[LUG.ro] [SECURITY] [DSA 187-1] New Apache packages fix several vulnerabilities

Luis Diaz lugro@lugro.org.ar
Mon, 4 Nov 2002 16:17:28 -0300


No se si a alguien le importa pero creo que no somo pocos los que usan
apache...
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> - ------------------------------------------------------------------------
--
> Debian Security Advisory DSA 187-1                     security@debian.org
> http://www.debian.org/security/                             Martin Schulze
> November 4th, 2002                      http://www.debian.org/security/faq
> - ------------------------------------------------------------------------
--
>
> Package        : apache
> Vulnerability  : several
> Problem-Type   : remote, local
> Debian-specific: no
> CVE Id         : CAN-2002-0839 CAN-2002-0840 CAN-2002-0843 CAN-2001-0131
CAN-2002-1233
> BugTraq ID     : 5847 5884 5887
>
> According to David Wagner, iDEFENSE and the Apache HTTP Server
> Project, several remotely exploitable vulnerabilities have been found
> in the Apache package, a commonly used webserver.  These
> vulnerabilities could allow an attacker to enact a denial of service
> against a server or execute a cross scripting attack.  The Common
> Vulnerabilities and Exposures (CVE) project identified the following
> vulnerabilities:
>
> 1. CAN-2002-0839: A vulnerability exists on platforms using System V
>    shared memory based scoreboards.  This vulnerability allows an
>    attacker who can execute under the Apache UID to exploit the Apache
>    shared memory scoreboard format and send a signal to any process as
>    root or cause a local denial of service attack.
>
> 2. CAN-2002-0840: Apache is susceptible to a cross site scripting
>    vulnerability in the default 404 page of any web server hosted on a
>    domain that allows wildcard DNS lookups.
>
> 3. CAN-2002-0843: There were some possible overflows in the utility
>    ApacheBench (ab) which could be exploited by a malicious server.
>
> 4. CAN-2002-1233: A race condition in the htpasswd and htdigest
>    program enables a malicious local user to read or even modify the
>    contents of a password file or easily create and overwrite files as
>    the user running the htpasswd (or htdigest respectively) program.
>
> 5. CAN-2001-0131: htpasswd and htdigest in Apache 2.0a9, 1.3.14, and
>    others allows local users to overwrite arbitrary files via a
>    symlink attack.
>
>    This is the same vulnerability as CAN-2002-1233, which was fixed in
>    potato already but got lost later and was never applied upstream.
>
> 5. NO-CAN: Several buffer overflows have been found in the ApacheBench
>    (ab) utility that could be exploited by a remote server returning
>    very long strings.
>
> These problems have been fixed in version 1.3.26-0woody3 for the
> current stable distribution (woody) and in 1.3.9-14.3 for the old
> stable distribution (potato).  Corrected packages for the unstable
> distribution (sid) are expected soon.
>
> We recommend that you upgrade your Apache package immediately.
>
> wget url
>         will fetch the file for you
> dpkg -i file.deb
>         will install the referenced file.
>
> If you are using the apt-get package manager, use the line for
> sources.list as given below:
>
> apt-get update
>         will update the internal database
> apt-get upgrade
>         will install corrected packages
>
> You may use an automated update by adding the resources from the
> footer to the proper configuration.
>
>
> Debian GNU/Linux 2.2 alias potato
> - ---------------------------------
>
>   Source archives:
>
>
http://security.debian.org/pool/updates/main/a/apache/apache_1.3.9-14.3.diff
.gz
>       Size/MD5 checksum:   345741 5f88eecddfe95c8366888bb71e0917ce
>
http://security.debian.org/pool/updates/main/a/apache/apache_1.3.9-14.3.dsc
>       Size/MD5 checksum:      666 d69af430768983c68a2d881c4c9ee236
>
http://security.debian.org/pool/updates/main/a/apache/apache_1.3.9.orig.tar.
gz
>       Size/MD5 checksum:  1691969 6758fe8b931be0b634b6737d9debf703
>
>   Architecture independent components:
>
>
http://security.debian.org/pool/updates/main/a/apache/apache-doc_1.3.9-14.3_
all.deb
>       Size/MD5 checksum:   544588 95611594e54cb8bf69b5ffa47598a17d
>
>   Alpha architecture:
>
>
http://security.debian.org/pool/updates/main/a/apache/apache_1.3.9-14.3_alph
a.deb
>       Size/MD5 checksum:   409920 178a31efa994c54161515d7e5dceb32a
>
http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.9-14
.3_alpha.deb
>       Size/MD5 checksum:   809564 102b7a7ed3be7752ff80f209c755ca8e
>
http://security.debian.org/pool/updates/main/a/apache/apache-dev_1.3.9-14.3_
alpha.deb
>       Size/MD5 checksum:   754386 39db60aedbba0afaa45015149e6cabd6
>
>   ARM architecture:
>
>
http://security.debian.org/pool/updates/main/a/apache/apache_1.3.9-14.3_arm.
deb
>       Size/MD5 checksum:   366248 3cba61971237b64017d19ed554d89d99
>
http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.9-14
.3_arm.deb
>       Size/MD5 checksum:   738516 650be6a02b3f3dd8ede817e29ab81afa
>
http://security.debian.org/pool/updates/main/a/apache/apache-dev_1.3.9-14.3_
arm.deb
>       Size/MD5 checksum:   555462 cf94ce0aff0b69003a015e6fba73cc3c
>
>   Intel IA-32 architecture:
>
>
http://security.debian.org/pool/updates/main/a/apache/apache_1.3.9-14.3_i386
.deb
>       Size/MD5 checksum:   359946 aae786f44f00d4c62b09ccd33fbef609
>
http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.9-14
.3_i386.deb
>       Size/MD5 checksum:   718786 33046433f742f4bf5628d82afad4c18e
>
http://security.debian.org/pool/updates/main/a/apache/apache-dev_1.3.9-14.3_
i386.deb
>       Size/MD5 checksum:   548902 86fd170a541de8c70d5abff2fca8d544
>
>   Motorola 680x0 architecture:
>
>
http://security.debian.org/pool/updates/main/a/apache/apache_1.3.9-14.3_m68k
.deb
>       Size/MD5 checksum:   349398 e508d96353523cd52d1530ab3dc90494
>
http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.9-14
.3_m68k.deb
>       Size/MD5 checksum:   724182 8fa69e2b49a7448d94ed50a89f680eb6
>
http://security.debian.org/pool/updates/main/a/apache/apache-dev_1.3.9-14.3_
m68k.deb
>       Size/MD5 checksum:   549044 ba2ca56e2048b72b0af0abcbfa667603
>
>   PowerPC architecture:
>
>
http://security.debian.org/pool/updates/main/a/apache/apache_1.3.9-14.3_powe
rpc.deb
>       Size/MD5 checksum:   372956 1a4130e6e35649062bdfe9eb31ba416f
>
http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.9-14
.3_powerpc.deb
>       Size/MD5 checksum:   744222 abe11e9934a4aef4e518901f6f7aa514
>
http://security.debian.org/pool/updates/main/a/apache/apache-dev_1.3.9-14.3_
powerpc.deb
>       Size/MD5 checksum:   574710 6c3fe2b6c5e1ea07552da8a2e6470c7e
>
>   Sun Sparc architecture:
>
>
http://security.debian.org/pool/updates/main/a/apache/apache_1.3.9-14.3_spar
c.deb
>       Size/MD5 checksum:   369762 136624ff5072da52ead45ad5e99000bc
>
http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.9-14
.3_sparc.deb
>       Size/MD5 checksum:   766658 b4625a1f3489dc02cb624fb9d5deffdd
>
http://security.debian.org/pool/updates/main/a/apache/apache-dev_1.3.9-14.3_
sparc.deb
>       Size/MD5 checksum:   559904 a2bf67269a3c48a036b9ac64b791ee5d
>
>
> Debian GNU/Linux 3.0 alias woody
> - --------------------------------
>
>   Source archives:
>
>
http://security.debian.org/pool/updates/main/a/apache/apache_1.3.26-0woody3.
diff.gz
>       Size/MD5 checksum:   324523 41008783f82dc718ac683db882797722
>
http://security.debian.org/pool/updates/main/a/apache/apache_1.3.26-0woody3.
dsc
>       Size/MD5 checksum:      668 f379e80785f1308c90da3c26f081e647
>
http://security.debian.org/pool/updates/main/a/apache/apache_1.3.26.orig.tar
.gz
>       Size/MD5 checksum:  2586182 5cd778bbe6906b5ef39dbb7ef801de61
>
>   Architecture independent components:
>
>
http://security.debian.org/pool/updates/main/a/apache/apache-doc_1.3.26-0woo
dy3_all.deb
>       Size/MD5 checksum:  1022554 a13fce3a93f137ef243bc743e7b5a57d
>
>   Alpha architecture:
>
>
http://security.debian.org/pool/updates/main/a/apache/apache_1.3.26-0woody3_
alpha.deb
>       Size/MD5 checksum:   395402 fef4da568cae603f57adbae95a76a592
>
http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.26-0
woody3_alpha.deb
>       Size/MD5 checksum:   925748 38631e1fb7f2a1e8df604eaeda11591f
>
http://security.debian.org/pool/updates/main/a/apache/apache-dev_1.3.26-0woo
dy3_alpha.deb
>       Size/MD5 checksum:   713834 5b6bca42fbcaf810079c2654cfef2d1d
>
>   ARM architecture:
>
>
http://security.debian.org/pool/updates/main/a/apache/apache_1.3.26-0woody3_
arm.deb
>       Size/MD5 checksum:   361042 f3a265c6a6e36f58a6b751095f46b0ad
>
http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.26-0
woody3_arm.deb
>       Size/MD5 checksum:   838450 b448f9c0d51e144332d3f6f19ecdb59e
>
http://security.debian.org/pool/updates/main/a/apache/apache-dev_1.3.26-0woo
dy3_arm.deb
>       Size/MD5 checksum:   544250 e9637f6e8771c5e24cebb811cf4a3311
>
>   Intel IA-32 architecture:
>
>
http://security.debian.org/pool/updates/main/a/apache/apache_1.3.26-0woody3_
i386.deb
>       Size/MD5 checksum:   353130 95d81b2239554383c56c7d193c476ddb
>
http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.26-0
woody3_i386.deb
>       Size/MD5 checksum:   813172 98146bac67cff4cf252e4ff2bbbb6560
>
http://security.debian.org/pool/updates/main/a/apache/apache-dev_1.3.26-0woo
dy3_i386.deb
>       Size/MD5 checksum:   535652 c1159fd49c0cf0aec2bca984f93d6f25
>
>   Intel IA-64 architecture:
>
>
http://security.debian.org/pool/updates/main/a/apache/apache_1.3.26-0woody3_
ia64.deb
>       Size/MD5 checksum:   436772 e0052fc13623fdf6658897af57ccfe57
>
http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.26-0
woody3_ia64.deb
>       Size/MD5 checksum:  1011984 430974e4b9b3a79ed4058289bbab6acf
>
http://security.debian.org/pool/updates/main/a/apache/apache-dev_1.3.26-0woo
dy3_ia64.deb
>       Size/MD5 checksum:   949028 ea2448657dbe3d4ce4f8298e4d49384e
>
>   HP Precision architecture:
>
>
http://security.debian.org/pool/updates/main/a/apache/apache_1.3.26-0woody3_
hppa.deb
>       Size/MD5 checksum:   386082 d1a30db030dc4bff1c81218a4a051643
>
http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.26-0
woody3_hppa.deb
>       Size/MD5 checksum:   890940 4d4a7cc736df264e3162dc809629dc65
>
http://security.debian.org/pool/updates/main/a/apache/apache-dev_1.3.26-0woo
dy3_hppa.deb
>       Size/MD5 checksum:   586982 4ddcb6a10031dee8d29059db2ae906fe
>
>   Motorola 680x0 architecture:
>
>
http://security.debian.org/pool/updates/main/a/apache/apache_1.3.26-0woody3_
m68k.deb
>       Size/MD5 checksum:   347810 9a13cf03c077aba227aa8ce40aabd7e7
>
http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.26-0
woody3_m68k.deb
>       Size/MD5 checksum:   820744 3e50ff2e1980cde0009e8d681ba7a1ad
>
http://security.debian.org/pool/updates/main/a/apache/apache-dev_1.3.26-0woo
dy3_m68k.deb
>       Size/MD5 checksum:   537150 ea8b8c14ac0b198a50fc73197cdbdaab
>
>   Big endian MIPS architecture:
>
>
http://security.debian.org/pool/updates/main/a/apache/apache_1.3.26-0woody3_
mips.deb
>       Size/MD5 checksum:   376358 1d82148e1e8bf0eacd544681ac668e25
>
http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.26-0
woody3_mips.deb
>       Size/MD5 checksum:   843814 e689b5b5fdcec8d6e9bf44ec672eee8b
>
http://security.debian.org/pool/updates/main/a/apache/apache-dev_1.3.26-0woo
dy3_mips.deb
>       Size/MD5 checksum:   576300 b8a0b03fd2d119a7519a16acec316e0b
>
>   Little endian MIPS architecture:
>
>
http://security.debian.org/pool/updates/main/a/apache/apache_1.3.26-0woody3_
mipsel.deb
>       Size/MD5 checksum:   376424 0e669f97720075d01ee294054da1cd1e
>
http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.26-0
woody3_mipsel.deb
>       Size/MD5 checksum:   842510 d563cfe249296461fa2aa998e7f479f6
>
http://security.debian.org/pool/updates/main/a/apache/apache-dev_1.3.26-0woo
dy3_mipsel.deb
>       Size/MD5 checksum:   565518 54a136314491e2f9ce42d3ba9a2b148f
>
>   PowerPC architecture:
>
>
http://security.debian.org/pool/updates/main/a/apache/apache_1.3.26-0woody3_
powerpc.deb
>       Size/MD5 checksum:   366902 210e698fe3f282f5a0ec0455351f0f71
>
http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.26-0
woody3_powerpc.deb
>       Size/MD5 checksum:   845816 eeb281d15a03845769ad8db36ced9f69
>
http://security.debian.org/pool/updates/main/a/apache/apache-dev_1.3.26-0woo
dy3_powerpc.deb
>       Size/MD5 checksum:   558800 9782db00bede5da95c77fda15756e603
>
>   IBM S/390 architecture:
>
>
http://security.debian.org/pool/updates/main/a/apache/apache_1.3.26-0woody3_
s390.deb
>       Size/MD5 checksum:   360932 dac73742388690f1ffe240f18e3b4d3a
>
http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.26-0
woody3_s390.deb
>       Size/MD5 checksum:   828556 e7ba2937fa91341e1dd2e1f0ab4a5fb3
>
http://security.debian.org/pool/updates/main/a/apache/apache-dev_1.3.26-0woo
dy3_s390.deb
>       Size/MD5 checksum:   554128 630504452f6cf1067c17124e805a0f33
>
>   Sun Sparc architecture:
>
>
http://security.debian.org/pool/updates/main/a/apache/apache_1.3.26-0woody3_
sparc.deb
>       Size/MD5 checksum:   360822 6a4bd36487e3f0e98be588eb367c3c6a
>
http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.26-0
woody3_sparc.deb
>       Size/MD5 checksum:   847188 4d3dd23c4f4e7e2245aeeb2c96b67743
>
http://security.debian.org/pool/updates/main/a/apache/apache-dev_1.3.26-0woo
dy3_sparc.deb
>       Size/MD5 checksum:   544730 10b2d3630f525b1ec15f813540450d10
>
>
>   These files will probably be moved into the stable distribution on
>   its next revision.
>
> - ------------------------------------------------------------------------
---------
> For apt-get: deb http://security.debian.org/ stable/updates main
> For dpkg-ftp: ftp://security.debian.org/debian-security
dists/stable/updates/main
> Mailing list: debian-security-announce@lists.debian.org
> Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.7 (GNU/Linux)
>
> iD8DBQE9xpHAW5ql+IAeqTIRAt8hAJ42/48N32kah2xia3lS/jQqxj7LyACgiiOg
> fM0GFwvDUde7P+lv/L0Rg/E=
> =w6Iz
> -----END PGP SIGNATURE-----
>
>
> --
> To UNSUBSCRIBE, email to debian-security-announce-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
>
>