{"id":2767,"date":"2024-07-25T10:31:14","date_gmt":"2024-07-25T10:31:14","guid":{"rendered":"https:\/\/certera.com\/blog\/?p=2767"},"modified":"2024-07-25T10:31:17","modified_gmt":"2024-07-25T10:31:17","slug":"serious-vulnerabilities-in-the-apache-http-server-exploit-millions-of-websites","status":"publish","type":"post","link":"https:\/\/certera.com\/blog\/serious-vulnerabilities-in-the-apache-http-server-exploit-millions-of-websites\/","title":{"rendered":"Serious Vulnerabilities in Apache HTTP Server Allow Cybercriminals Exploit Millions of Sites"},"content":{"rendered":"\n

The Apache Software Foundation has made public several critical vulnerabilities in the Apache HTTP Server that could have a devastating impact, leaving millions of websites vulnerable to hacking attempts.<\/strong><\/p>\n\n\n\n

Apache HTTP Server web server – A popular choice for millions of websites worldwide. The risks caused by these vulnerabilities are considerable since Apache HTTP Server is widely used in various businesses, including e-commerce, banking, and government.<\/p>\n\n\n\n

Essential Specifications of the Vulnerabilities<\/h2>\n\n\n\n

Different versions of the Apache HTTP Server are impacted by these vulnerabilities, which can be identified by their Common Vulnerabilities and Exposures (CVE)<\/a> numbers. They could lead to severe outcomes such as denial of service (DoS), exposure of source code, and server-side request forgery (SSRF).<\/p>\n\n\n\n

Moreover, these security flaws are particularly concerning as they could expose numerous websites to ransomware, service outages, data leaks, unauthorized access to confidential data, and other cyberattacks.<\/p>\n\n\n\n

Comprehensive Vulnerability Information<\/h2>\n\n\n\n

CVE-2024-40898<\/h3>\n\n\n\n

Summary:<\/strong> Using mod_rewrite in the server\/vhost context, Apache HTTP Server on Windows has a Server-Side Request Forgery (SSRF) vulnerability.<\/p>\n\n\n\n

Effect: <\/strong>Could send NTLM hashes to a malicious server through manipulated requests and SSRF attacks.<\/p>\n\n\n\n

CVE-2024-39884<\/h3>\n\n\n\n

Summary:<\/strong> An Apache HTTP Server 2.4.60 regression ignored specific applications of outdated content-type-based handler configurations.0<\/p>\n\n\n\n

Effect:<\/strong> If files are indirectly requested, this can result in the disclosure of local source code.<\/p>\n\n\n\n

CVE-2024-40725<\/h3>\n\n\n\n

Summary:<\/strong> In Apache HTTP Server 2.4.61, a partial solution for CVE-2024-39884 disregarded specific applications of outdated content-type-based handler configurations.<\/p>\n\n\n\n

Effect:<\/strong> Configurations such as “AddType” might result in disclosing local source code when files are accessed indirectly in specific scenarios.<\/p>\n\n\n\n

CVE-2024-38472<\/h3>\n\n\n\n

Summary:<\/strong> Windows computers are vulnerable to Server-Side Request Forgery (SSRF).<\/p>\n\n\n\n

Effect: <\/strong>Sensitive NTLM hashes could be exposed.<\/p>\n\n\n\n

CVE-2024-36387<\/h3>\n\n\n\n

Summary:<\/strong> Using HTTP\/2 to serve WebSocket protocol improvements.<\/p>\n\n\n\n

Effect:<\/strong> A Null Pointer dereference could come from this, which would crash the service and reduce performance.<\/p>\n\n\n\n

CVE-2024-38474<\/h3>\n\n\n\n

Summary:<\/strong> A bug related to substitution encoding in mod_rewrite for Apache HTTP Server versions 2.4.59 and earlier.<\/p>\n\n\n\n

Effect: <\/strong>Enables scripts intended for CGI execution to be disclosed.<\/p>\n\n\n\n

CVE-2024-38477<\/h3>\n\n\n\n

Summary:<\/strong> In Apache HTTP Server version 2.4.59,  mod_proxy contains a null pointer dereference.<\/p>\n\n\n\n

Effect: <\/strong>Permits the server to be crashed by an attacker using a malicious request.<\/p>\n\n\n\n

CVE-2024-24795<\/h3>\n\n\n\n

Summary:<\/strong> Apache HTTP Server’s HTTP Response splitting among several modules<\/p>\n\n\n\n

Effect: <\/strong>This allows for the potential for HTTP desynchronization attacks by allowing attackers to insert malicious response headers into backend apps.<\/p>\n\n\n\n

CVE-2023-25690<\/h3>\n\n\n\n

Summary<\/strong>: Some configurations of mod_proxy on Apache HTTP Server 2.4.0 through 2.4.55 cause HTTP Request Splitting.<\/p>\n\n\n\n

Effect:<\/strong> Cache poisoning and access control bypass are possible because of this HTTP Request Smuggling attack.<\/p>\n\n\n\n

CVE-2022-29404<\/h3>\n\n\n\n

Summary:<\/strong> A malicious request to a lua script that calls r:parsebody(0) in Apache HTTP Server 2.4.53 and earlier.<\/p>\n\n\n\n

Effect:<\/strong> this may result in a denial of service since there is no default restriction on the input size that can be sent.<\/p>\n\n\n\n

CVE-2022-26377<\/h3>\n\n\n\n

Summary:<\/strong> An HTTP Request Smuggling Vulnerability in Apache HTTP Server’s mod_proxy_ajp<\/p>\n\n\n\n

Effect:<\/strong> Permits requests to be smuggled to the AJP server to which it sends requests.<\/p>\n\n\n\n

Possible Repercussions of Critical Vulnerabilities in the Apache HTTP Server<\/h2>\n\n\n\n