LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Pardus alert 2010-45 (apache-2.2.15-36-11 apache-2.2.15-34-12)



From:
    	      Eren Turkay <eren@pardus.org.tr> 


To:
    	      pardus-security@pardus.org.tr 


Subject:
    	      [Pardus-security] [PLSA 2010-45] Apache: Multiple Vulnerabilities 


Date:
    	      Mon, 29 Mar 2010 22:10:46 +0300 (EEST)


Message-ID:
    	      <20100329191046.667DEA7ABD4@lider.pardus.org.tr>


Archive-link:
    	      Article, Thread
              


------------------------------------------------------------------------
Pardus Linux Security Advisory 2010-45            security@pardus.org.tr
------------------------------------------------------------------------
      Date: 2010-03-29
  Severity: 4
      Type: Remote
------------------------------------------------------------------------

Summary
=======

Multiple vulnerabilities have been  fixed  in  Apache,  where  one  has 
unknown impacts and others can be exploited by malicious people to gain 
access to potentially sensitive information or cause a DoS  (Denial  of 
Service). 


Description
===========

CVE-2009-3555: 

mod_ssl: Comprehensive fix of the TLS  renegotiation  prefix  injection 
attack when compiled against OpenSSL version 0.9.8m or later. Introduces 

the 'SSLInsecureRenegotiation' directive to reopen  this  vulnerability 
and offer unsafe legacy renegotiation with clients which do not yet 

support the new secure renegotiation protocol, RFC 5746. [Joe Orton, and
with thanks to the OpenSSL Team] 



CVE-2009-3555: 

mod_ssl: A partial fix for the TLS renegotiation prefix injection attack
by  rejecting any  client-initiated  renegotiations.  Forcibly  disable 
keepalive for the connection if there is any buffered data readable. Any
configuration which requires renegotiation  for  per-directory/location 
access control is still vulnerable, unless using OpenSSL >= 0.9.8l. [Joe
Orton, Ruediger Pluem, Hartmut Keil <Hartmut.Keil adnovum.ch>] 



CVE-2010-0408: 

mod_proxy_ajp: Respond with HTTP_BAD_REQUEST when the body is not  sent 
when request headers indicate a request body is incoming; not a case of 
HTTP_INTERNAL_SERVER_ERROR. [Niku Toivola <niku.toivola sulake.com>] 



CVE-2010-0425: 

mod_isapi: Do not  unload  an  isapi  .dll  module  until  the  request 
processing is completed, avoiding orphaned  callback  pointers.  [Brett 
Gervasoni <brettg senseofsecurity.com>, Jeff Trawick] 



CVE-2010-0434: 

Ensure each subrequest has a shallow copy of  headers_in  so  that  the 
parent request headers  are  not  corrupted.  Elimiates  a  problematic 
optimization in the case of no request  body.  PR  48359  [Jake  Scott, 
William Rowe, Ruediger Pluem] 


Affected packages:

    apache-2.2.15-36-11, all before 2009

    apache-2.2.15-34-12, all before 2008



Resolution
==========

There are update(s) for apache-2.2.15-36-11,  apache-2.2.15-34-12.  You 
can update them via Package Manager  or  with  a  single  command  from 
console: 

    pisi up apache-2.2.15-36-11 apache-2.2.15-34-12

References
==========

  * http://bugs.pardus.org.tr/show_bug.cgi?id=12387
  * http://www.apache.org/dist/httpd/CHANGES_2.2.15
  * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0408
  * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425
  * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434

------------------------------------------------------------------------

_______________________________________________
Pardus-security mailing list
Pardus-security@pardus.org.tr
http://liste.pardus.org.tr/mailman/listinfo/pardus-security
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds