[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 269/04 - MDKSA-2004:055 - apache2



----------------------------------------------------------------------------------
   UNIRAS (UK Govt CERT) Briefing Notice - 269/04 dated 03.06.04  Time: 13:50  
  UNIRAS is part of NISCC (National Infrastructure Security Co-ordination Centre)
---------------------------------------------------------------------------------- 
  UNIRAS material is also available from its website at www.uniras.gov.uk and
         Information about NISCC is available from www.niscc.gov.uk
----------------------------------------------------------------------------------

Title
=====

MDKSA-2004:055 - apache2


Detail
====== 

A stack-based buffer overflow exists in the ssl_util_uuencode_binary  function in ssl_util.c 
in Apache.  When mod_ssl is configured to trust  the issuing CA, a remote attacker may be able 
to execute arbitrary  code via a client certificate with a long subject DN.
 



 _______________________________________________________________________

                 Mandrakelinux Security Update Advisory  
 Package name:           apache2
 Advisory ID:            MDKSA-2004:055
 Date:                   June 1st, 2004

 Affected versions:	 10.0, 9.1, 9.2
 ______________________________________________________________________

 Problem Description:

 A stack-based buffer overflow exists in the ssl_util_uuencode_binary  function in ssl_util.c in 
Apache.  When mod_ssl is configured to trust  the issuing CA, a remote attacker may be able to 
execute arbitrary  code via a client certificate with a long subject DN.
 
 The provided packages are patched to prevent this problem.  
 _________________________________
 
 References:  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0488
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 3111b612aa249513d3bfd62d660d84f5  10.0/RPMS/apache2-2.0.48-6.2.100mdk.i586.rpm
 be7f4c6d9976385c6884762a67521a20  10.0/RPMS/apache2-common-2.0.48-6.2.100mdk.i586.rpm
 510706a2c99f5f7cc5f3e77bdb5da5aa  10.0/RPMS/apache2-devel-2.0.48-6.2.100mdk.i586.rpm
 f227a7c85de5ab4ccdc0b23afb6c7592  10.0/RPMS/apache2-manual-2.0.48-6.2.100mdk.i586.rpm
 0f39dd91febd2c23330e9d1c493891b6  10.0/RPMS/apache2-mod_cache-2.0.48-6.2.100mdk.i586.rpm
 df6e1335b214e94f0c674851ff3212cf  10.0/RPMS/apache2-mod_dav-2.0.48-6.2.100mdk.i586.rpm
 b1c6a7416444501b8060bbdf8ca48f0a  10.0/RPMS/apache2-mod_deflate-2.0.48-6.2.100mdk.i586.rpm
 b6280f32c97c63b5088012838bc89cba  10.0/RPMS/apache2-mod_disk_cache-2.0.48-6.2.100mdk.i586.rpm
 5c170c8430f68fb4a4afed4434b1e513  10.0/RPMS/apache2-mod_file_cache-2.0.48-6.2.100mdk.i586.rpm
 23bc5e376539bcee81b457f730efd7fd  10.0/RPMS/apache2-mod_ldap-2.0.48-6.2.100mdk.i586.rpm
 9ce5229a7cc6ab93d85ec012ce696494  10.0/RPMS/apache2-mod_mem_cache-2.0.48-6.2.100mdk.i586.rpm
 0c86183703f69db7cdb28de391d3f78e  10.0/RPMS/apache2-mod_proxy-2.0.48-6.2.100mdk.i586.rpm
 b87416a718964d75904e529e52106063  10.0/RPMS/apache2-mod_ssl-2.0.48-6.2.100mdk.i586.rpm
 432f0f4ae5e38e9b43b8364f324763dc  10.0/RPMS/apache2-modules-2.0.48-6.2.100mdk.i586.rpm
 0427b1a08aabbd081cfca08af6071588  10.0/RPMS/apache2-source-2.0.48-6.2.100mdk.i586.rpm
 f9ab0637af7ce7159d5252976ddd27e1  10.0/RPMS/libapr0-2.0.48-6.2.100mdk.i586.rpm
 c2af0f267d9b0a31539c7c5e7fbdb4d9  10.0/SRPMS/apache2-2.0.48-6.2.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 b5434064b5ba9aa3295275029dd355f7  amd64/10.0/RPMS/apache2-2.0.48-6.2.100mdk.amd64.rpm
 3e24450b95d3800cb2b53cbfe4247ed2  amd64/10.0/RPMS/apache2-common-2.0.48-6.2.100mdk.amd64.rpm
 1513d147a1cd7e7d39b3544cef4452d8  amd64/10.0/RPMS/apache2-devel-2.0.48-6.2.100mdk.amd64.rpm
 337ff1d5f687d7ea370d66244f1f773d  amd64/10.0/RPMS/apache2-manual-2.0.48-6.2.100mdk.amd64.rpm
 77a114c6f9a8719e1a1c190efef8744c  amd64/10.0/RPMS/apache2-mod_cache-2.0.48-6.2.100mdk.amd64.rpm
 0f4e28c95bf98b580974cef192aed867  amd64/10.0/RPMS/apache2-mod_dav-2.0.48-6.2.100mdk.amd64.rpm
 25a8a1b55d27e905eaf152a4ac264dbd  amd64/10.0/RPMS/apache2-mod_deflate-2.0.48-6.2.100mdk.amd64.rpm
 4c5dc9c54eb70194a3060a2365d6b4e8  amd64/10.0/RPMS/apache2-mod_disk_cache-2.0.48-6.2.100mdk.amd64.rpm
 d72b2779cd56ac23897071f6d8c62384  amd64/10.0/RPMS/apache2-mod_file_cache-2.0.48-6.2.100mdk.amd64.rpm
 752d4bca2e9fd6815745ce2265250c67  amd64/10.0/RPMS/apache2-mod_ldap-2.0.48-6.2.100mdk.amd64.rpm
 d414e1317b44b367d42937dd476e8484  amd64/10.0/RPMS/apache2-mod_mem_cache-2.0.48-6.2.100mdk.amd64.rpm
 0c33ae8b773b13eb528aa1e1769e36fa  amd64/10.0/RPMS/apache2-mod_proxy-2.0.48-6.2.100mdk.amd64.rpm
 fd54f99ef0c42360e09799cf881cd37b  amd64/10.0/RPMS/apache2-mod_ssl-2.0.48-6.2.100mdk.amd64.rpm
 c2361c2527ebbeafef57034173d2840b  amd64/10.0/RPMS/apache2-modules-2.0.48-6.2.100mdk.amd64.rpm
 f799b8ddd90bca399459acd04b7010e0  amd64/10.0/RPMS/apache2-source-2.0.48-6.2.100mdk.amd64.rpm
 e60ee45d646fb0a6bc6c20f18b7c30d3  amd64/10.0/RPMS/lib64apr0-2.0.48-6.2.100mdk.amd64.rpm
 c2af0f267d9b0a31539c7c5e7fbdb4d9  amd64/10.0/SRPMS/apache2-2.0.48-6.2.100mdk.src.rpm

 Mandrakelinux 9.1:
 a11cbb72043587a99412d7052dcba791  9.1/RPMS/apache2-2.0.47-1.8.91mdk.i586.rpm
 bbc02417b82fa4bc6b2b7a74a204c7c2  9.1/RPMS/apache2-common-2.0.47-1.8.91mdk.i586.rpm
 4cf89cb891b0856ba8b162e67061ea1a  9.1/RPMS/apache2-devel-2.0.47-1.8.91mdk.i586.rpm
 a96bfe336f16891d1d20a5a13b56a36f  9.1/RPMS/apache2-manual-2.0.47-1.8.91mdk.i586.rpm
 fea9374b8a23495b08ef5adad4074d23  9.1/RPMS/apache2-mod_dav-2.0.47-1.8.91mdk.i586.rpm
 88e51a6e2be5c81063e29c7429c63733  9.1/RPMS/apache2-mod_ldap-2.0.47-1.8.91mdk.i586.rpm
 d33b565415852146de64b950e2aeb178  9.1/RPMS/apache2-mod_ssl-2.0.47-1.8.91mdk.i586.rpm
 69a56bece8b91acfdc11e199dbe486c3  9.1/RPMS/apache2-modules-2.0.47-1.8.91mdk.i586.rpm
 a17ba2052134939a3e5947f595162033  9.1/RPMS/apache2-source-2.0.47-1.8.91mdk.i586.rpm
 5d0d10fe9603e84a1d48910c31eb783e  9.1/RPMS/libapr0-2.0.47-1.8.91mdk.i586.rpm
 d3034e88376372e030e6933191fd2dc9  9.1/SRPMS/apache2-2.0.47-1.8.91mdk.src.rpm

 Mandrakelinux 9.1/PPC:
 cdbeb822dbb99fda215877ea3e62b2b7  ppc/9.1/RPMS/apache2-2.0.47-1.8.91mdk.ppc.rpm
 ea58b7fe2522668f5748d722e38536fb  ppc/9.1/RPMS/apache2-common-2.0.47-1.8.91mdk.ppc.rpm
 830e5778c4765b6d788e6edc0de9e06f  ppc/9.1/RPMS/apache2-devel-2.0.47-1.8.91mdk.ppc.rpm
 ce43d8231c6e6e923871744fd72596f5  ppc/9.1/RPMS/apache2-manual-2.0.47-1.8.91mdk.ppc.rpm
 c88920e151a05c23dffe03998973e1a1  ppc/9.1/RPMS/apache2-mod_dav-2.0.47-1.8.91mdk.ppc.rpm
 f5b23a897dd1ee750496a7d852e634c5  ppc/9.1/RPMS/apache2-mod_ldap-2.0.47-1.8.91mdk.ppc.rpm
 494663652f8644d56beace3df3c63f00  ppc/9.1/RPMS/apache2-mod_ssl-2.0.47-1.8.91mdk.ppc.rpm
 3e02de6e503834d5982510d549117bcf  ppc/9.1/RPMS/apache2-modules-2.0.47-1.8.91mdk.ppc.rpm
 cd2d7f0e97ae4bceb365332f868d986d  ppc/9.1/RPMS/apache2-source-2.0.47-1.8.91mdk.ppc.rpm
 7f1525deceba60b85382ec30b4bb8003  ppc/9.1/RPMS/libapr0-2.0.47-1.8.91mdk.ppc.rpm
 d3034e88376372e030e6933191fd2dc9  ppc/9.1/SRPMS/apache2-2.0.47-1.8.91mdk.src.rpm

 Mandrakelinux 9.2:
 b45203ab6443ad24bc2373a82a9d0234  9.2/RPMS/apache2-2.0.47-6.5.92mdk.i586.rpm
 f727f5ce2d9504484b6acf7589f6a981  9.2/RPMS/apache2-common-2.0.47-6.5.92mdk.i586.rpm
 eafda47abdec2ac8e5898fb37c604def  9.2/RPMS/apache2-devel-2.0.47-6.5.92mdk.i586.rpm
 8842f5bab2a525868d7ded2c7737bf38  9.2/RPMS/apache2-manual-2.0.47-6.5.92mdk.i586.rpm
 e5eca4891a90df4777f83297fcb397d4  9.2/RPMS/apache2-mod_cache-2.0.47-6.5.92mdk.i586.rpm
 c234e089f0d35fbcd62360f8ce3fa6fb  9.2/RPMS/apache2-mod_dav-2.0.47-6.5.92mdk.i586.rpm
 623397c51d7b7239d169a997e7a365c0  9.2/RPMS/apache2-mod_deflate-2.0.47-6.5.92mdk.i586.rpm
 1a884f364a4155eb18698dc3a7fb92f3  9.2/RPMS/apache2-mod_disk_cache-2.0.47-6.5.92mdk.i586.rpm
 5ee061ac770af13bfc11a600d4a65ea1  9.2/RPMS/apache2-mod_file_cache-2.0.47-6.5.92mdk.i586.rpm
 88d9923fe86c2aa9eb3a249776ff8976  9.2/RPMS/apache2-mod_ldap-2.0.47-6.5.92mdk.i586.rpm
 179cbd3f6cb9b1e8d3536134e0e35354  9.2/RPMS/apache2-mod_mem_cache-2.0.47-6.5.92mdk.i586.rpm
 9167804d711ee3a478cd7042a0aa523d  9.2/RPMS/apache2-mod_proxy-2.0.47-6.5.92mdk.i586.rpm
 8ec772426dd2600b65021c5f60748c52  9.2/RPMS/apache2-mod_ssl-2.0.47-6.5.92mdk.i586.rpm
 dcc9dba2ecc0e8fa7e8fe9dae75b0959  9.2/RPMS/apache2-modules-2.0.47-6.5.92mdk.i586.rpm
 0b949c30da2754ae3b88a803cb45517a  9.2/RPMS/apache2-source-2.0.47-6.5.92mdk.i586.rpm
 0833bcad1698f811d18bbb12ce11dc3c  9.2/RPMS/libapr0-2.0.47-6.5.92mdk.i586.rpm
 1afd7ce470710ac3ed8f7ae4e344ff92  9.2/SRPMS/apache2-2.0.47-6.5.92mdk.src.rpm

 Mandrakelinux 9.2/AMD64:
 6744490bc56e70abf362927c3755db17  amd64/9.2/RPMS/apache2-2.0.47-6.5.92mdk.amd64.rpm
 35e7d6f05a478db830a165aa05382a17  amd64/9.2/RPMS/apache2-common-2.0.47-6.5.92mdk.amd64.rpm
 cfa01cdb3126e6a735ff69c936c1f9e5  amd64/9.2/RPMS/apache2-devel-2.0.47-6.5.92mdk.amd64.rpm
 5e52e0ef523a8383cede0395c2c04430  amd64/9.2/RPMS/apache2-manual-2.0.47-6.5.92mdk.amd64.rpm
 db785af0a804319de566134b585abb36  amd64/9.2/RPMS/apache2-mod_cache-2.0.47-6.5.92mdk.amd64.rpm
 0c1fe531569925cfd812d1340489ecc5  amd64/9.2/RPMS/apache2-mod_dav-2.0.47-6.5.92mdk.amd64.rpm
 f67dab1f37130bf6eb0ddfb65c4fdda9  amd64/9.2/RPMS/apache2-mod_deflate-2.0.47-6.5.92mdk.amd64.rpm
 ed8d8f03faff8ebbe3d88392fa94dcd4  amd64/9.2/RPMS/apache2-mod_disk_cache-2.0.47-6.5.92mdk.amd64.rpm
 e4ceff685c7aac3f156a05ecd91e73f4  amd64/9.2/RPMS/apache2-mod_file_cache-2.0.47-6.5.92mdk.amd64.rpm
 0cedfd81e38b7af96a20a58d75afb4b6  amd64/9.2/RPMS/apache2-mod_ldap-2.0.47-6.5.92mdk.amd64.rpm
 ebee758fa628bcadd8a53cea587497a2  amd64/9.2/RPMS/apache2-mod_mem_cache-2.0.47-6.5.92mdk.amd64.rpm
 aa732eb8c3cd2d5f456e15cdcce6aa08  amd64/9.2/RPMS/apache2-mod_proxy-2.0.47-6.5.92mdk.amd64.rpm
 41e4d2277f0196b9a6e5d259f9df39c4  amd64/9.2/RPMS/apache2-mod_ssl-2.0.47-6.5.92mdk.amd64.rpm
 1014599e6cfb73e88cd8991cb8f78bfc  amd64/9.2/RPMS/apache2-modules-2.0.47-6.5.92mdk.amd64.rpm
 f91bc1ce80d21e5b2830e7c1aead5178  amd64/9.2/RPMS/apache2-source-2.0.47-6.5.92mdk.amd64.rpm
 6d6fed31d95ee6b23f6fce0abe9e645a  amd64/9.2/RPMS/lib64apr0-2.0.47-6.5.92mdk.amd64.rpm
 1afd7ce470710ac3ed8f7ae4e344ff92  amd64/9.2/SRPMS/apache2-2.0.47-6.5.92mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification  of md5 checksums and 
GPG signatures is performed automatically for you.

 All packages are signed by Mandrakesoft for security.  You can obtain  the GPG public key of the 
Mandrakelinux Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandrakelinux at:

  http://www.mandrakesoft.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_linux-mandrake.com

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team
  <security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----


----------------------------------------------------------------------------------

For additional information or assistance, please contact the HELP Desk by 
telephone or Not Protectively Marked information may be sent via 
EMail to: uniras@xxxxxxxxxxxx

Office Hours:
Mon - Fri: 08:30 - 17:00 Hrs
Tel: +44 (0) 20 7821 1330 Ext 4511
Fax: +44 (0) 20 7821 1686

Outside of Office Hours:
On Call Duty Officer:
Tel: +44 (0) 20 7821 1330 and follow the prompts

----------------------------------------------------------------------------------
UNIRAS wishes to acknowledge the contributions of Mandrakesoft for the information 
contained in this Briefing. 
----------------------------------------------------------------------------------
This Briefing contains the information released by the original author. Some 
of the information may have changed since it was released. If the vulnerability 
affects you, it may be prudent to retrieve the advisory from the canonical site 
to ensure that you receive the most current information concerning that problem.

Reference to any specific commercial product, process, or service by trade 
name, trademark manufacturer, or otherwise, does not constitute or imply 
its endorsement, recommendation, or favouring by UNIRAS or NISCC.  The views 
and opinions of authors expressed within this notice shall not be used for 
advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors 
or omissions contained within this briefing notice. In particular, they shall 
not be liable for any loss or damage whatsoever, arising from or in connection 
with the usage of information contained within this notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams (FIRST) 
and has contacts with other international Incident Response Teams (IRTs) in 
order to foster cooperation and coordination in incident prevention, to prompt 
rapid reaction to incidents, and to promote information sharing amongst its 
members and the community at large. 
----------------------------------------------------------------------------------
<End of UNIRAS Briefing>