65 行
1.9 KiB
Markdown
65 行
1.9 KiB
Markdown
---
|
|
title: "Apache HTTP Server mod_ssl TLS upgrade attack mapping"
|
|
published_date: "2025-07-10"
|
|
affected_versions:
|
|
- "<= 2.4.63"
|
|
fixed_versions:
|
|
- "2.4.64"
|
|
severity: "important"
|
|
exploit_status: "See official advisory"
|
|
stack:
|
|
- "Apache HTTP Server"
|
|
- "mod_ssl"
|
|
attack_type:
|
|
- "integrity bypass"
|
|
- "content injection"
|
|
primary_source: "https://httpd.apache.org/security/vulnerabilities_24.html"
|
|
secondary_sources: []
|
|
target_types:
|
|
- "lab-local"
|
|
- "lab-public"
|
|
- "authorized-third-party"
|
|
public_target_allowed: true
|
|
authorization_required: true
|
|
minimum_validation: "Reproduce only in a lab with a controlled proxy path and a controlled man-in-the-middle position."
|
|
prohibited_use: "Do not test content injection paths against unowned public infrastructure."
|
|
---
|
|
|
|
# Apache HTTP Server CVE-2025-49812 映射
|
|
|
|
## 事件层
|
|
|
|
- 官方来源: [Apache HTTP Server vulnerabilities 2.4.x](https://httpd.apache.org/security/vulnerabilities_24.html)
|
|
- 发布时间: 2025-07-10
|
|
- 影响范围: 2.4.63 及更早版本
|
|
- 修复版本: 2.4.64
|
|
|
|
官方说明指出,在特定代理配置下,`mod_ssl` 处理 TLS 升级请求时可能受到响应拆分类攻击影响,从而绕过完整性检查并注入恶意内容。
|
|
|
|
## 实验层
|
|
|
|
### 适用目标类型
|
|
|
|
- `lab-local`
|
|
- `lab-public`
|
|
- `authorized-third-party`
|
|
|
|
### 实验思路
|
|
|
|
1. 在隔离环境中搭建 Apache 反向代理与受控上游。
|
|
2. 复现 TLS 升级或代理链中的相关流量路径。
|
|
3. 在完全受控的 MITM 条件下观察代理侧完整性与内容注入表现。
|
|
4. 升级到 2.4.64 后再次比对。
|
|
|
|
### 推荐的最小化验证
|
|
|
|
- 只在实验环境或自有测试资产中做完整流量复现。
|
|
- 不对外部无授权网络设备或中间链路做类似试探。
|
|
- 把重点放在“边界是否存在”“修复后是否消失”。
|
|
|
|
### 观测点
|
|
|
|
- 代理链中的内容完整性保护是否被绕过
|
|
- 上游与下游日志是否能发现异常
|
|
- 反向代理与缓存层是否放大了注入影响
|