Bugtraq mailing list archives
Security Update: [CSSA-2002-SCO.31] UnixWare 7.1.1 Open UNIX 8.0.0 : Apache Web Server Chunk Handling Vulnerability / mod_ssl off-by-one error
From: security () caldera com
Date: Mon, 1 Jul 2002 15:15:43 -0700
To: bugtraq () securityfocus com announce () lists caldera com scoannmod () xenitec on ca
______________________________________________________________________________
Caldera International, Inc. Security Advisory
Subject: UnixWare 7.1.1 Open UNIX 8.0.0 : Apache Web Server Chunk Handling Vulnerability / mod_ssl
off-by-one error
Advisory number: CSSA-2002-SCO.31
Issue date: 2002 July 01
Cross reference:
______________________________________________________________________________
1. Problem Description
This advisory addresses two separate vulnerabilities:
1) There is a remotely exploitable vulnerability in the
handling of large chunks of data in web servers that are
based on Apache source code.
2) mod_ssl registers a rewrite_command hook when backward
compatibility is enabled. The ssl_compat_directive() is
called for every line read in a configuration file, and
contains an off-by-one error while doing so.
2. Vulnerable Supported Versions
System Subsystem
----------------------------------------------------------------------
UnixWare 7.1.1 Apache
Open UNIX 8.0.0 Apache
3. Solution
The proper solution is to install the latest packages.
4. UnixWare 7.1.1
4.1 Location of Fixed Binaries
ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.31
4.2 Verification
MD5 (apache-1.3.26.pkg.Z) = 75391ed80d727d9cd00a73c2cc24816b
md5 is available for download from
ftp://ftp.caldera.com/pub/security/tools
4.3 Installing Fixed Binaries
Upgrade the affected binaries with the following commands:
Download apache-1.3.26.pkg.Z to the /var/spool/pkg directory
# uncompress /var/spool/pkg/apache-1.3.26.pkg.Z
# pkgadd -d /var/spool/pkg/apache-1.3.26.pkg
5. Open UNIX 8.0.0
5.1 Location of Fixed Binaries
ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.31
5.2 Verification
MD5 (apache-1.3.26.pkg.Z) = 75391ed80d727d9cd00a73c2cc24816b
md5 is available for download from
ftp://ftp.caldera.com/pub/security/tools
5.3 Installing Fixed Binaries
Upgrade the affected binaries with the following commands:
Download apache-1.3.26.pkg.Z to the /var/spool/pkg directory
# uncompress /var/spool/pkg/apache-1.3.26.pkg.Z
# pkgadd -d /var/spool/pkg/apache-1.3.26.pkg
6. References
Specific references for this advisory:
http://www.cert.org/advisories/CA-2002-17.html
http://httpd.apache.org/info/security_bulletin_20020617.txt
http://www.modssl.org/
Caldera security resources:
http://www.caldera.com/support/security/index.html
This security fix closes Caldera incidents sr865893, fz521273,
erg712079.
7. Disclaimer
Caldera International, Inc. is not responsible for the
misuse of any of the information we provide on this website
and/or through our security advisories. Our advisories are
a service to our customers intended to promote secure
installation and use of Caldera products.
8. Acknowledgements
Neel Mehta of the ISS X-Force discovered the Apache
vulnerability. Mark Litchfield reported the vulnerability
to the Apache Software Foundation, and Mark Cox reported
it to the CERT/CC.
The mod_ssl vulnerability information was obtained from an
advisory by Frank Denis (j () pureftpd org)
______________________________________________________________________________
Attachment:
_bin
Description:
Current thread:
- Security Update: [CSSA-2002-SCO.31] UnixWare 7.1.1 Open UNIX 8.0.0 : Apache Web Server Chunk Handling Vulnerability / mod_ssl off-by-one error security (Jul 02)