
17.3
oraclezfs_storage_appliance_kit
8.8
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
apache2
bookworm
2.4.62-1~deb12u1
fixed
bookworm (security)
2.4.62-1~deb12u2
fixed
bullseye
2.4.62-1~deb11u1
fixed
bullseye (security)
2.4.62-1~deb11u2
fixed
sid
2.4.62-3
fixed
trixie
2.4.62-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
apache2
bionic
Fixed 2.4.29-1ubuntu4.16
released
focal
Fixed 2.4.41-4ubuntu3.3
released
groovy
Fixed 2.4.46-1ubuntu1.2
released
hirsute
Fixed 2.4.46-4ubuntu1.1
released
impish
Fixed 2.4.46-4ubuntu2
released
jammy
Fixed 2.4.46-4ubuntu2
released
trusty
Fixed 2.4.7-1ubuntu4.22+esm1
released
xenial
Fixed 2.4.18-2ubuntu3.17+esm1
released
Common Weakness Enumeration
References
http://httpd.apache.org/security/vulnerabilities_24.html
http://www.openwall.com/lists/oss-security/2021/06/10/5
https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E
https://lists.apache.org/thread.html/rccb1b8225583a48c6360edc7a93cc97ae8b0215791e455dc607e7602%40%3Cannounce.httpd.apache.org%3E
https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/
https://security.gentoo.org/glsa/202107-38
https://security.netapp.com/advisory/ntap-20210702-0001/
https://www.debian.org/security/2021/dsa-4937
https://www.oracle.com/security-alerts/cpuoct2021.html
http://httpd.apache.org/security/vulnerabilities_24.html
http://www.openwall.com/lists/oss-security/2021/06/10/5
https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E
https://lists.apache.org/thread.html/rccb1b8225583a48c6360edc7a93cc97ae8b0215791e455dc607e7602%40%3Cannounce.httpd.apache.org%3E
https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/
https://security.gentoo.org/glsa/202107-38
https://security.netapp.com/advisory/ntap-20210702-0001/
https://www.debian.org/security/2021/dsa-4937
https://www.oracle.com/security-alerts/cpuoct2021.html