Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Security Update: [CSSA-2002-056.0] Linux: apache vulnerabilities in shared memory, DNS, and ApacheBench
From: security () caldera com
Date: Thu, 5 Dec 2002 16:26:45 -0800

To: bugtraq () securityfocus com announce () lists caldera com security-alerts () linuxsecurity com full-disclosure () 
lists netsys com

______________________________________________________________________________

                        SCO Security Advisory

Subject:                Linux: apache vulnerabilities in shared memory, DNS, and ApacheBench
Advisory number:        CSSA-2002-056.0
Issue date:             2002 December 05
Cross reference:
______________________________________________________________________________


1. Problem Description

        The shared memory scoreboard in the HTTP daemon for Apache
        allows any user running as the Apache UID to send a SIGUSR1
        signal to any process as root, resulting in a denial of
        service (process kill) or possibly other behaviors that would
        not normally be allowed, by modifying the parent[].pid and
        parent[].last_rtime segments in the scoreboard.

        Cross-site scripting (XSS) vulnerability in the default error
        page of Apache when UseCanonicalName is "Off" and support for
        wildcard DNS is present, allows remote attackers to execute
        script as other web page visitors via the Host: header.

        Buffer overflows in the ApacheBench support program (ab.c) in
        Apache allow a malicious web server to cause a denial of
        service and possibly execute arbitrary code via a long
        response.


2. Vulnerable Supported Versions

        System                          Package
        ----------------------------------------------------------------------

        OpenLinux 3.1.1 Server          prior to apache-1.3.27-1.0.i386.rpm
                                        prior to apache-devel-1.3.27-1.0.i386.rpm
                                        prior to apache-doc-1.3.27-1.0.i386.rpm

        OpenLinux 3.1.1 Workstation     prior to apache-1.3.27-1.0.i386.rpm
                                        prior to apache-devel-1.3.27-1.0.i386.rpm
                                        prior to apache-doc-1.3.27-1.0.i386.rpm

        OpenLinux 3.1 Server            prior to apache-1.3.27-1.0.i386.rpm
                                        prior to apache-devel-1.3.27-1.0.i386.rpm
                                        prior to apache-doc-1.3.27-1.0.i386.rpm

        OpenLinux 3.1 Workstation       prior to apache-1.3.27-1.0.i386.rpm
                                        prior to apache-devel-1.3.27-1.0.i386.rpm
                                        prior to apache-doc-1.3.27-1.0.i386.rpm


3. Solution

        The proper solution is to install the latest packages. Many
        customers find it easier to use the Caldera System Updater, called
        cupdate (or kcupdate under the KDE environment), to update these
        packages rather than downloading and installing them by hand.


4. OpenLinux 3.1.1 Server

        4.1 Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2002-056.0/RPMS

        4.2 Packages

        c7b17000acd9101eee8c37d3b4601ec8        apache-1.3.27-1.0.i386.rpm
        d857c04c257932ae2a4eaeb1aed19e8c        apache-devel-1.3.27-1.0.i386.rpm
        68c4e2eb95a1ca1493f4eb0c8b54fff2        apache-doc-1.3.27-1.0.i386.rpm

        4.3 Installation

        rpm -Fvh apache-1.3.27-1.0.i386.rpm
        rpm -Fvh apache-devel-1.3.27-1.0.i386.rpm
        rpm -Fvh apache-doc-1.3.27-1.0.i386.rpm

        4.4 Source Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2002-056.0/SRPMS

        4.5 Source Packages

        593f46d5622a2191ee9affda05b96b7c        apache-1.3.27-1.0.src.rpm


5. OpenLinux 3.1.1 Workstation

        5.1 Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2002-056.0/RPMS

        5.2 Packages

        afe15920bac4b43bda8c9c3e78d30067        apache-1.3.27-1.0.i386.rpm
        962f0f2c795b1012fe1c3d36981a732d        apache-devel-1.3.27-1.0.i386.rpm
        2f7bd182f5e458a228edd03b487466d0        apache-doc-1.3.27-1.0.i386.rpm

        5.3 Installation

        rpm -Fvh apache-1.3.27-1.0.i386.rpm
        rpm -Fvh apache-devel-1.3.27-1.0.i386.rpm
        rpm -Fvh apache-doc-1.3.27-1.0.i386.rpm

        5.4 Source Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2002-056.0/SRPMS

        5.5 Source Packages

        89d64819da7385209cca310c4ce097a1        apache-1.3.27-1.0.src.rpm


6. OpenLinux 3.1 Server

        6.1 Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2002-056.0/RPMS

        6.2 Packages

        5bb492139575fb1908c29777242c89db        apache-1.3.27-1.0.i386.rpm
        1a28bc1f4d8e27761da8623385cfd430        apache-devel-1.3.27-1.0.i386.rpm
        18774c4e1c471d3c0532203e3053035a        apache-doc-1.3.27-1.0.i386.rpm

        6.3 Installation

        rpm -Fvh apache-1.3.27-1.0.i386.rpm
        rpm -Fvh apache-devel-1.3.27-1.0.i386.rpm
        rpm -Fvh apache-doc-1.3.27-1.0.i386.rpm

        6.4 Source Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2002-056.0/SRPMS

        6.5 Source Packages

        6a329cad378b982f7864722cd8bc7b71        apache-1.3.27-1.0.src.rpm


7. OpenLinux 3.1 Workstation

        7.1 Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2002-056.0/RPMS

        7.2 Packages

        96b47bab30d5a625917fa37536904765        apache-1.3.27-1.0.i386.rpm
        0b6e58d39dfbc52daf6662b51116e3db        apache-devel-1.3.27-1.0.i386.rpm
        d29dabf7e838b143006c32122547f7dc        apache-doc-1.3.27-1.0.i386.rpm

        7.3 Installation

        rpm -Fvh apache-1.3.27-1.0.i386.rpm
        rpm -Fvh apache-devel-1.3.27-1.0.i386.rpm
        rpm -Fvh apache-doc-1.3.27-1.0.i386.rpm

        7.4 Source Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2002-056.0/SRPMS

        7.5 Source Packages

        146818586bde204a4d0eaf44e32d23e3        apache-1.3.27-1.0.src.rpm


8. References

        Specific references for this advisory:

                http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0839
                http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0840
                http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0843

        SCO security resources:

                http://www.sco.com/support/security/index.html

        This security fix closes SCO incidents sr870244, fz526296,
        erg712139.


9. Disclaimer

        SCO is not responsible for the misuse of any of the information
        we provide on this website and/or through our security
        advisories. Our advisories are a service to our customers intended
        to promote secure installation and use of SCO products.

______________________________________________________________________________

Attachment: _bin
Description:


  By Date           By Thread  

Current thread:
  • Security Update: [CSSA-2002-056.0] Linux: apache vulnerabilities in shared memory, DNS, and ApacheBench security (Dec 06)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault