[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[RedHat] Schwachstellen im Apache HTTP Server und dem Modul mod_status bis Version 2.2.4 - RHSA-2007:0557-01
-----BEGIN PGP SIGNED MESSAGE-----
Hash: MD5
Liebe Kolleginnen und Kollegen,
soeben erreichte uns nachfolgendes RedHat Security Advisory. Wir geben
diese Informationen unveraendert an Sie weiter.
CVE-2006-5752 - Cross-site Scripting Schwachstelle im Apache mod_status
Modul
Aufgrund eines Fehlers im mod_status Modul des Apache HTTP Servers
koennen entfernte Angreifer beliebigen Scriptcode im Browser fremder
Benutzer ausfuehren (Cross-site Scripting). Dazu muss die
"server-status" Seite fuer den Angreifer erreichbar und die Option
"ExtendedStatus" aktiviert sein.
CVE-2007-1863 - Schwachstelle im Apache Modul mod_cache
Aufgrund eines Fehlers im mod_cache Modul des Apache HTTP Servers
koennen entfernte Angreifer Apache Prozesse zum Absturz bringen, indem
sie einen entsprechend aufgebauten Request an den Server senden. Bei
Apache Installationen mit Multi-Processing Modulen kann dies zu einem
Denial of Service Angriff ausgenutzt werden.
CVE-2007-3304 - Apache kann beliebigen Prozessen Signale senden
Der Apache HTTP Server ueberprueft nicht, ob ein Prozess ein Kind des
Servers ist, bevor ein Signal an diesen Prozess gesendet wird. Ein
lokaler Angreifer kann diese Schwachstelle dazu ausnutzen, beliebige
Prozesse auf dem System zu stoppen (Denial of Service).
Betroffen sind die folgenden Software Pakete und Plattformen:
Paket httpd
Red Hat Application Stack v1 fuer Enterprise Linux AS (v.4) - i386, x86_64
Red Hat Application Stack v1 fuer Enterprise Linux ES (v.4) - i386, x86_64
Vom Hersteller werden ueberarbeitete Pakete zur Verfuegung gestellt.
Hersteller Advisory:
https://rhn.redhat.com/errata/RHSA-2007-0557.html
(c) der deutschen Zusammenfassung bei DFN-CERT Services GmbH; die
Verbreitung, auch auszugsweise, ist nur unter Hinweis auf den Urheber,
DFN-CERT Services GmbH, und nur zu nicht kommerziellen Zwecken
gestattet.
Mit freundlichen Gruessen,
Andreas Bunten, DFN-CERT
- --
DFN-CERT Services GmbH, https://www.dfn-cert.de, Phone +49 40 808077-555
Sitz / Register: Hamburg, AG Hamburg, HRB 88805, Ust-IdNr.: DE 232129737
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - ---------------------------------------------------------------------
Red Hat Security Advisory
Synopsis: Moderate: httpd security update
Advisory ID: RHSA-2007:0557-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0557.html
Issue date: 2007-07-13
Updated on: 2007-07-13
Product: Red Hat Application Stack
CVE Names: CVE-2006-5752 CVE-2007-1863 CVE-2007-3304
- - ---------------------------------------------------------------------
1. Summary:
Updated Apache httpd packages that correct two security issues are now
available for Red Hat Application Stack.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
2. Relevant releases/architectures:
Red Hat Application Stack v1 for Enterprise Linux AS (v.4) - i386, x86_64
Red Hat Application Stack v1 for Enterprise Linux ES (v.4) - i386, x86_64
3. Problem description:
The Apache HTTP Server is a popular Web server.
A flaw was found in the Apache HTTP Server mod_status module. On sites
where the server-status page is publicly accessible and ExtendedStatus is
enabled, this flaw could lead to a cross-site scripting attack. On Red Hat
Enterprise Linux, the server-status page is not enabled by default and it
is best practice to not make this publicly available. (CVE-2006-5752)
A bug was found in the Apache HTTP Server mod_cache module. On sites where
caching is enabled, a remote attacker could send a carefully crafted
request that would cause the Apache child process handling that request to
crash. This could lead to a denial of service if using a threaded
Multi-Processing Module. (CVE-2007-1863)
The Apache HTTP Server did not verify that a process was an Apache child
process before sending it signals. A local attacker with the ability to run
scripts on the Apache HTTP Server could manipulate the scoreboard and cause
arbitrary processes to be terminated which could lead to a denial of
service. (CVE-2007-3304).
Users of httpd should upgrade to these updated packages, which contain
backported patches to correct these issues. Users should restart Apache
after installing this update.
4. Solution:
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
5. Bug IDs fixed (http://bugzilla.redhat.com/):
244658 - CVE-2007-1863 httpd mod_cache segfault
245112 - CVE-2006-5752 httpd mod_status XSS
6. RPMs required:
Red Hat Application Stack v1 for Enterprise Linux AS (v.4):
SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/RHWAS/SRPMS/httpd-2.0.59-1.el4s1.7.src.rpm
ba3642a4c124090b5e7ea8a90294fa23 httpd-2.0.59-1.el4s1.7.src.rpm
i386:
44e247bfcdceaaa6e59009925d13129d httpd-2.0.59-1.el4s1.7.i386.rpm
a4bbcf0b9e6f5649942347d5fb4f41ab httpd-debuginfo-2.0.59-1.el4s1.7.i386.rpm
486ef1d5da37f178eedea70abd82a4f5 httpd-devel-2.0.59-1.el4s1.7.i386.rpm
33389202046b9651e3a35da1bc0091d9 httpd-manual-2.0.59-1.el4s1.7.i386.rpm
beae81006d90d0187e31275030051a73 mod_ssl-2.0.59-1.el4s1.7.i386.rpm
x86_64:
b78c01f55bdecc83ed40084eae41e5f3 httpd-2.0.59-1.el4s1.7.x86_64.rpm
389b87bb05f5cde1141297a309676a20 httpd-debuginfo-2.0.59-1.el4s1.7.x86_64.rpm
2968024dee972275e73da19815030cc5 httpd-devel-2.0.59-1.el4s1.7.x86_64.rpm
405428ee9039e797350cbbca2dfbd6fb httpd-manual-2.0.59-1.el4s1.7.x86_64.rpm
a1a9fbe7e8e4ec4082b47320a520091f mod_ssl-2.0.59-1.el4s1.7.x86_64.rpm
Red Hat Application Stack v1 for Enterprise Linux ES (v.4):
SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/RHWAS/SRPMS/httpd-2.0.59-1.el4s1.7.src.rpm
ba3642a4c124090b5e7ea8a90294fa23 httpd-2.0.59-1.el4s1.7.src.rpm
i386:
44e247bfcdceaaa6e59009925d13129d httpd-2.0.59-1.el4s1.7.i386.rpm
a4bbcf0b9e6f5649942347d5fb4f41ab httpd-debuginfo-2.0.59-1.el4s1.7.i386.rpm
486ef1d5da37f178eedea70abd82a4f5 httpd-devel-2.0.59-1.el4s1.7.i386.rpm
33389202046b9651e3a35da1bc0091d9 httpd-manual-2.0.59-1.el4s1.7.i386.rpm
beae81006d90d0187e31275030051a73 mod_ssl-2.0.59-1.el4s1.7.i386.rpm
x86_64:
b78c01f55bdecc83ed40084eae41e5f3 httpd-2.0.59-1.el4s1.7.x86_64.rpm
389b87bb05f5cde1141297a309676a20 httpd-debuginfo-2.0.59-1.el4s1.7.x86_64.rpm
2968024dee972275e73da19815030cc5 httpd-devel-2.0.59-1.el4s1.7.x86_64.rpm
405428ee9039e797350cbbca2dfbd6fb httpd-manual-2.0.59-1.el4s1.7.x86_64.rpm
a1a9fbe7e8e4ec4082b47320a520091f mod_ssl-2.0.59-1.el4s1.7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package
7. References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304
http://www.redhat.com/security/updates/classification/#moderate
8. Contact:
The Red Hat security contact is <secalert@xxxxxxxxxx>. More contact
details at https://www.redhat.com/security/team/contact/
Copyright 2007 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFGlyw9XlSAg2UNWIIRAlmsAKCgFiBOqda2VjFYxJTQxY+/mWQuXwCghJ9p
4TvGhz6dYnBUWDCLtzYf0ds=
=WkE5
- -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iQEVAwUBRpeAcxYd1iQZmhQQAQHlHwf/Re+EB9uyslJYh5L0l277eDI+H1VSp/OJ
gyJuviCxr2L1g26/AwzN2ig+BpkRQOjnIPRZ6heT3IJ76lzoKax57xzQnuIr6vo0
B3l1Yb/ClhYqYSxFZDW5cxMidvKRGeEAvmL+fzaeVDtalSOHpgPRbVvMhsutkiZG
djA6fKA7ah4Y7095Nec3en3i++FgkxDw+9r4nH/F1nz1CfVZRqBIEik6QYDUVzOe
5pz34jqV1m2Fl+/+r+Rr4ft4Tr8Ws1TdPbsVPJDuu201SUFjJ3iSbc6wahxl7qZL
aLgk8UF03/91+QH3JAIHJ76wsASvRHkLmObW6fdWOFssxzk8OSlhig==
=n33S
-----END PGP SIGNATURE-----