Bug 77338 - Apache and mod_ssl updates
Apache and mod_ssl updates
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 2.1
Classification: Red Hat
Component: apache (Show other bugs)
2.1
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
Brian Brock
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2002-11-05 08:41 EST by Mark J. Cox (Product Security)
Modified: 2007-11-30 17:06 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2003-09-09 11:13:48 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Mark J. Cox (Product Security) 2002-11-05 08:41:49 EST
Buffer overflows in the ApacheBench support program (ab.c) in Apache
versions prior to 1.3.27, and Apache versions 2.x prior to 2.0.43, allow a
malicious Web server to cause a denial of service and possibly execute
arbitrary code via a long response. The Common Vulnerabilities and
Exposures project has assigned the name CAN-2002-0843 to this issue.

Two cross-site scripting vulnerabilities are present in the error pages
for the default "404 Not Found" error, and for the error response when a
plain HTTP request is received on an SSL port. Both of these issues are
only exploitable if the "UseCanonicalName" setting has been changed to
"Off", and wildcard DNS is in use. These issues would allow remote
attackers to execute scripts as other Web page visitors, for instance, to
steal cookies. These issues affect versions of Apache 1.3 before 1.3.26,
versions of Apache 2.0 before 2.0.43, and versions of mod_ssl before
2.8.12. The Common Vulnerabilities and Exposures project has assigned the
names CAN-2002-0840 and CAN-2002-1157 to these issues.

The shared memory scoreboard in the HTTP daemon for Apache 1.3.x, prior to
version 1.3.27, allowed a user running as the "apache" UID to send a
SIGUSR1 signal to any process as root, resulting in a denial of service
(process kill) or other such behavior that would not normally be allowed.
The Common Vulnerabilities and Exposures project has assigned the name
CAN-2002-0839 to this issue.
Comment 1 Nalin Dahyabhai 2002-11-05 11:42:32 EST
*** Bug 77318 has been marked as a duplicate of this bug. ***
Comment 3 Mark J. Cox (Product Security) 2003-09-09 11:13:49 EDT
An errata has been issued which should help the problem described in this bug report. 
This report is therefore being closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files, please follow the link below. You may reopen 
this bug report if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2002-251.html
Comment 4 Mark J. Cox (Product Security) 2003-09-09 11:14:31 EDT
(missed closing this off earlier as it wasn't marked at security level)

Note You need to log in before you can comment on or make changes to this bug.