Date: 15 November 2004
References: ESB-2004.0769 ESB-2005.0602 ESB-2006.0157 AU-2006.0033
Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2004.0724 -- RHSA-2004:562-01
Updated httpd packages fix a security issue and bugs
15 November 2004
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Apache Web Server
Publisher: Red Hat
Operating System: Red Hat Enterprise Linux AS/ES/WS 3
Red Hat Desktop version 3
Impact: Denial of Service
Inappropriate Access
Access: Remote/Unauthenticated
CVE Names: CAN-2004-0942 CAN-2004-0885
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - ---------------------------------------------------------------------
Red Hat Security Advisory
Synopsis: Updated httpd packages fix a security issue and bugs
Advisory ID: RHSA-2004:562-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2004-562.html
Issue date: 2004-11-12
Updated on: 2004-11-12
Product: Red Hat Enterprise Linux
CVE Names: CAN-2004-0885 CAN-2004-0942
- - ---------------------------------------------------------------------
1. Summary:
Updated httpd packages that include fixes for two security issues, as well as
other bugs, are now available.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
3. Problem description:
The Apache HTTP server is a powerful, full-featured, efficient, and
freely-available Web server.
An issue has been discovered in the mod_ssl module when configured to use
the "SSLCipherSuite" directive in directory or location context. If a
particular location context has been configured to require a specific set
of cipher suites, then a client will be able to access that location using
any cipher suite allowed by the virtual host configuration. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2004-0885 to this issue.
An issue has been discovered in the handling of white space in request
header lines using MIME folding. A malicious client could send a carefully
crafted request, forcing the server to consume large amounts of memory,
leading to a denial of service. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the name CAN-2004-0942 to this issue.
Several minor bugs were also discovered, including:
- - - In the mod_cgi module, problems that arise when CGI scripts are
invoked from SSI pages by mod_include using the "#include virtual"
syntax have been fixed.
- - - In the mod_dav_fs module, problems with the handling of indirect locks
on the S/390x platform have been fixed.
Users of the Apache HTTP server who are affected by these issues should
upgrade to these updated packages, which contain backported patches.
4. Solution:
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:
up2date
For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:
http://www.redhat.com/docs/manuals/enterprise/
5. Bug IDs fixed (http://bugzilla.redhat.com/ for more info):
132593 - mod_dav_fs: indirect lock refresh broken on s390x
134825 - CAN-2004-0885 SSLCipherSuite bypass
138064 - CAN-2004-0942 Memory consumption DoS
6. RPMs required:
Red Hat Enterprise Linux AS version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/httpd-2.0.46-44.ent.src.rpm
118f06e0317eb7d5735990049199b354 httpd-2.0.46-44.ent.src.rpm
i386:
07294bc2ae372ae2c033f6c97a425371 httpd-2.0.46-44.ent.i386.rpm
f97f7661878d345e35e49ee5b903ee97 httpd-devel-2.0.46-44.ent.i386.rpm
7ff1d8de6d421d62b5f7c35df785304e mod_ssl-2.0.46-44.ent.i386.rpm
ia64:
731331f101efda7820988a76265d5b29 httpd-2.0.46-44.ent.ia64.rpm
95451f6b0aaffbccffb8e77c88d36cc1 httpd-devel-2.0.46-44.ent.ia64.rpm
badd71a4a010b5b96d854de8b4ab14c5 mod_ssl-2.0.46-44.ent.ia64.rpm
ppc:
d399d5cbffd283d3e155a2e301542e6f httpd-2.0.46-44.ent.ppc.rpm
ded92081a835c8e53ccbf6e8f47f244d httpd-devel-2.0.46-44.ent.ppc.rpm
4a2a5d60a34a09550910738fde57f518 mod_ssl-2.0.46-44.ent.ppc.rpm
s390:
806ff06977f721712068a621c3981f7c httpd-2.0.46-44.ent.s390.rpm
5912d5b3eb7d18071825ef4bfe3b139b httpd-devel-2.0.46-44.ent.s390.rpm
6d2866cab66c09694ba6c98b39d3e52b mod_ssl-2.0.46-44.ent.s390.rpm
s390x:
17bd982545f3e25953a4d3aff7d9ea22 httpd-2.0.46-44.ent.s390x.rpm
2299bd3c8d7a0a5ab525840fc453f1e1 httpd-devel-2.0.46-44.ent.s390x.rpm
51cc33598d9d4559f0daf860396e5ae5 mod_ssl-2.0.46-44.ent.s390x.rpm
x86_64:
1b8bce6493ff433f4fe8361b897d841e httpd-2.0.46-44.ent.x86_64.rpm
7ce1eb8feef44ffdb30563484f214a61 httpd-devel-2.0.46-44.ent.x86_64.rpm
fc576fed7de6149c17d5158e87ec600c mod_ssl-2.0.46-44.ent.x86_64.rpm
Red Hat Desktop version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/httpd-2.0.46-44.ent.src.rpm
118f06e0317eb7d5735990049199b354 httpd-2.0.46-44.ent.src.rpm
i386:
07294bc2ae372ae2c033f6c97a425371 httpd-2.0.46-44.ent.i386.rpm
f97f7661878d345e35e49ee5b903ee97 httpd-devel-2.0.46-44.ent.i386.rpm
7ff1d8de6d421d62b5f7c35df785304e mod_ssl-2.0.46-44.ent.i386.rpm
x86_64:
1b8bce6493ff433f4fe8361b897d841e httpd-2.0.46-44.ent.x86_64.rpm
7ce1eb8feef44ffdb30563484f214a61 httpd-devel-2.0.46-44.ent.x86_64.rpm
fc576fed7de6149c17d5158e87ec600c mod_ssl-2.0.46-44.ent.x86_64.rpm
Red Hat Enterprise Linux ES version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/httpd-2.0.46-44.ent.src.rpm
118f06e0317eb7d5735990049199b354 httpd-2.0.46-44.ent.src.rpm
i386:
07294bc2ae372ae2c033f6c97a425371 httpd-2.0.46-44.ent.i386.rpm
f97f7661878d345e35e49ee5b903ee97 httpd-devel-2.0.46-44.ent.i386.rpm
7ff1d8de6d421d62b5f7c35df785304e mod_ssl-2.0.46-44.ent.i386.rpm
ia64:
731331f101efda7820988a76265d5b29 httpd-2.0.46-44.ent.ia64.rpm
95451f6b0aaffbccffb8e77c88d36cc1 httpd-devel-2.0.46-44.ent.ia64.rpm
badd71a4a010b5b96d854de8b4ab14c5 mod_ssl-2.0.46-44.ent.ia64.rpm
x86_64:
1b8bce6493ff433f4fe8361b897d841e httpd-2.0.46-44.ent.x86_64.rpm
7ce1eb8feef44ffdb30563484f214a61 httpd-devel-2.0.46-44.ent.x86_64.rpm
fc576fed7de6149c17d5158e87ec600c mod_ssl-2.0.46-44.ent.x86_64.rpm
Red Hat Enterprise Linux WS version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/httpd-2.0.46-44.ent.src.rpm
118f06e0317eb7d5735990049199b354 httpd-2.0.46-44.ent.src.rpm
i386:
07294bc2ae372ae2c033f6c97a425371 httpd-2.0.46-44.ent.i386.rpm
f97f7661878d345e35e49ee5b903ee97 httpd-devel-2.0.46-44.ent.i386.rpm
7ff1d8de6d421d62b5f7c35df785304e mod_ssl-2.0.46-44.ent.i386.rpm
ia64:
731331f101efda7820988a76265d5b29 httpd-2.0.46-44.ent.ia64.rpm
95451f6b0aaffbccffb8e77c88d36cc1 httpd-devel-2.0.46-44.ent.ia64.rpm
badd71a4a010b5b96d854de8b4ab14c5 mod_ssl-2.0.46-44.ent.ia64.rpm
x86_64:
1b8bce6493ff433f4fe8361b897d841e httpd-2.0.46-44.ent.x86_64.rpm
7ce1eb8feef44ffdb30563484f214a61 httpd-devel-2.0.46-44.ent.x86_64.rpm
fc576fed7de6149c17d5158e87ec600c mod_ssl-2.0.46-44.ent.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key.html#package
7. References:
http://www.apacheweek.com/features/security-20
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0942
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact.html
Copyright 2004 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQFBlOzSXlSAg2UNWIIRAv86AJ9x979dRjuv17HCCbnwE8bfCqnldwCeIslT
Ti3dLL7B4Y35loJaYQe/yNQ=
=OaFC
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBQZfsYSh9+71yA2DNAQIBSQP7Ba9oehF879BR/symLaWPlWDc/3uoMM+J
kvROreMVX2B6h5GovQ+7HIT6ZmStISu+/S+mCbbGCyKXGxuKgcGV/ptQKEX8yFdY
diJMSJ/mOCuU2e2Oe8+fKrTTTfW0YwQODjCOEcE7Xv/EL5Bw5US5aMc+SSDXc8co
MjwQw56fNaM=
=w+vX
-----END PGP SIGNATURE-----
|