製品・ソフトウェアに関する情報

JVN脆弱性詳細

Apache HTTP Server の 413 エラーメッセージにおける HTTP メソッドを適切に検査しない問題

Title	Apache HTTP Server の 413 エラーメッセージにおける HTTP メソッドを適切に検査しない問題
Summary	Apache HTTP Server は、413 エラーページを返す際、HTTP リクエストからの HTTP メソッドを適切に検査しない問題があります。
Possible impacts	ウェブクライアントコンポーネントを使用して、リクエスト中に任意のヘッダを送信され、クロスサイトスクリプティングの攻撃に利用される可能性があります。なお、本問題を利用してクロスサイトスクリプティングの攻撃をするには、攻撃者がユーザに悪意ある HTTP メソッドを送信させることが前提条件と報告されています。
Solution	ベンダより対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	Dec. 3, 2007, midnight
Registration Date	Dec. 20, 2007, 3:51 p.m.
Last Update	Dec. 20, 2010, 3:38 p.m.

CVSS2.0 : 警告
Score	4.3
Vector	AV:N/AC:M/Au:N/C:N/I:P/A:N

Affected System

ヒューレット・パッカード

HP-UX 11.11

HP-UX 11.23

HP-UX 11.31

Apache Software Foundation

Apache HTTP Server 2.0.62 およびそれ以前

Apache HTTP Server 2.2.7 およびそれ以前

IBM

IBM HTTP Server 2.0.47.1 未満

IBM HTTP Server 6.0.2.27 未満

IBM HTTP Server 6.1.0.15 未満

ターボリナックス

Turbolinux Appliance Server 2.0

Turbolinux FUJI

Turbolinux Multimedia

Turbolinux Personal

Turbolinux Server 10

Turbolinux Server 10 (x64)

Turbolinux Server 11

Turbolinux Server 11 (x64)

サイバートラスト株式会社

Asianux Server 3.0

Asianux Server 3.0 (x86-64)

アップル

Apple Mac OS X v10.5.2

Apple Mac OS X Server v10.5.2

富士通

Interstage Application Framework Suite

Interstage Application Server

Interstage Apworks

Interstage Business Application Server

Interstage Job Workload Server

Interstage Studio

Interstage Web Server

Systemwalker Resource Coordinator

日立

Cosminexus Application Server Enterprise Version 6

Cosminexus Application Server Standard Version 6

Cosminexus Application Server Version 5

Cosminexus Developer Light Version 6

Cosminexus Developer Professional Version 6

Cosminexus Developer Standard Version 6

Cosminexus Developer Version 5

Cosminexus Server Enterprise Edition

Cosminexus Server Standard Edition

Cosminexus Server Standard Edition Version 4

Cosminexus Server Web Edition

Cosminexus Server Web Edition Version 4

Hitachi Web Server

uCosminexus Application Server Enterprise

uCosminexus Application Server Standard

uCosminexus Developer Light

uCosminexus Developer Professional

uCosminexus Developer Standard

uCosminexus Service Architect

uCosminexus Service Platform

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2007-6203	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6203
National Vulnerability Database (NVD)
2	CVE-2007-6203	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6203

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-79	https://jvndb.jvn.jp/ja/cwe/CWE-79.html

ベンダー情報

No	Name	URL
Apache Software Foundation
1	httpd-2.3	http://httpd.apache.org/dev/devnotes.html
Apache-SVN
2	600645	http://svn.apache.org/viewvc?view=rev&revision=600645
Apple Security Updates
3	Security Update 2008-002	http://docs.info.apple.com/article.html?artnum=307562-en
Apple セキュリティアップデート
4	Security Update 2008-002	http://docs.info.apple.com/article.html?artnum=307562-ja
Changes with Apache
5	Changes with Apache 2.0.62	http://www.apache.org/dist/httpd/CHANGES_2.0.63
6	Changes with Apache 2.2.7	http://www.apache.org/dist/httpd/CHANGES_2.2.8
Hitachi Software Vulnerability Information
7	HS08-004	http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS08-004/index.html
HP Security Bulletin
8	HPSBUX02465	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01905287
9	HPSBUX02612	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02579879
IBM Support Document
10	PK65782	http://www-1.ibm.com/support/docview.wss?uid=swg1PK65782
11	4019245	http://www-1.ibm.com/support/docview.wss?uid=swg24019245
12	7008517	http://www-1.ibm.com/support/docview.wss?rs=177&uid=swg27008517#61015
13	PK57952	http://www-1.ibm.com/support/docview.wss?uid=swg1PK57952
MIRACLE LINUX アップデート情報
14	1266	http://www.miraclelinux.com/support/index.php?q=node/99&errata_id=1266
Turbolinux Security Advisory
15	TLSA-2008-24	http://www.turbolinux.co.jp/security/2008/TLSA-2008-24j.txt
ソフトウェア製品セキュリティ情報
16	HS08-004	http://www.hitachi-support.com/security/vuls/HS08-004/index.html
富士通セキュリティ情報
17	interstage_as_200807	http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_as_200807.html

その他

No	Name	URL
FrSIRT Advisories
1	FrSIRT/ADV-2007-4060	http://www.frsirt.com/english/advisories/2007/4060
ISS X-Force Database
2	38800	http://xforce.iss.net/xforce/xfdb/38800
JVN
3	JVNTA08-079A	http://jvn.jp/cert/JVNTA08-079A/index.html
Secunia Advisory
4	SA27906	http://secunia.com/advisories/27906/
SecurityFocus
5	26663	http://www.securityfocus.com/bid/26663
SecurityTracker
6	1019030	http://www.securitytracker.com/id?1019030
US-CERT Cyber Security Alerts
7	SA08-079A	http://www.us-cert.gov/cas/alerts/SA08-079A.html
US-CERT Technical Cyber Security Alert
8	TA08-079A	http://www.us-cert.gov/cas/techalerts/TA08-079A.html

Change Log

No	Changed Details	Date of change
0	[2007年12月20日] 掲載 [2008年01月15日] 影響を受けるシステム：IBM (PK57952) の情報追加。ベンダ情報：IBM (PK57952) 追加。 [2008年01月22日] タイトル、概要、想定される影響を修正しました。 [2008年02月04日] 影響を受けるシステム：影響を受けるシステムのバージョンを更新しました。ベンダ情報: Apache Software Foundation の情報を追加。・Changes with Apache 2.0.62 ・Changes with Apache 2.2.7 [2008年03月11日] 影響を受けるシステム：日立 (HS08-004) の情報追加。ベンダ情報: 日立 (HS08-004) 追加。 [2008年03月24日] 影響を受けるシステム：アップル (Security Update 2008-002) の情報追加。ベンダ情報：アップル (Security Update 2008-002) 追加。ベンダ情報：IBM (7008517) 追加。 [2008年04月23日] 影響を受けるシステム：ミラクル・リナックス (1266) の情報追加。ベンダ情報: ミラクル・リナックス (1266) 追加。 [2008年06月09日] 影響を受けるシステム：IBM(4019245)の情報を追加ベンダ情報：IBM(4019245)を追加ベンダ情報：IBM(PK65782)を追加 [2008年07月09日] 影響を受けるシステム：ターボリナックス(TLSA-2008-24) の情報を追加ベンダ情報：ターボリナックス(TLSA-2008-24) を追加 [2009年01月26日] 影響を受けるシステム：富士通 (interstage_as_200807) の情報を追加ベンダ情報：富士通 (interstage_as_200807) を追加 [2009年11月13日] 影響を受けるシステム：ヒューレット・パッカード (HPSBUX02465) の情報を追加ベンダ情報：ヒューレット・パッカード (HPSBUX02465) を追加 [2010年12月20日] ベンダ情報：ヒューレット・パッカード (HPSBUX02612) を追加	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2007-6203

Summary	Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated via an HTTP request containing an invalid Content-length value, a similar issue to CVE-2006-3918.
Publication Date	Dec. 4, 2007, 7:46 a.m.
Registration Date	Jan. 29, 2021, 2:24 p.m.
Last Update	Oct. 16, 2018, 6:50 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:apache:http_server:2.0.46:::::::*
cpe:2.3:a:apache:http_server:2.0.47:::::::*
cpe:2.3:a:apache:http_server:2.0.48:::::::*
cpe:2.3:a:apache:http_server:2.0.49:::::::*
cpe:2.3:a:apache:http_server:2.0.50:::::::*
cpe:2.3:a:apache:http_server:2.0.51:::::::*
cpe:2.3:a:apache:http_server:2.0.52:::::::*
cpe:2.3:a:apache:http_server:2.0.53:::::::*
cpe:2.3:a:apache:http_server:2.0.54:::::::*
cpe:2.3:a:apache:http_server:2.0.55:::::::*
cpe:2.3:a:apache:http_server:2.0.57:::::::*
cpe:2.3:a:apache:http_server:2.0.58:::::::*
cpe:2.3:a:apache:http_server:2.0.59:::::::*
cpe:2.3:a:apache:http_server:2.1.1:::::::*
cpe:2.3:a:apache:http_server:2.1.2:::::::*
cpe:2.3:a:apache:http_server:2.1.3:::::::*
cpe:2.3:a:apache:http_server:2.1.4:::::::*
cpe:2.3:a:apache:http_server:2.1.5:::::::*
cpe:2.3:a:apache:http_server:2.1.6:::::::*
cpe:2.3:a:apache:http_server:2.1.7:::::::*
cpe:2.3:a:apache:http_server:2.1.8:::::::*
cpe:2.3:a:apache:http_server:2.2.0:::::::*
cpe:2.3:a:apache:http_server:2.2.2:::::::*
cpe:2.3:a:apache:http_server:2.2.3:::::::*
cpe:2.3:a:apache:http_server:2.2.4:::::::*

Related information, measures and tools

No	URL	refsource	タグ
1	http://docs.info.apple.com/article.html?artnum=307562	CONFIRM
2	http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html	APPLE
3	http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html	SUSE
4	http://marc.info/?l=bugtraq&m=125631037611762&w=2	HP
5	http://marc.info/?l=bugtraq&m=129190899612998&w=2	HP
6	http://procheckup.com/Vulnerability_PR07-37.php	MISC	Exploit
7	http://secunia.com/advisories/27906	SECUNIA	Vendor Advisory
8	http://secunia.com/advisories/28196	SECUNIA	Vendor Advisory
9	http://secunia.com/advisories/29348	SECUNIA	Vendor Advisory
10	http://secunia.com/advisories/29420	SECUNIA	Vendor Advisory
11	http://secunia.com/advisories/29640	SECUNIA	Vendor Advisory
12	http://secunia.com/advisories/30356	SECUNIA	Vendor Advisory
13	http://secunia.com/advisories/30732	SECUNIA	Vendor Advisory
14	http://secunia.com/advisories/33105	SECUNIA	Vendor Advisory
15	http://secunia.com/advisories/34219	SECUNIA	Vendor Advisory
16	http://security.gentoo.org/glsa/glsa-200803-19.xml	GENTOO
17	http://securityreason.com/securityalert/3411	SREASON
18	http://www.fujitsu.com/global/support/software/security/products-f/interstage-200807e.html	CONFIRM
19	http://www.securityfocus.com/archive/1/484410/100/0/threaded	BUGTRAQ
20	http://www.securityfocus.com/bid/26663	BID	Exploit
21	http://www.securitytracker.com/id?1019030	SECTRACK
22	http://www.ubuntu.com/usn/USN-731-1	UBUNTU
23	http://www.vupen.com/english/advisories/2007/4060	VUPEN
24	http://www.vupen.com/english/advisories/2007/4301	VUPEN
25	http://www.vupen.com/english/advisories/2008/0924/references	VUPEN
26	http://www.vupen.com/english/advisories/2008/1623/references	VUPEN
27	http://www.vupen.com/english/advisories/2008/1875/references	VUPEN
28	http://www-1.ibm.com/support/docview.wss?uid=swg1PK57952	AIXAPAR
29	http://www-1.ibm.com/support/docview.wss?uid=swg24019245	AIXAPAR
30	https://exchange.xforce.ibmcloud.com/vulnerabilities/38800	XF
31	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12166	OVAL

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-79	クロスサイト・スクリプティング（XSS）	https://cwe.mitre.org/data/definitions/79.html

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:apache:http_server:2.0.46:::::::*
cpe:2.3:a:apache:http_server:2.0.47:::::::*
cpe:2.3:a:apache:http_server:2.0.48:::::::*
cpe:2.3:a:apache:http_server:2.0.49:::::::*
cpe:2.3:a:apache:http_server:2.0.50:::::::*
cpe:2.3:a:apache:http_server:2.0.51:::::::*
cpe:2.3:a:apache:http_server:2.0.52:::::::*
cpe:2.3:a:apache:http_server:2.0.53:::::::*
cpe:2.3:a:apache:http_server:2.0.54:::::::*
cpe:2.3:a:apache:http_server:2.0.55:::::::*
cpe:2.3:a:apache:http_server:2.0.57:::::::*
cpe:2.3:a:apache:http_server:2.0.58:::::::*
cpe:2.3:a:apache:http_server:2.0.59:::::::*
cpe:2.3:a:apache:http_server:2.1.1:::::::*
cpe:2.3:a:apache:http_server:2.1.2:::::::*
cpe:2.3:a:apache:http_server:2.1.3:::::::*
cpe:2.3:a:apache:http_server:2.1.4:::::::*
cpe:2.3:a:apache:http_server:2.1.5:::::::*
cpe:2.3:a:apache:http_server:2.1.6:::::::*
cpe:2.3:a:apache:http_server:2.1.7:::::::*
cpe:2.3:a:apache:http_server:2.1.8:::::::*
cpe:2.3:a:apache:http_server:2.2.0:::::::*
cpe:2.3:a:apache:http_server:2.2.2:::::::*
cpe:2.3:a:apache:http_server:2.2.3:::::::*
cpe:2.3:a:apache:http_server:2.2.4:::::::*