CVE-2005-2088
CVSS4.3
发布时间 :2005-07-05 00:00:00
修订时间 :2016-10-17 23:24:58
NMCOPS    

[原文]The Apache HTTP server before 1.3.34, and 2.0.x before 2.0.55, when acting as an HTTP proxy, allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Apache to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling."


[CNNVD]Apache HTTPD 多个安全漏洞(CNNVD-200507-041)

        Apache是一款应用广泛的Web服务器程序。
        Apache HTTPD 1.3.34之前版本及2.0.55之前的2.0.x系列存在多个安全漏洞。
        远程攻击者可利用漏洞破坏Web cache,绕过Web应用程序防火墙保护,还可以导致跨站脚本攻击。

- CVSS (基础分值)

CVSS分值: 4.3 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:apache:http_server:1.3.29Apache Software Foundation Apache HTTP Server 1.3.29
cpe:/a:apache:http_server:1.3.33Apache Software Foundation Apache HTTP Server 1.3.33
cpe:/a:apache:http_server:2.0.50Apache Software Foundation Apache HTTP Server 2.0.50
cpe:/a:apache:http_server:2.0.51Apache Software Foundation Apache HTTP Server 2.0.51
cpe:/a:apache:http_server:2.0.52Apache Software Foundation Apache HTTP Server 2.0.52
cpe:/a:apache:http_server:2.0.53Apache Software Foundation Apache HTTP Server 2.0.53
cpe:/a:apache:http_server:2.0.54Apache Software Foundation Apache HTTP Server 2.0.54
cpe:/a:apache:http_server:2.0.45Apache Software Foundation Apache HTTP Server 2.0.45
cpe:/a:apache:http_server:2.0.46Apache Software Foundation Apache HTTP Server 2.0.46
cpe:/a:apache:http_server:2.0.47Apache Software Foundation Apache HTTP Server 2.0.47
cpe:/a:apache:http_server:2.0.48Apache Software Foundation Apache HTTP Server 2.0.48
cpe:/a:apache:http_server:2.0.49Apache Software Foundation Apache HTTP Server 2.0.49
cpe:/a:apache:http_server:1.3.30Apache Software Foundation Apache HTTP Server 1.3.30
cpe:/a:apache:http_server:1.3.31Apache Software Foundation Apache HTTP Server 1.3.31
cpe:/a:apache:http_server:1.3.32Apache Software Foundation Apache HTTP Server 1.3.32

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:840Apache HTTP Request Smuggling
oval:org.mitre.oval:def:1629Webproxy HTTP Request Smuggling
oval:org.mitre.oval:def:1526VirusVault HTTP Request Smuggling
oval:org.mitre.oval:def:1237Webproxy HTTP Request Smuggling (B.11.04)
oval:org.mitre.oval:def:11452The Apache HTTP server before 1.3.34, and 2.0.x before 2.0.55, when acting as an HTTP proxy, allows remote attackers to poison the web cache...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2088
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2088
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200507-041
(官方数据源) CNNVD

- 其它链接及资源

http://docs.info.apple.com/article.html?artnum=302847
(UNKNOWN)  APPLE  APPLE-SA-2005-11-29
http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html
(UNKNOWN)  TRUSTIX  TSLSA-2005-0059
http://marc.info/?l=apache-httpd-announce&m=112931556417329&w=3
(UNKNOWN)  MLIST  [apache-httpd-announce] 20051014 Apache HTTP Server 2.0.55 Released
http://seclists.org/lists/bugtraq/2005/Jun/0025.html
(UNKNOWN)  BUGTRAQ  20050606 A new whitepaper by Watchfire - HTTP Request Smuggling
http://securityreason.com/securityalert/604
(UNKNOWN)  SREASON  604
http://securitytracker.com/id?1014323
(UNKNOWN)  SECTRACK  1014323
http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.600000
(UNKNOWN)  SLACKWARE  SSA:2005-310-04
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1
(UNKNOWN)  SUNALERT  102197
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1
(UNKNOWN)  SUNALERT  102198
http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm
(UNKNOWN)  CONFIRM  http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm
http://www-1.ibm.com/support/search.wss?rs=0&q=PK13959&apar=only
(UNKNOWN)  AIXAPAR  PK13959
http://www-1.ibm.com/support/search.wss?rs=0&q=PK16139&apar=only
(UNKNOWN)  AIXAPAR  PK16139
http://www.apache.org/dist/httpd/CHANGES_1.3
(UNKNOWN)  CONFIRM  http://www.apache.org/dist/httpd/CHANGES_1.3
http://www.apache.org/dist/httpd/CHANGES_2.0
(UNKNOWN)  CONFIRM  http://www.apache.org/dist/httpd/CHANGES_2.0
http://www.debian.org/security/2005/dsa-803
(UNKNOWN)  DEBIAN  DSA-803
http://www.debian.org/security/2005/dsa-805
(UNKNOWN)  DEBIAN  DSA-805
http://www.mandriva.com/security/advisories?name=MDKSA-2005:130
(UNKNOWN)  MANDRIVA  MDKSA-2005:130
http://www.novell.com/linux/security/advisories/2005_18_sr.html
(UNKNOWN)  SUSE  SUSE-SR:2005:018
http://www.novell.com/linux/security/advisories/2005_46_apache.html
(UNKNOWN)  SUSE  SUSE-SA:2005:046
http://www.redhat.com/support/errata/RHSA-2005-582.html
(UNKNOWN)  REDHAT  RHSA-2005:582
http://www.securiteam.com/securityreviews/5GP0220G0U.html
(UNKNOWN)  MISC  http://www.securiteam.com/securityreviews/5GP0220G0U.html
http://www.securityfocus.com/archive/1/archive/1/428138/100/0/threaded
(UNKNOWN)  HP  SSRT051251
http://www.securityfocus.com/bid/14106
(UNKNOWN)  BID  14106
http://www.securityfocus.com/bid/15647
(UNKNOWN)  BID  15647
http://www.ubuntu.com/usn/usn-160-2
(UNKNOWN)  UBUNTU  USN-160-2
http://www.vupen.com/english/advisories/2005/2140
(UNKNOWN)  VUPEN  ADV-2005-2140
http://www.vupen.com/english/advisories/2005/2659
(UNKNOWN)  VUPEN  ADV-2005-2659
http://www.vupen.com/english/advisories/2006/0789
(UNKNOWN)  VUPEN  ADV-2006-0789
http://www.vupen.com/english/advisories/2006/1018
(UNKNOWN)  VUPEN  ADV-2006-1018
http://www.vupen.com/english/advisories/2006/4680
(UNKNOWN)  VUPEN  ADV-2006-4680
http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf
(UNKNOWN)  MISC  http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00612828
(UNKNOWN)  HP  HPSBUX02101
https://secure-support.novell.com/KanisaPlatform/Publishing/741/3222109_f.SAL_Public.html
(UNKNOWN)  CONFIRM  https://secure-support.novell.com/KanisaPlatform/Publishing/741/3222109_f.SAL_Public.html

- 漏洞信息

Apache HTTPD 多个安全漏洞
中危 输入验证
2005-07-05 00:00:00 2009-05-23 00:00:00
远程  
        Apache是一款应用广泛的Web服务器程序。
        Apache HTTPD 1.3.34之前版本及2.0.55之前的2.0.x系列存在多个安全漏洞。
        远程攻击者可利用漏洞破坏Web cache,绕过Web应用程序防火墙保护,还可以导致跨站脚本攻击。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
        http://httpd.apache.org/

- 漏洞信息 (F42016)

Apple Security Advisory 2005-11-29 (PacketStormID:F42016)
2005-12-02 00:00:00
Apple  apple.com
advisory,vulnerability
apple
CVE-2005-2088,CVE-2005-2700,CVE-2005-2757,CVE-2005-3185,CVE-2005-3700,CVE-2005-2969,CVE-2005-3701,CVE-2005-2491,CVE-2005-3702,CVE-2005-3703,CVE-2005-3705,CVE-2005-1993,CVE-2005-3704
[点击下载]

Apple Security Advisory - Apple has released a security update which addresses over a dozen vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2005-11-29 Security Update 2005-009

Security Update 2005-009 is now available and delivers the following
security enhancements:

Apache2
CVE-ID:  CVE-2005-2088
Available for:  Mac OS X Server v10.3.9, Mac OS X Server v10.4.3
Impact:  Cross-site scripting may be possible in certain
configurations
Description:  The Apache 2 web server may allow an attacker to bypass
protections using specially-crafted HTTP headers.  This behavior is
only present when Apache is used in conjunction with certain proxy
servers, caching servers, or web application firewalls.  This update
addresses the issue by incorporating Apache version 2.0.55.

apache_mod_ssl
CVE-ID:  CVE-2005-2700
Available for:  Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X
v10.4.3, Mac OS X Server v10.4.3
Impact:  SSL client authentication may be bypassed in certain
configurations
Description:  The Apache web server's mod_ssl module may allow an
attacker unauthorized access to a resource that is configured to
require SSL client authentication.  Only Apache configurations that
include the "SSLVerifyClient require" directive may be affected.
This update address the issue by incorporating mod_ssl 2.8.24 and
Apache version 2.0.55 (Mac OS X Server).

CoreFoundation
CVE-ID:  CVE-2005-2757
Available for:  Mac OS X v10.4.3, Mac OS X Server v10.4.3
Impact:  Resolving a maliciously-crafted URL may result in crashes or
arbitrary code execution
Description:  By carefully crafting a URL, an attacker can trigger a
heap buffer overflow in CoreFoundation which may result in a crash or
arbitrary code execution.  CoreFoundation is used by Safari and other
applications.  This update addresses the issue by performing
additional validation of URLs.  This issue does not affect systems
prior to Mac OS X v10.4.

curl
CVE-ID:  CVE-2005-3185
Available for:  Mac OS X v10.4.3, Mac OS X Server v10.4.3
Impact:  Visiting a malicious HTTP server and using NTLM
authentication may result in arbitrary code execution
Description:  Using curl with NTLM authentication enabled to download
an HTTP resource may allow an attacker to supply an overlong user or
domain name.  This may cause a stack buffer overflow and lead to
arbitrary code execution.  This update addresses the issue by
performing additional validation when using NTLM authentication.
This issue does not affect systems prior to Mac OS X v10.4.

iodbcadmintool
CVE-ID:  CVE-2005-3700
Available for:  Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X
v10.4.3, Mac OS X Server v10.4.3
Impact:  Local users may gain elevated privileges
Description:  The ODBC Administrator utility includes a helper tool
called iodbcadmintool that executes with raised privileges.  This
helper tool contains a vulnerability that may allow local users to
execute arbitrary commands with raised privileges.  This update
addresses the issue by providing an updated iodbcadmintool that is
not susceptible.

OpenSSL
CVE-ID:  CVE-2005-2969
Available for:  Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X
v10.4.3, Mac OS X Server v10.4.3
Impact:  Applications using OpenSSL may be forced to use the weaker
SSLv2 protocol
Description:  Applications that do not disable SSLv2 or that enable
certain compatibility options when using OpenSSL may be vulnerable to
a protocol downgrade attack.  Such attacks may cause an SSL
connection to use the SSLv2 protocol which provides less protection
than SSLv3 or TLS.  Further information on this issue is available at
http://www.openssl.org/news/secadv_20051011.txt.  This update
addresses the issue by incorporating OpenSSL version 0.9.7i.

passwordserver
CVE-ID:  CVE-2005-3701
Available for:  Mac OS X Server v10.3.9, Mac OS X Server v10.4.3
Impact:  Local users on Open Directory master servers may gain
elevated privileges
Description:  When creating an Open Directory master server,
credentials may be compromised.  This could lead to unprivileged
local users gaining elevated privileges on the server.  This update
addresses the issue by ensuring the credentials are protected.

Safari
CVE-ID:  CVE-2005-2491
Available for:  Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X
v10.4.3, Mac OS X Server v10.4.3
Impact:  Processing a regular expressions may result in arbitrary
code execution
Description:  The JavaScript engine in Safari uses a version of the
PCRE library that is vulnerable to a potentially exploitable heap
overflow.  This may lead to the execution of arbitrary code.  This
update addresses the issue by providing a new version of the
JavaScript engine that incorporates more robust input validation.

Safari
CVE-ID:  CVE-2005-3702
Available for:  Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X
v10.4.3, Mac OS X Server v10.4.3
Impact:  Safari may download files outside of the designated download
directory
Description:  When files are downloaded in Safari they are normally
placed in the location specified as the download directory.  However,
if a web site suggests an overlong filename for a download, it is
possible for Safari to create this file in other locations.  Although
the filename and location of the downloaded file content cannot be
directly specified by remote servers, this may still lead to
downloading content into locations accessible to other users.  This
update addresses the issue by rejecting overlong filenames.

Safari
CVE-ID:  CVE-2005-3703
Available for:  Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X
v10.4.3, Mac OS X Server v10.4.3
Impact:  JavaScript dialog boxes in Safari may be misleading
Description:  In Safari, JavaScript dialog boxes do not indicate the
web site that created them.  This could mislead users into
unintentionally disclosing information to a web site.  This update
addresses the issue by displaying the originating site name in
JavaScript dialog boxes.  Credit to Jakob Balle of Secunia Research
for reporting this issue.

Safari
CVE-ID:  CVE-2005-3705
Available for:  Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X
v10.4.3, Mac OS X Server v10.4.3
Impact:  Visiting malicious web sites with WebKit-based applications
may lead to arbitrary code execution
Description:  WebKit contains a heap overflow that may lead to the
execution of arbitrary code.  This may be triggered by content
downloaded from malicious web sites in applications that use WebKit
such as Safari.  This update addresses the issue by removing the heap
overflow from WebKit.  Credit to Neil Archibald of Suresec LTD and
Marco Mella for reporting this issue.

sudo
CVE-ID:  CVE-2005-1993
Available for:  Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X
v10.4.3, Mac OS X Server v10.4.3
Impact:  Local users may be able to gain elevated privileges in
certain sudo configurations
Description:  Sudo allows system administrators to grant users the
ability to run specific commands with elevated privileges.  Although
the default configuration is not vulnerable to this issue, custom
sudo configurations may not properly restrict users.  Further
information on this issue is available from:
http://www.sudo.ws/sudo/alerts/path_race.html
This update addresses the issue by incorporating sudo version
1.6.8p9.

syslog
CVE-ID:  CVE-2005-3704
Available for:  Mac OS X v10.4.3, Mac OS X Server v10.4.3
Impact:  System log entries may be forged
Description:  The system log server records syslog messages verbatim.
By supplying control characters such as the newline character, a
local attacker could forge entries with the intention to mislead the
system administrator.  This update addresses the issue by specially
handling control characters and other non-printable characters.  This
issue does not affect systems prior to Mac OS X v10.4.  Credit to
HELIOS Software GmbH for reporting this issue.

Additional Information

Also included in this update are enhancements to Safari to improve
handling of credit card security codes (Mac OS X v10.3.9 and Mac OS X
v10.4.3), CoreTypes to improve handling of Terminal files (Mac OS X
v10.4.3), QuickDraw Manager to improve rendering of PICT files (Mac
OS X v10.3.9), documentation regarding OpenSSH and PAM (Mac OS X
v10.4.3), and ServerMigration to remove unneeded privileges.

Security Update 2005-009 may be obtained from the Software Update
pane in System Preferences, or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/

For Mac OS X v10.4.3
The download file is named:  "SecUpd2005-009Ti.dmg"
Its SHA-1 digest is:  544f51a7bc73a57dbca95e05693904aadb2f94b1

For Mac OS X Server v10.4.3
The download file is named:  "SecUpdSrvr2005-009Ti.dmg"
Its SHA-1 digest is:  b7620426151b8f1073c9ff73b2adf43b3086cc60

For Mac OS X v10.3.9
The download file is named:  "SecUpd2005-009Pan.dmg"
Its SHA-1 digest is:  ea17ad7852b3e6277f53c2863e51695ac7018650

For Mac OS X Server v10.3.9
The download file is named:  "SecUpdSrvr2005-009Pan.dmg"
Its SHA-1 digest is:  b03711729697ea8e6b683eb983343f2f3de3af13

Information will also be posted to the Apple Product Security
web site:
http://docs.info.apple.com/article.html?artnum=61798

This message is signed with Apple's Product Security PGP key,
and details are available at:
http://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.1 (Build 2185)

iQEVAwUBQ4zotIHaV5ucd/HdAQJiPAf/S7bsLZk3R7I8FBidCKQ/bxSxjhTFx8sK
vqsVFNDsXzv+tEa3IP58D8lI8lF94o+50p59qaPWxHzl4HxPVKlH4YCiBesYmVRp
FcGo0qbzj5wJzdWADPV+I8O+/CR5k8J35PuKDIzPabnO67nxoXc/DF6go50e5Hr9
Yqs2477ufq0ANd8wG9dF5pfcYwD8KRLfOmfJ9ZVhbG8Up0uO4JH71cTQZIFcKkYf
g6N9SCnqx5JqCwsRx85a8WuY1x97K3zqP53/bt4Wzi76VaaSaYj01nVywworTik4
YzOWOckJmWU9+66iby9mKY2mzz+u/vwtiMp577yT4y9FiSg6yp7mWQ==
=jnz9
-----END PGP SIGNATURE-----
   
    

- 漏洞信息 (F41672)

HP Security Bulletin 2005-12.51 (PacketStormID:F41672)
2005-11-20 00:00:00
Hewlett Packard  hp.com
advisory,denial of service,arbitrary,vulnerability
hpux
CVE-2005-2491,CVE-2005-1268,CVE-2005-2728,CVE-2005-2088
[点击下载]

HP Security Bulletin - Potential security vulnerabilities have been identified with Apache running on HP-UX. These vulnerability could be exploited remotely to allow execution of arbitrary code, Denial of Service (DoS), or unauthorized access.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c00555254
Version: 1

HPSBUX02074 SSRT051251 - Apache-based Web Server on HP-UX mod_ssl,
proxy_http, Remote Execution of Arbitrary Code, Denial of Service
(DoS), and Unauthorized Access

NOTICE: The information in this Security Bulletin should be acted
upon as soon as possible.

Release Date: 2005-11-10
Last Updated: 2005-11-15

Potential Security Impact: Remote execution of arbitrary code,
Denial of Service (DoS), and unauthorized access.

Source: Hewlett-Packard Company,
        HP Software Security Response Team

VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified with
Apache running on HP-UX. These vulnerability could be exploited
remotely to allow execution of arbitrary code, Denial of Service
(DoS), or unauthorized access.

References: CVE-2005-2491, CVE-2005-1268, CVE-2005-2728,
            CVE-2005-2088.

SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.00, B.11.11, B.11.23 running Apache-based Web Server
prior to v.2.0.55.

BACKGROUND

The following potential security vulnerabilities are resolved in
the software updates listed below:

CVE-2005-2088 (cve.mitre.org): HTTP Request Smuggling.

CVE-2005-2491 (cve.mitre.org): Integer overflow in pcre_compile.c.

CVE-2005-2728 (cve.mitre.org): Remote denial of service.

CVE-2005-1268 (cve.mitre.org): Remote denial of service.

AFFECTED VERSIONS

For IPv4:
HP-UX B.11.00
HP-UX B.11.11
=============
hpuxwsAPACHE
action: install revision A.2.0.55.00 or subsequent

For IPv6:
HP-UX B.11.11
=============
hpuxwsAPACHE,revision=B.1.0.00.01
hpuxwsAPACHE,revision=B.1.0.07.01
hpuxwsAPACHE,revision=B.1.0.08.01
hpuxwsAPACHE,revision=B.1.0.09.01
hpuxwsAPACHE,revision=B.1.0.10.01
hpuxwsAPACHE,revision=B.2.0.48.00
hpuxwsAPACHE,revision=B.2.0.49.00
hpuxwsAPACHE,revision=B.2.0.50.00
hpuxwsAPACHE,revision=B.2.0.51.00
hpuxwsAPACHE,revision=B.2.0.52.00
hpuxwsAPACHE,revision=B.2.0.53.00
hpuxwsAPACHE,revision=B.2.0.54.00
action: install revision B.2.0.55.00 or subsequent

HP-UX B.11.23
=============
hpuxwsAPACHE
action: install revision B.2.0.55.00 or subsequent

END AFFECTED VERSIONS

RESOLUTION

HP has made the following software updates available to resolve
the issue.

Software updates for the Apache-based Web Server are available
from: http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/
displayProductInfo.pl?productNumber=HPUXWSSUITE


HP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based
Web Server v.2.0.55.00 or subsequent.

Apache Update Procedure

 Check for Apache Installation
 ----------------------------

To determine if the Apache web server from HP is installed on your
system, use Software Distributor's swlist command. All three
revisions of the product may co-exist on a single system.

For example, the results of the command

swlist -l product | grep -i apache

hpuxwsAPACHE B.2.0.54.00 HP-UX Apache-based Web Server

 Stop Apache
 -------------
Before updating, make sure to stop any previous Apache binary.
Otherwise, the previous binary will continue running, preventing
the new one from starting, although the installation would be
successful. After determining which Apache is installed, stop
Apache with the following commands:

for hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop

 Download and Install Apache
 -----------------------------
Download Apache from Software Depot:
http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/
displayProductInfo.pl?productNumber=HPUXWSSUITE
Verify successful download by comparing the cksum with the value
specified on the installation web page.

Use SD to swinstall the depot.
Installation of this new revision of HP Apache over an existing HP
Apache installation is supported, while installation over a non-HP
Apache is NOT supported.


 Removing Apache Installation
 ----------------------------
If you prefer to remove Apache from your system instead of
installing a newer revision to resolve the security problem, use
both Software Distributor's "swremove" command and also "rm -rf"
the home location as specified in the rc.config.d file "HOME"
variables.
 %ls /etc/rc.config.d |
 grep apache hpapache2conf hpws_apache[32]conf


MANUAL ACTIONS: Yes - Update plus other actions
Install the revision of the product.


PRODUCT SPECIFIC INFORMATION

HP-UX Security Patch Check: Security Patch Check revision B.02.00
analyzes all HP-issued Security Bulletins to provide a subset of
recommended actions that potentially affect a specific HP-UX
system. For more information:
http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi
displayProductInfo.pl?productnumber=B6834AAtN

UPDATE HISTORY

Initial release: 15 November 2005



Support: For further information, contact normal HP Services
support channel.

Report: To report a potential security vulnerability with any HP
supported product, send Email to: security-alert@hp.com.  It is
strongly recommended that security related information being
communicated to HP be encrypted using PGP, especially exploit
information.  To get the security-alert PGP key, please send an
e-mail message as follows:
  To: security-alert@hp.com
  Subject: get key

Subscribe: To initiate a subscription to receive future HP
Security Bulletins via Email:
http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&
langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC

On the web page: ITRC security bulletins and patch sign-up
Under Step1: your ITRC security bulletins and patches
  - check ALL categories for which alerts are required and
    continue.
Under Step2: your ITRC operating systems
  - verify your operating system selections are checked and
    save.

To update an existing subscription:
http://h30046.www3.hp.com/subSignIn.php
Log in on the web page:
  Subscriber's choice for Business: sign-in.
On the web page:
  Subscriber's Choice: your profile summary
    - use Edit Profile to update appropriate sections.

To review previously published Security Bulletins visit:
http://www.itrc.hp.com/service/cki/secBullArchive.do

* The Software Product Category that this Security Bulletin
relates to is represented by the 5th and 6th characters of the
Bulletin number in the title:

    GN = HP General SW,
    MA = HP Management Agents,
    MI = Misc. 3rd party SW,
    MP = HP MPE/iX,
    NS = HP NonStop Servers,
    OV = HP OpenVMS,
    PI = HP Printing & Imaging,
    ST = HP Storage SW,
    TL = HP Trusted Linux,
    TU = HP Tru64 UNIX,
    UX = HP-UX,
    VV = HP Virtual Vault


System management and security procedures must be reviewed
frequently to maintain system integrity. HP is continually
reviewing and enhancing the security features of software products
to provide customers with current secure solutions.

"HP is broadly distributing this Security Bulletin in order to
bring to the attention of users of the affected HP products the
important security information contained in this Bulletin. HP
recommends that all users determine the applicability of this
information to their individual situations and take appropriate
action. HP does not warrant that this information is necessarily
accurate or complete for all user situations and, consequently, HP
will not be responsible for any damages resulting from user's use
or disregard of the information provided in this Bulletin. To the
extent permitted by law, HP disclaims all warranties, either
express or implied, including the warranties of merchantability
and fitness for a particular purpose, title and non-infringement."


(c)Copyright 2005 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or
editorial errors or omissions contained herein. The information
provided is provided "as is" without warranty of any kind. To the
extent permitted by law, neither HP nor its affiliates,
subcontractors or suppliers will be liable for incidental, special
or consequential damages including downtime cost; lost profits;
damages relating to the procurement of substitute products or
services; or damages for loss of data, or software restoration.
The information in this document is subject to change without
notice. Hewlett-Packard Company and the names of Hewlett-Packard
products referenced herein are trademarks of Hewlett-Packard
Company in the United States and other countries. Other product
and company names mentioned herein may be trademarks of their
respective owners.

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBQ3sfWOAfOvwtKn1ZEQKcWQCgiwu/tFKJGfFL6h6UqXv4R8dlN20AnAtX
AdO0xbRlYS0bWjiXvNb1K4Qj
=5gHE
-----END PGP SIGNATURE-----

    

- 漏洞信息 (F39961)

Debian Linux Security Advisory 805-1 (PacketStormID:F39961)
2005-09-10 00:00:00
Debian  debian.org
advisory,web,vulnerability
linux,debian
CVE-2005-1268,CVE-2005-2088,CVE-2005-2700,CVE-2005-2728
[点击下载]

Debian Security Advisory DSA 805-1 - Several problems have been discovered in Apache2, the next generation, scalable, extendible web server. The Common Vulnerabilities and Exposures project identifies the following problems:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 805-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
September 8th, 2005                     http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : apache2
Vulnerability  : several
Problem type   : remote
Debian-specific: no
CVE IDs        : CAN-2005-1268 CAN-2005-2088 CAN-2005-2700 CAN-2005-2728
BugTraq ID     : 14660
Debian Bugs    : 316173 320048 320063 326435

Several problems have been discovered in Apache2, the next generation,
scalable, extendable web server.  The Common Vulnerabilities and
Exposures project identifies the following problems:

CAN-2005-1268

    Marc Stern discovered an off-by-one error in the mod_ssl
    Certificate Revocation List (CRL) verification callback.  When
    Apache is configured to use a CRL this can be used to cause a
    denial of service.

CAN-2005-2088

    A vulnerability has been discovered in the Apache web server.
    When it is acting as an HTTP proxy, it allows remote attackers to
    poison the web cache, bypass web application firewall protection,
    and conduct cross-site scripting attacks, which causes Apache to
    incorrectly handle and forward the body of the request.

CAN-2005-2700

    A problem has been discovered in mod_ssl, which provides strong
    cryptography (HTTPS support) for Apache that allows remote
    attackers to bypass access restrictions.

CAN-2005-2728

    The byte-range filter in Apache 2.0 allows remote attackers to
    cause a denial of service via an HTTP header with a large Range
    field.

The old stable distribution (woody) does not contain Apache2 packages.

For the stable distribution (sarge) these problems have been fixed in
version 2.0.54-5.

For the unstable distribution (sid) these problems have been fixed in
version 2.0.54-5.

We recommend that you upgrade your apache2 packages.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5.dsc
      Size/MD5 checksum:     1141 779558a3a1edad615114d9e951d44352
    http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5.diff.gz
      Size/MD5 checksum:   110044 3f51c615473cb57d4d182e1abbeffcd4
    http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54.orig.tar.gz
      Size/MD5 checksum:  7493636 37d0d0a3e25ad93d37f0483021e70409

  Architecture independent components:

    http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.0.54-5_all.deb
      Size/MD5 checksum:  3861324 429e520dda920f145468b39f4b3f2c2c
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-threadpool_2.0.54-5_all.deb
      Size/MD5 checksum:    33460 df584a81cd27a1858014ac52cfdd9ab9

  Alpha architecture:

    http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5_alpha.deb
      Size/MD5 checksum:    33380 6b79f9d492027d367c61604068f0d9d4
    http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5_alpha.deb
      Size/MD5 checksum:   865256 35799c3a99a6bf00ab6912c062f6e688
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5_alpha.deb
      Size/MD5 checksum:   246262 898ac33f06c871d251bb661e0f6bd214
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5_alpha.deb
      Size/MD5 checksum:   241370 73e3c57d0a294829c88dcc1532720e64
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5_alpha.deb
      Size/MD5 checksum:   245574 76324bf7139b28f909f3b20d5fa7e264
    http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5_alpha.deb
      Size/MD5 checksum:   167582 1dde0667290c8a7cb467125c3b0196c2
    http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5_alpha.deb
      Size/MD5 checksum:   168322 4a7cde084ac397d4065069aa5aae1810
    http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5_alpha.deb
      Size/MD5 checksum:    97434 790fee8043ace4b008de01a572376e4d
    http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5_alpha.deb
      Size/MD5 checksum:   155684 859a64401d2e62a38b254cb71a64be74
    http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5_alpha.deb
      Size/MD5 checksum:   315136 216e4e5bc44c80be8d7652d3da7c58e1

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5_amd64.deb
      Size/MD5 checksum:    33380 ed2ad5506faff830f641e22874d87f0d
    http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5_amd64.deb
      Size/MD5 checksum:   826590 333b8e6067c0b5b071b9233e4a299477
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5_amd64.deb
      Size/MD5 checksum:   221254 7fa0efb05dba185f0d392172a625408e
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5_amd64.deb
      Size/MD5 checksum:   216702 5f7672249bdf52cdbc06d5a9a515e78e
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5_amd64.deb
      Size/MD5 checksum:   220486 47697857b82b03715b0aee60baa05db5
    http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5_amd64.deb
      Size/MD5 checksum:   167570 8653f01104d7abf6a8b1e4ae7d08a11c
    http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5_amd64.deb
      Size/MD5 checksum:   168298 ebc158cf1767c2f52ee47bc106639c8a
    http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5_amd64.deb
      Size/MD5 checksum:    92628 1ce73449a400d72cbd3c639c2a4c3be2
    http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5_amd64.deb
      Size/MD5 checksum:   137212 86c22d780802d7b98489caadcdc93a1e
    http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5_amd64.deb
      Size/MD5 checksum:   278712 64da54b20a2bfccd63871a3150917cf7

  ARM architecture:

    http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5_arm.deb
      Size/MD5 checksum:    33388 ee560fb40ce2199a3605c9d3070287b3
    http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5_arm.deb
      Size/MD5 checksum:   793648 dd2dac8513f797dbf4f95d448a6b5c5c
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5_arm.deb
      Size/MD5 checksum:   202212 f08e6a2edfdb14556f1a7765606bc807
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5_arm.deb
      Size/MD5 checksum:   197848 ed05c9efdfe150499d41d6882c7db201
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5_arm.deb
      Size/MD5 checksum:   201246 c6170179756435d8ddbcb0737e11578d
    http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5_arm.deb
      Size/MD5 checksum:   167610 c82b3286884b7c20c77adfad118cb4e8
    http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5_arm.deb
      Size/MD5 checksum:   168352 efd48c27b8b15ea4e2cfd06056b6a57d
    http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5_arm.deb
      Size/MD5 checksum:    92542 b9632cb88b7f63e4532e3f6b09971a8e
    http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5_arm.deb
      Size/MD5 checksum:   122294 c0f845ef93a0c879031205c8d3758610
    http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5_arm.deb
      Size/MD5 checksum:   267804 d975fb73ed0fea9472556443f2cf8775

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5_i386.deb
      Size/MD5 checksum:    33384 f2bb4abd8a56f74165641a1ffb98268d
    http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5_i386.deb
      Size/MD5 checksum:   799800 143fb414c293aaa8d89e178306dca35a
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5_i386.deb
      Size/MD5 checksum:   206602 8cb83e70bbe05872ba5a9de9eacdadc2
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5_i386.deb
      Size/MD5 checksum:   202826 670721077006223829903285d28b428d
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5_i386.deb
      Size/MD5 checksum:   206374 824b90f8be18f53abef31e66aca2b0dd
    http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5_i386.deb
      Size/MD5 checksum:   167626 46926e9e39dba00825c06b1bc6afa847
    http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5_i386.deb
      Size/MD5 checksum:   168356 a22f739befa46e30b9c9f5ad8e6b2bc7
    http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5_i386.deb
      Size/MD5 checksum:    90962 3dc37ae17bb34d4068f5153bfd2ffd54
    http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5_i386.deb
      Size/MD5 checksum:   130614 0f1b46d69ed1665dbc7175fd777dc9eb
    http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5_i386.deb
      Size/MD5 checksum:   259890 f877c48fae275c3e011dcdcddf6f4bdc

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5_ia64.deb
      Size/MD5 checksum:    33378 16ea158380bb44a31025300b0cd09c9c
    http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5_ia64.deb
      Size/MD5 checksum:   973576 dee3c239893171c050526423c13a19e8
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5_ia64.deb
      Size/MD5 checksum:   289172 a785101466af9f71123b22228555b66b
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5_ia64.deb
      Size/MD5 checksum:   281186 857a2a8796e7bfed8f0d38c7ce8d5454
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5_ia64.deb
      Size/MD5 checksum:   287774 b59ac38a030ec2f415322ff151281ae4
    http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5_ia64.deb
      Size/MD5 checksum:   167598 0b45eadf799958a8cf9c834b34a4585d
    http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5_ia64.deb
      Size/MD5 checksum:   168330 01cd617a7c005fbda78606e3545c678c
    http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5_ia64.deb
      Size/MD5 checksum:   106294 d51ebb22c4f40e973ce48f39c724bf8e
    http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5_ia64.deb
      Size/MD5 checksum:   177728 2ae0b000991bf01eb3c8a152407663d7
    http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5_ia64.deb
      Size/MD5 checksum:   328378 49a1257846b48e59fc7103e26b68bb60

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5_hppa.deb
      Size/MD5 checksum:    33386 ff69db1811e9bd56d86fba73852e2e17
    http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5_hppa.deb
      Size/MD5 checksum:   880128 996bfa2e0569f2fe6cd1846cf2087b0c
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5_hppa.deb
      Size/MD5 checksum:   228680 4cfac3f9d40fa33d3d4f372006ebd981
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5_hppa.deb
      Size/MD5 checksum:   222678 2f78edc1cf89c7b39efae57759f0ed3f
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5_hppa.deb
      Size/MD5 checksum:   227508 697f93a4465c091c852c13bee07aee57
    http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5_hppa.deb
      Size/MD5 checksum:   167598 d9764a237d76b8943da9fb47b3813a3d
    http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5_hppa.deb
      Size/MD5 checksum:   168332 9e4b1b975718853053bf059c6671ae7f
    http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5_hppa.deb
      Size/MD5 checksum:    98724 86a838af0191b1c2ef441063ba043a32
    http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5_hppa.deb
      Size/MD5 checksum:   144892 d913a23b61e3a6ddbb9be5a89f2041e4
    http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5_hppa.deb
      Size/MD5 checksum:   284900 e8c14c0d1a4f2da6dcf50ea4a631ec24

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5_m68k.deb
      Size/MD5 checksum:    33390 c8ebf9432602c6f8ba4d4a8a5d40ba3c
    http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5_m68k.deb
      Size/MD5 checksum:   783284 13bfa82dbb83773e89088762d1b05904
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5_m68k.deb
      Size/MD5 checksum:   188788 fcec0cadfdab8d84a2da76e2b2163ab8
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5_m68k.deb
      Size/MD5 checksum:   185370 9af7ee0ab1b8efc8eec259a7f9bfa804
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5_m68k.deb
      Size/MD5 checksum:   188202 3ec4e66f1c3dcf8e86ec9cebb2c25c0c
    http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5_m68k.deb
      Size/MD5 checksum:   167638 79e2e99b10dd27fb80c2e41b61380f50
    http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5_m68k.deb
      Size/MD5 checksum:   168372 09f65665053dd9ca357466135ddfb141
    http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5_m68k.deb
      Size/MD5 checksum:    87918 a048bd1b67d4b25261a32f1efb8bbd3a
    http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5_m68k.deb
      Size/MD5 checksum:   117434 452edee7e17df559290add73e05e8d50
    http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5_m68k.deb
      Size/MD5 checksum:   249912 95b76222d325b8debe4dbd771b075005

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5_mips.deb
      Size/MD5 checksum:    33386 64d4455bd417d27a86f654cb478b0910
    http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5_mips.deb
      Size/MD5 checksum:   807432 351414d10d9404d339a3176eeb3a2522
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5_mips.deb
      Size/MD5 checksum:   217848 a51ce033722f6450ff840141515537e9
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5_mips.deb
      Size/MD5 checksum:   213062 0c78a1693b34b2958706cefdb5933dd5
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5_mips.deb
      Size/MD5 checksum:   217232 d9753aa6eaa6e5c59bb58aecda7eb3fc
    http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5_mips.deb
      Size/MD5 checksum:   167602 12e79648f3f01f2d13e017898a0d4af1
    http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5_mips.deb
      Size/MD5 checksum:   168330 f021c67c7a6b77986695595bb399025c
    http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5_mips.deb
      Size/MD5 checksum:   102890 cc929a885c1a94ca7f05966611ba899c
    http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5_mips.deb
      Size/MD5 checksum:   134356 2bb882cb3f14de3395f15808c7122944
    http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5_mips.deb
      Size/MD5 checksum:   286392 3d969e211240450e6f89740659382111

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5_mipsel.deb
      Size/MD5 checksum:    33388 08da26a58e9a33ebe8c46d694153df0e
    http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5_mipsel.deb
      Size/MD5 checksum:   807240 c415e8b3edf74e1d1a24b893bfe1a1cc
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5_mipsel.deb
      Size/MD5 checksum:   217130 ee3f0c080d8489f2b42330123f36b527
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5_mipsel.deb
      Size/MD5 checksum:   212480 f9ebfc61cdc737e99bbabd93e8d226bb
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5_mipsel.deb
      Size/MD5 checksum:   216356 4a514ad5c2193c9f192112765c54a76a
    http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5_mipsel.deb
      Size/MD5 checksum:   167608 89389a45144930d019970613fed37c73
    http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5_mipsel.deb
      Size/MD5 checksum:   168328 c9ab2d3f7c69218aa1f7fa6b61175844
    http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5_mipsel.deb
      Size/MD5 checksum:   102810 751df40f1a1efaa412f314f7b725bf63
    http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5_mipsel.deb
      Size/MD5 checksum:   134404 5a6fb39068de5daee05c8c70ffd2876e
    http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5_mipsel.deb
      Size/MD5 checksum:   287028 a1f5e5c12eb23992a3785308c792cd84

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5_powerpc.deb
      Size/MD5 checksum:    33386 19875b5ac54cb9a6d6e0621d8428f65a
    http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5_powerpc.deb
      Size/MD5 checksum:   856028 eab66e90e0070de689cf9639ad0fe294
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5_powerpc.deb
      Size/MD5 checksum:   214548 e1dd7ce5ab6b566d13efcef31d14dcb2
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5_powerpc.deb
      Size/MD5 checksum:   209618 3907930dad17e1d3339a1183d9aeaa1d
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5_powerpc.deb
      Size/MD5 checksum:   213610 1a116ca5f4e098be2696b5ef557e4359
    http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5_powerpc.deb
      Size/MD5 checksum:   167590 e5ccd009647e41e7e48d573cc0149003
    http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5_powerpc.deb
      Size/MD5 checksum:   168338 895dd813f4220f1e3eaff483b40d1a46
    http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5_powerpc.deb
      Size/MD5 checksum:   101966 f621a7cec5ad678721020c058536c7a0
    http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5_powerpc.deb
      Size/MD5 checksum:   134202 92b5b6e0632f8dd6abc155aedcd30b87
    http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5_powerpc.deb
      Size/MD5 checksum:   271900 87a95d99fa922a4e508b88240e5f6aed

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5_s390.deb
      Size/MD5 checksum:    33388 c8cb1b656bdfb21d0e7ae52c4f5b410b
    http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5_s390.deb
      Size/MD5 checksum:   836870 89e41b35884d42361df869a3a922f640
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5_s390.deb
      Size/MD5 checksum:   223826 a85cba45f51831e2d8cc1644c18b74ad
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5_s390.deb
      Size/MD5 checksum:   219688 4038e67e7950f1e635a27aa1d8c769b2
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5_s390.deb
      Size/MD5 checksum:   223210 065871dc4c96f330c225ed7470cd8724
    http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5_s390.deb
      Size/MD5 checksum:   167598 ac630af622500cb8d275b01d94ec4f5a
    http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5_s390.deb
      Size/MD5 checksum:   168330 11ac0fc59fd5a7303da34d1e639ecdc7
    http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5_s390.deb
      Size/MD5 checksum:    95782 44c89383fa73caef05d2d1e63f9cc7cd
    http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5_s390.deb
      Size/MD5 checksum:   145898 14070b311d4a90ae83203e33c257ebbe
    http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5_s390.deb
      Size/MD5 checksum:   275138 9fb591f2f9bf0120f437842ab159165f

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5_sparc.deb
      Size/MD5 checksum:    33388 8a1db10a708878f634f63dfbb69f50c2
    http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5_sparc.deb
      Size/MD5 checksum:   802602 e1440b38879a691d3b2b7e7a4916d822
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5_sparc.deb
      Size/MD5 checksum:   205498 ff2f786da35c0c9d639ee429d30d4a11
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5_sparc.deb
      Size/MD5 checksum:   200778 2c2c0bfbb9e04d66b51f38fc429b5cd9
    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5_sparc.deb
      Size/MD5 checksum:   204426 9aecd2ce11734643416867a97298aa5c
    http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5_sparc.deb
      Size/MD5 checksum:   167612 26aa5df84d0c5d329cfc69facf6c3acb
    http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5_sparc.deb
      Size/MD5 checksum:   168348 8cc7ada29f653ab4dae52267c988a2c3
    http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5_sparc.deb
      Size/MD5 checksum:    90910 d34cabdb839a784da5952ba42782fb8d
    http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5_sparc.deb
      Size/MD5 checksum:   123508 313f29dc0f626016e7af021b0415d403
    http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5_sparc.deb
      Size/MD5 checksum:   260382 77dff3b820bb1f6d9198fa45e9feda96


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFDIH3wW5ql+IAeqTIRAr/GAJ0chT7BVfrCggkWaBBPcig27CFvoACfbpP8
/pKnRdcSs2/mcx//JVQe+Xo=
=FgZM
-----END PGP SIGNATURE-----

    

- 漏洞信息 (F39905)

Ubuntu Security Notice 160-2 (PacketStormID:F39905)
2005-09-08 00:00:00
Ubuntu,Martin Pitt  security.ubuntu.com
advisory,vulnerability
linux,ubuntu
CVE-2005-2088
[点击下载]

Ubuntu Security Notice USN-160-2 - USN-160-1 fixed two vulnerabilities in the Apache 2 server. The old Apache 1 server was also vulnerable to one of the vulnerabilities (CVE-2005-2088). Please note that Apache 1 is not officially supported in Ubuntu (it is in the "universe" component of the archive).

--W5WqUoFLvi1M7tJE
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

===========================================================
Ubuntu Security Notice USN-160-2	 September 07, 2005
apache vulnerability
CAN-2005-2088
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)

The following packages are affected:

apache
apache-perl
apache-ssl

The problem can be corrected by upgrading the affected package to
version 1.3.31-6ubuntu0.8 (for Ubuntu 4.10), or 1.3.33-4ubuntu1 (for
Ubuntu 5.04). In general, a standard system upgrade is sufficient to
effect the necessary changes.

Details follow:

USN-160-1 fixed two vulnerabilities in the Apache 2 server. The old
Apache 1 server was also vulnerable to one of the vulnerabilities
(CAN-2005-2088). Please note that Apache 1 is not officially supported
in Ubuntu (it is in the "universe" component of the archive).

For reference, this is the relevant part of the original advisory:

  Watchfire discovered that Apache insufficiently verified the
  "Transfer-Encoding" and "Content-Length" headers when acting as an
  HTTP proxy. By sending a specially crafted HTTP request, a remote
  attacker who is authorized to use the proxy could exploit this to
  bypass web application firewalls, poison the HTTP proxy cache, and
  conduct cross-site scripting attacks against other proxy users.
  (CAN-2005-2088)


Updated packages for Ubuntu 4.10 (Warty Warthog):

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/a/apache/apache_1.3.31-6ubuntu0.8.diff.gz
      Size/MD5:   372493 c5001a1196912f3edfc785b5e2a5ebbc
    http://security.ubuntu.com/ubuntu/pool/main/a/apache/apache_1.3.31-6ubuntu0.8.dsc
      Size/MD5:     1102 c0f99d722fd5092be8c6cc800bc98020
    http://security.ubuntu.com/ubuntu/pool/main/a/apache/apache_1.3.31.orig.tar.gz
      Size/MD5:  3104170 ca475fbb40087eb157ec51334f260d1b

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/a/apache/apache-dev_1.3.31-6ubuntu0.8_all.deb
      Size/MD5:   329846 42899fed4f93fc9aa98743ca8d6bbea1
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/apache-doc_1.3.31-6ubuntu0.8_all.deb
      Size/MD5:  1186908 e1bf21edf1a8dd848d6fff0ed9c15319

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/a/apache/apache-common_1.3.31-6ubuntu0.8_amd64.deb
      Size/MD5:   873716 c70369c55517959829b6596efa3ac295
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/apache-dbg_1.3.31-6ubuntu0.8_amd64.deb
      Size/MD5:  9131484 42174cf7f3b4054f1586e6ac0328180e
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/apache-perl_1.3.31-6ubuntu0.8_amd64.deb
      Size/MD5:   520854 389333cfe500df5fa2ddbb05acd39268
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/apache-ssl_1.3.31-6ubuntu0.8_amd64.deb
      Size/MD5:   510938 856eb92f93f481c054b473699507b9e7
    http://security.ubuntu.com/ubuntu/pool/main/a/apache/apache-utils_1.3.31-6ubuntu0.8_amd64.deb
      Size/MD5:   271648 1a4f48aa2a3218d148e11a8e83134326
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/apache_1.3.31-6ubuntu0.8_amd64.deb
      Size/MD5:   398398 9af432f952f18349223abdc14efbe5af
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/libapache-mod-perl_1.29.0.2.0-6ubuntu0.8_amd64.deb
      Size/MD5:   491788 f5b1f7a21c419a2db9b8f8ecc8b00ada

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/a/apache/apache-common_1.3.31-6ubuntu0.8_i386.deb
      Size/MD5:   838714 e50241ee55e408f5be6ee0ca528191f4
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/apache-dbg_1.3.31-6ubuntu0.8_i386.deb
      Size/MD5:  9080744 0ddc1d368aceb07f7046d80d77e160b7
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/apache-perl_1.3.31-6ubuntu0.8_i386.deb
      Size/MD5:   494480 d0f38faf557c5606da32377bf860bc2d
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/apache-ssl_1.3.31-6ubuntu0.8_i386.deb
      Size/MD5:   484248 932390c88b13b14a2d39ae85d4eb2c2c
    http://security.ubuntu.com/ubuntu/pool/main/a/apache/apache-utils_1.3.31-6ubuntu0.8_i386.deb
      Size/MD5:   265448 5349d926e161a16b3416f273591454ef
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/apache_1.3.31-6ubuntu0.8_i386.deb
      Size/MD5:   377652 ccf175352ec693f8dcde9ee0b9005fbe
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/libapache-mod-perl_1.29.0.2.0-6ubuntu0.8_i386.deb
      Size/MD5:   485142 09118f966d87a9ed22a00f8d641fae48

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/a/apache/apache-common_1.3.31-6ubuntu0.8_powerpc.deb
      Size/MD5:   917796 42513834c278d8313e8ca1496a13a88b
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/apache-dbg_1.3.31-6ubuntu0.8_powerpc.deb
      Size/MD5:  9226168 03fe292aac21254f752010e827ef82b7
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/apache-perl_1.3.31-6ubuntu0.8_powerpc.deb
      Size/MD5:   511502 4982e1ffb129cca49974208619502834
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/apache-ssl_1.3.31-6ubuntu0.8_powerpc.deb
      Size/MD5:   507376 30d6000a4eebf427f18f9963d9bc94da
    http://security.ubuntu.com/ubuntu/pool/main/a/apache/apache-utils_1.3.31-6ubuntu0.8_powerpc.deb
      Size/MD5:   278778 36a97646fdb52d9ef8ea93691aad2ab2
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/apache_1.3.31-6ubuntu0.8_powerpc.deb
      Size/MD5:   395824 7c4e799a6d4254614819de0a447bf4db
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/libapache-mod-perl_1.29.0.2.0-6ubuntu0.8_powerpc.deb
      Size/MD5:   489118 ee494dbef77278e641ab54a4154de599

Updated packages for Ubuntu 5.04 (Hoary Hedgehog):

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/apache_1.3.33-4ubuntu1.diff.gz
      Size/MD5:   364482 4fa62ef8a41a30d49f41f3248b0671d0
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/apache_1.3.33-4ubuntu1.dsc
      Size/MD5:     1121 cd89b81f9fc67b4d25cdc8b482e14bf8
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/apache_1.3.33.orig.tar.gz
      Size/MD5:  3105683 1a34f13302878a8713a2ac760d9b6da8

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/apache-dev_1.3.33-4ubuntu1_all.deb
      Size/MD5:   331086 5dbb29add5c15b72a1901b653d22affd
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/apache-doc_1.3.33-4ubuntu1_all.deb
      Size/MD5:  1189152 f55d0f105549e660ff785b4f983df80d
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/apache-utils_1.3.33-4ubuntu1_all.deb
      Size/MD5:   211854 84bd3cb878b4c8125fc17b42497db935

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/apache-common_1.3.33-4ubuntu1_amd64.deb
      Size/MD5:   875046 c6bdfa39ba3a12c70b82824b955cb6ed
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/apache-dbg_1.3.33-4ubuntu1_amd64.deb
      Size/MD5:  9163882 d0e9ec7f9d9a49a431f5fd97f93f6b87
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/apache-perl_1.3.33-4ubuntu1_amd64.deb
      Size/MD5:   522170 c54f45b7938d50f70a966aad92a673a0
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/apache-ssl_1.3.33-4ubuntu1_amd64.deb
      Size/MD5:   512346 8a0bf2edac677b390b9f8c9b43c38c79
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/apache_1.3.33-4ubuntu1_amd64.deb
      Size/MD5:   399826 cde2880823c45ae1a57f3bd748d298b3
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/libapache-mod-perl_1.29.0.3-4ubuntu1_amd64.deb
      Size/MD5:   492232 27674bfd322d2832e750d416d0159289

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/apache-common_1.3.33-4ubuntu1_i386.deb
      Size/MD5:   839554 6b29480273d1006da2515b2e0573e9d2
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/apache-dbg_1.3.33-4ubuntu1_i386.deb
      Size/MD5:  9104572 b9d31e4995d51b303e99cf0268ca0f76
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/apache-perl_1.3.33-4ubuntu1_i386.deb
      Size/MD5:   495148 45ab419a9a5bc9d722f05b61d0e85628
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/apache-ssl_1.3.33-4ubuntu1_i386.deb
      Size/MD5:   485346 20658ea1db74678ebb640fcabaa95359
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/apache_1.3.33-4ubuntu1_i386.deb
      Size/MD5:   378756 b6eb23b11d150e41ad0520595963dc12
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/libapache-mod-perl_1.29.0.3-4ubuntu1_i386.deb
      Size/MD5:   485640 e9665bcc49dba12bb88d0dbbc91dc2ca

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/apache-common_1.3.33-4ubuntu1_powerpc.deb
      Size/MD5:   919468 1acb3a95dc392908764366eb7a9cf837
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/apache-dbg_1.3.33-4ubuntu1_powerpc.deb
      Size/MD5:  9253540 b79b964d8b328168a5e84141369591b6
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/apache-perl_1.3.33-4ubuntu1_powerpc.deb
      Size/MD5:   513098 e3731ecc291e9f4a1b33909991973a5a
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/apache-ssl_1.3.33-4ubuntu1_powerpc.deb
      Size/MD5:   508990 f93f9393257bfeb010757eca85067f77
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/apache_1.3.33-4ubuntu1_powerpc.deb
      Size/MD5:   397092 ec577980cf93a5de6f8ec7e5db0316a9
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache/libapache-mod-perl_1.29.0.3-4ubuntu1_powerpc.deb
      Size/MD5:   490332 6a06c0a6a65c34b48e99e5d666b35500

--W5WqUoFLvi1M7tJE
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFDHpvFDecnbV4Fd/IRApNsAKCnpHBcHzuG0Jpt2EgyDhC/PK+prgCeMBdG
jbdcQxXQyn0xNOoppIwIHMc=
=e5oW
-----END PGP SIGNATURE-----

--W5WqUoFLvi1M7tJE--
    

- 漏洞信息 (F39430)

SUSE-SA-2005-046.txt (PacketStormID:F39430)
2005-08-17 00:00:00
 
advisory,remote,web
linux,suse
CVE-2005-2088,CVE-2005-1268
[点击下载]

SUSE Security Announcement - A security flaw was found in the Apache and Apache2 web servers which allows remote attacker to smuggle requests past filters by providing handcrafted header entries.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

______________________________________________________________________________

                        SUSE Security Announcement

        Package:                apache,apache2
        Announcement ID:        SUSE-SA:2005:046
        Date:                   Tue, 16 Aug 2005 07:00:00 +0000
        Affected Products:      8.2, 9.0, 9.1, 9.2, 9.3
                                SUSE Linux Enterprise Server 8, 9
        Vulnerability Type:     authentication bypass
        Severity (1-10):        6
        SUSE Default Package:   no
        Cross-References:       CAN-2005-2088
                                CAN-2005-1268


    Content of This Advisory:
        1) Security Vulnerability Resolved:
             apache and apache2 request smuggling
           Problem Description
        2) Solution or Work-Around
        3) Special Instructions and Notes
        4) Package Location and Checksums
        5) Pending Vulnerabilities, Solutions, and Work-Arounds:
            See SUSE Security Summary Report.
        6) Authenticity Verification and Additional Information

______________________________________________________________________________

1) Problem Description and Brief Discussion

   A security flaw was found in the Apache and Apache2 web servers which
   allows remote attacker to "smuggle" requests past filters by providing
   handcrafted header entries.

   Fixed Apache 2 server packages were released on July 26th,
   fixed Apache 1 server packages were released on August 15th.

   This issue is tracked by the Mitre CVE ID CAN-2005-2088.

   The Apache2 packages additionally fix a single byte overflow in the SSL
   CRL handling functionality, tracked by the Mitre CVE ID CAN-2005-1268.

   The Apache1 packages additionally fix a harmless local buffer overflow
   in htpasswd.

2) Solution or Work-Around

   None, please install the updated packages.

3) Special Instructions and Notes

   Please restart the Apache web server after the update.

4) Package Location and Checksums

   The preferred method for installing security updates is to use the YaST
   Online Update (YOU) tool. YOU detects which updates are required and
   automatically performs the necessary steps to verify and install them.
   Alternatively, download the update packages for your distribution manually
   and verify their integrity by the methods listed in Section 6 of this
   announcement. Then install the packages using the command

     rpm -Fhv <file.rpm>

   to apply the update, replacing <file.rpm> with the filename of the
   downloaded RPM package.

   Our maintenance customers are notified individually. The packages are
   offered for installation from the maintenance web.


   x86 Platform:

   SUSE Linux 9.3:
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/apache2-2.0.53-9.2.i586.rpm
          f139e14297b5e62c297bdeeb91a72cfb
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/apache2-prefork-2.0.53-9.2.i586.rpm
          f3b91a27ce46603221423ce450f64b91
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/apache2-worker-2.0.53-9.2.i586.rpm
          8085487fab1bd301013e4f4268cd5515

   SUSE Linux 9.2:
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/apache2-2.0.50-7.4.i586.rpm
          3bcb58b4cfb08896be787bb62328197c
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/apache2-prefork-2.0.50-7.4.i586.rpm
          1e520e3c81f6b7ec84bb4127f9c0ec52
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/apache2-worker-2.0.50-7.4.i586.rpm
          ff8b691c1d44e33ef43f46f0bd2e9016

   SUSE Linux 9.1:
   ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/apache2-2.0.49-27.29.i586.rpm
          5bc20e44e197e7b9af2d26984c511950
   ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/apache2-devel-2.0.49-27.29.i586.rpm
          ec6a62ab160adebecbf5800fb0bde028
   ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/apache2-doc-2.0.49-27.29.i586.rpm
          dfee5fdccd1fba307a0e580d08920114
   ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/apache2-example-pages-2.0.49-27.29.i586.rpm
          6ba6fde3121ce95efed896b55b3616b4
   ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/apache2-prefork-2.0.49-27.29.i586.rpm
          825ff943742470dcf2deb459094dfc77
   ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/apache2-worker-2.0.49-27.29.i586.rpm
          cab6bc047c236ca9c19445103bf2b08a
   ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/libapr0-2.0.49-27.29.i586.rpm
          df114a68dc94134f1f78266c8a9b4162
   source rpm(s):
   ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/apache2-2.0.49-27.29.src.rpm
          64a3415d384bae98734bfb029a0bfd74

   SUSE Linux 9.0:
   ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/apache-1.3.28-79.i586.rpm
          3ea2571ee8b8f7533cfa19254ce76000
   ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/apache2-2.0.48-152.i586.rpm
          e79c7b6cd99c86101dbae77d66a355b7
   ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/apache2-devel-2.0.48-152.i586.rpm
          59f010b8e181975da80ea656104f7a1e
   ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/apache2-doc-2.0.48-152.i586.rpm
          65969fcd4b69912398b0ac133995dd6c
   ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/apache2-example-pages-2.0.48-152.i586.rpm
          39efd1a9f7bf2693021642ef5d5f8fba
   ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/apache2-leader-2.0.48-152.i586.rpm
          1fe7b5b73f73a747d1290bc495432a50
   ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/apache2-metuxmpm-2.0.48-152.i586.rpm
          da0a791f90e62f5ab3f49a52b7ad037b
   ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/apache2-prefork-2.0.48-152.i586.rpm
          0fdf9b7ab16b03354ee17b305b6e46a5
   ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/apache2-worker-2.0.48-152.i586.rpm
          d1a4d5a06d9ca6b64ee6c7d0fe2ef434
   ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/libapr0-2.0.48-152.i586.rpm
          8d2f2b1d0e058fd51fa211adb997815c
   ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/mod_ssl-2.8.15-79.i586.rpm
          241b06b75109f29623e48355a22e5cc5
   source rpm(s):
   ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/apache-1.3.28-79.src.rpm
          34ce607ad6ce1cd5ce400540ff0fc5c8
   ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/apache2-2.0.48-152.src.rpm
          5b4e779401060cdef792aec5a83e298d

   SUSE Linux 8.2:
   ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/apache2-2.0.48-152.i586.rpm
          3a3ce9aaf22ef266e4465dd845540103
   ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/apache2-devel-2.0.48-152.i586.rpm
          891f721003c52433a230d88b6a674740
   ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/apache2-doc-2.0.48-152.i586.rpm
          9c91e87e0c4305a006c041ab56c5bb4a
   ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/apache2-example-pages-2.0.48-152.i586.rpm
          a95d8a3e01285ab512e67ff99544e738
   ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/apache2-leader-2.0.48-152.i586.rpm
          830692c995bf913b308ef992b122d8d3
   ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/apache2-prefork-2.0.48-152.i586.rpm
          c9f022344948a3af810e0f706003b605
   ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/apache2-worker-2.0.48-152.i586.rpm
          6c23c596575d6dc4e4c5ed8484b96bc5
   ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/libapr0-2.0.48-152.i586.rpm
          0a9dcbdfcbf4b862b8b2da9970032ad3
   source rpm(s):
   ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/apache2-2.0.48-152.src.rpm
          8ed1800dc6ae23fdde92aeaab8467277

   x86-64 Platform:

   SUSE Linux 9.3:
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/apache2-2.0.53-9.2.x86_64.rpm
          b0191eba7fbb1bc9f9c154b48f19f41e
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/apache2-prefork-2.0.53-9.2.x86_64.rpm
          feec5b490afdbd30249923ccf791e5e1
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/apache2-worker-2.0.53-9.2.x86_64.rpm
          418f4b6310bb98177b477a8c2af0fd3e
   source rpm(s):
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/apache2-2.0.53-9.2.src.rpm
          51cd4351f98f32df47c5d15beeeb055c

   SUSE Linux 9.2:
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/apache2-2.0.50-7.4.x86_64.rpm
          2a5421e418e43d552a4782d3bc9a2486
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/apache2-prefork-2.0.50-7.4.x86_64.rpm
          1617072b6ebfe834251e8e6084acf71b
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/apache2-worker-2.0.50-7.4.x86_64.rpm
          a0ee7a530aefc0c902b45ffc5f140758
   source rpm(s):
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/apache2-2.0.50-7.4.src.rpm
          038265691d3d304c63301d1900d9c8f5

   SUSE Linux 9.1:
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/apache2-2.0.49-27.29.x86_64.rpm
          8d5268bb9772648aea84ab6c96f729e5
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/apache2-devel-2.0.49-27.29.x86_64.rpm
          cd24e073b85c1ad2ae0f4f9ac7f03833
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/apache2-doc-2.0.49-27.29.x86_64.rpm
          aa96fe4043dadd434bfdbbcbda5b9e3c
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/apache2-example-pages-2.0.49-27.29.x86_64.rpm
          fdef881a458ce47c4ab3852bc03b03c3
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/apache2-prefork-2.0.49-27.29.x86_64.rpm
          4949d1b12846fc5ba998ba828f1d3aa2
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/apache2-worker-2.0.49-27.29.x86_64.rpm
          db46554809bdcdb0d680f950a37d1a67
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/libapr0-2.0.49-27.29.x86_64.rpm
          cd742baacc51deb46e77abf44ee7852b
   source rpm(s):
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/apache2-2.0.49-27.29.src.rpm
          2bf68594e45e71944ae666b9d05f042d

   SUSE Linux 9.0:
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/apache-1.3.28-79.x86_64.rpm
          383bb73f15037bdf193b43e8356c24e2
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/apache2-2.0.48-152.x86_64.rpm
          5a91de1118c01e36103bed561afaf461
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/apache2-devel-2.0.48-152.x86_64.rpm
          0fe7ab322847c94c8346f259ab666973
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/apache2-doc-2.0.48-152.x86_64.rpm
          e02b174d4b8312c9370d04e531c6cb6f
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/apache2-example-pages-2.0.48-152.x86_64.rpm
          5cbf2baf68a56df0e95149a209dcc5bb
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/apache2-leader-2.0.48-152.x86_64.rpm
          0512d0806364982cb77e300807f0c2ab
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/apache2-metuxmpm-2.0.48-152.x86_64.rpm
          66e024c176e86ae70f9cce5f68bbbb6e
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/apache2-prefork-2.0.48-152.x86_64.rpm
          42046fedac25e435a87048895ba892a3
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/apache2-worker-2.0.48-152.x86_64.rpm
          2cf1c65663e16108cb25300e171a195b
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/libapr0-2.0.48-152.x86_64.rpm
          87b741b0402f03064de4619dff361086
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/mod_ssl-2.8.15-79.x86_64.rpm
          09458018034cfffbc419d816c5dd31ce
   source rpm(s):
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/apache-1.3.28-79.src.rpm
          ae182ca0cb6e47559f250feca8c67e2e
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/apache2-2.0.48-152.src.rpm
          e87c50cda40a5c9097bab2e20c1098d6


______________________________________________________________________________

5) Pending Vulnerabilities, Solutions, and Work-Arounds:

   See SUSE Security Summary Report.
______________________________________________________________________________

6) Authenticity Verification and Additional Information

  - Announcement authenticity verification:

    SUSE security announcements are published via mailing lists and on Web
    sites. The authenticity and integrity of a SUSE security announcement is
    guaranteed by a cryptographic signature in each announcement. All SUSE
    security announcements are published with a valid signature.

    To verify the signature of the announcement, save it as text into a file
    and run the command

      gpg --verify <file>

    replacing <file> with the name of the file where you saved the
    announcement. The output for a valid signature looks like:

      gpg: Signature made <DATE> using RSA key ID 3D25D3D9
      gpg: Good signature from "SuSE Security Team <security@suse.de>"

    where <DATE> is replaced by the date the document was signed.

    If the security team's key is not contained in your key ring, you can
    import it from the first installation CD. To import the key, use the
    command

      gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc

  - Package authenticity verification:

    SUSE update packages are available on many mirror FTP servers all over the
    world. While this service is considered valuable and important to the free
    and open source software community, the authenticity and the integrity of
    a package needs to be verified to ensure that it has not been tampered
    with.

    There are two verification methods that can be used independently from
    each other to prove the authenticity of a downloaded file or RPM package:

    1) Using the internal gpg signatures of the rpm package
    2) MD5 checksums as provided in this announcement

    1) The internal rpm package signatures provide an easy way to verify the
       authenticity of an RPM package. Use the command

        rpm -v --checksig <file.rpm>

       to verify the signature of the package, replacing <file.rpm> with the
       filename of the RPM package downloaded. The package is unmodified if it
       contains a valid signature from build@suse.de with the key ID 9C800ACA.

       This key is automatically imported into the RPM database (on
       RPMv4-based distributions) and the gpg key ring of 'root' during
       installation. You can also find it on the first installation CD and at
       the end of this announcement.

    2) If you need an alternative means of verification, use the md5sum
       command to verify the authenticity of the packages. Execute the command

         md5sum <filename.rpm>

       after you downloaded the file from a SUSE FTP server or its mirrors.
       Then compare the resulting md5sum with the one that is listed in the
       SUSE security announcement. Because the announcement containing the
       checksums is cryptographically signed (by security@suse.de), the
       checksums show proof of the authenticity of the package if the
       signature of the announcement is valid. Note that the md5 sums
       published in the SUSE Security Announcements are valid for the
       respective packages only. Newer versions of these packages cannot be
       verified.

  - SUSE runs two security mailing lists to which any interested party may
    subscribe:

    suse-security@suse.com
        -   General Linux and SUSE security discussion.
            All SUSE security announcements are sent to this list.
            To subscribe, send an e-mail to
                <suse-security-subscribe@suse.com>.

    suse-security-announce@suse.com
        -   SUSE's announce-only mailing list.
            Only SUSE's security announcements are sent to this list.
            To subscribe, send an e-mail to
                <suse-security-announce-subscribe@suse.com>.

    For general information or the frequently asked questions (FAQ),
    send mail to <suse-security-info@suse.com> or
    <suse-security-faq@suse.com>.

    =====================================================================
    SUSE's security contact is <security@suse.com> or <security@suse.de>.
    The <security@suse.de> public key is listed below.
    =====================================================================
______________________________________________________________________________

    The information in this advisory may be distributed or reproduced,
    provided that the advisory is not modified in any way. In particular, the
    clear text signature should show proof of the authenticity of the text.

    SUSE Linux Products GmbH provides no warranties of any kind whatsoever
    with respect to the information contained in this security advisory.

Type Bits/KeyID    Date       User ID
pub  2048R/3D25D3D9 1999-03-06 SuSE Security Team <security@suse.de>
pub  1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build@suse.de>

- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

mQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCkYS3yEKeueNWc+z/0Kvff
4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP+Y0PFPboMvKx0FXl/A0d
M+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR8xocQSVCFxcwvwCglVcO
QliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U8c/yE/vdvpN6lF0tmFrK
XBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0ScZqITuZC4CWxJa9GynBE
D3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELBeGaPdNCcmfZ66rKUd
G5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVKn4zLUOf6aeBAoV6NM
CC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqajLfvkURHAeSsxXIoE
myW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFvF+rQoU3VTRSBQYWNr
YWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBMRAgAcBQI57vSBBQkD
wmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ98BgD40zw0GHJHIf6d
NfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQIABgUCOnBeUgAKCRCe
QOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1HIbActAevk5MUBhNe
LZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUUE1VQnt+T/EYklES3t
XXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZxbzdXGnqIlcT08TzBU
D9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPSr+/fT3WeVnwJiQCQ3
0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUPAgJENDEqeU6iIO9Ot
1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZd5CvvznYvB6bWBIpW
cRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzyohEJB6XG5+D0BiF0E
ExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyp1f
AJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHvt9yMPDVq0B0W5Ag0E
Oe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPaJB/Tu1FQokn2/Qld/
HZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPaF3Z/6kyc5a8fas44h
t5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM/ovXbDfPcXsUVeTPT
tGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5GaagYQo7YlF6UaBQnYJTM
523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9iMvq9M/iXnGz4sg6Q
2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPDgu87WnBFgmp8MpSr8
QnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9TqyF4s/6XRstWirSWaw
JxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xDEYlhCeieXS5MkockQ
1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1CN/ccZCkxcBa5IFCH
ORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1
wwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY
EQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol
0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK
CRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co
SPihn1+OBNyZAQ0DNuEtBAAAAQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo
omuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt
A46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J
/LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE
GrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf
ebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT
ZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8
RQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ
8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb
B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X
11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA
8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj
qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p
WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL
hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG
BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+
AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi
RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0
zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM
/3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7
whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl
D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz
dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI
RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI
DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE=
=LRKC
- -----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iQEVAwUBQwGmnXey5gA9JdPZAQLHqQf/bSN3E38pqLmDl8IOVTHhNMd0WlmB/Plt
Dzwi3xpL7poZmZkkFMjQWQv5w8rM+D46wZWzS280T8al8sQFu3K96f29lJVaNBgu
mLd/RnxVZjq9D365mMYIW+fImOCNzp+DLo55yVw6uD9Rayw4TyIgtyvZmvrtDOqH
UA+mqbHiR3zds3r0P7oLXh69tVFQeYjdtWUMEnQV2E7SuIAQ/b3yUVGQvWGe/KJG
ezYfoa1+NRJcyCdY3gQRsea9n1awwA5icSn1agPgPaSXUDJEJSFw4mo9GTLPejNY
4MVGf49g84tF9+1J156k6B3cfzrdAQo8XZB4s7b2C4M9tmduajW2UQ==
=IfdC
-----END PGP SIGNATURE-----
    

- 漏洞信息 (F39056)

Ubuntu Security Notice 160-1 (PacketStormID:F39056)
2005-08-05 00:00:00
Ubuntu  ubuntu.com
advisory,web,overflow,vulnerability
linux,ubuntu
CVE-2005-1268,CVE-2005-2088
[点击下载]

Ubuntu Security Notice USN-160-1 - Multiple vulnerabilities exist in Apache 2.x. Marc Stern discovered a buffer overflow in the SSL module's certificate revocation list (CRL) handler. Watchfire discovered that Apache insufficiently verified the Transfer-Encoding and Content-Length headers when acting as an HTTP proxy.

--6TrnltStXW4iwmi0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

===========================================================
Ubuntu Security Notice USN-160-1	    August 04, 2005
apache2 vulnerabilities
CAN-2005-1268, CAN-2005-2088
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)

The following packages are affected:

apache2-mpm-perchild
apache2-mpm-prefork
apache2-mpm-threadpool
apache2-mpm-worker

The problem can be corrected by upgrading the affected package to
version 2.0.50-12ubuntu4.3 (for Ubuntu 4.10), or 2.0.53-5ubuntu5.2
(for Ubuntu 5.04).  In general, a standard system upgrade is
sufficient to effect the necessary changes.

Details follow:

Marc Stern discovered a buffer overflow in the SSL module's
certificate revocation list (CRL) handler. If Apache is configured to
use a malicious CRL, this could possibly lead to a server crash or
arbitrary code execution with the privileges of the Apache web server.
(CAN-2005-1268)

Watchfire discovered that Apache insufficiently verified the
"Transfer-Encoding" and "Content-Length" headers when acting as an
HTTP proxy. By sending a specially crafted HTTP request, a remote
attacker who is authorized to use the proxy could exploit this to
bypass web application firewalls, poison the HTTP proxy cache, and
conduct cross-site scripting attacks against other proxy users.
(CAN-2005-2088)

Updated packages for Ubuntu 4.10 (Warty Warthog):

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.50-12ubuntu4.3.diff.gz
      Size/MD5:    99222 a380f023e1e5afc50b8b92ba5c6489b9
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.50-12ubuntu4.3.dsc
      Size/MD5:     1151 69c9462592c46b43a4ec8166aab6209a
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.50.orig.tar.gz
      Size/MD5:  6321209 9d0767f8a1344229569fcd8272156f8b

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.50-12ubuntu4.3_all.deb
      Size/MD5:  3178388 566b8b373c0318b7d3f34692b30509ac
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.50-12ubuntu4.3_all.deb
      Size/MD5:   163770 00c36a85687974f4eb90b5d8c13476e4
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.50-12ubuntu4.3_all.deb
      Size/MD5:   164524 6050010e24b4f5e4a9cb2cdd9686c6c0

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.50-12ubuntu4.3_amd64.deb
      Size/MD5:   864704 574b8e5c64df9913c8b66ccd107c60f0
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.50-12ubuntu4.3_amd64.deb
      Size/MD5:   230390 e38acb634e12c57ed669aa568cc67d06
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.50-12ubuntu4.3_amd64.deb
      Size/MD5:   225610 a3bdfb1af745c6930136212c6fa33591
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-threadpool_2.0.50-12ubuntu4.3_amd64.deb
      Size/MD5:   228988 94ff614ff1caa04fe845c8204c5bb91b
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.50-12ubuntu4.3_amd64.deb
      Size/MD5:   229582 7b3a84aad84baaa7338ebff74f36d86c
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.50-12ubuntu4.3_amd64.deb
      Size/MD5:    30006 3167fcb1062d529a724f5d4dbacb9a9c
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.50-12ubuntu4.3_amd64.deb
      Size/MD5:   275506 bc6da6c57c8faf19d1f55108a4c2e98b
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.50-12ubuntu4.3_amd64.deb
      Size/MD5:   133452 e7b61a6aa6fec0146790b56ae41131d8

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.50-12ubuntu4.3_i386.deb
      Size/MD5:   826108 01ed4c55e535c4f8a8e9fa62b03d2d6f
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.50-12ubuntu4.3_i386.deb
      Size/MD5:   209418 f4daec8b0b1a16a9c1056ea80a18818d
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.50-12ubuntu4.3_i386.deb
      Size/MD5:   205626 7b4216e725476c616d15ba87b35ab3aa
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-threadpool_2.0.50-12ubuntu4.3_i386.deb
      Size/MD5:   208278 49de9f647e784fae7883c24741ab7b63
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.50-12ubuntu4.3_i386.deb
      Size/MD5:   208698 092149b5d65d608ff023f74fad4419b3
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.50-12ubuntu4.3_i386.deb
      Size/MD5:    30008 0629ba1a00d24318da20620f904adf53
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.50-12ubuntu4.3_i386.deb
      Size/MD5:   253472 f7fa9e49a15f97cc6f6b3487dad9f59b
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.50-12ubuntu4.3_i386.deb
      Size/MD5:   124174 e9a3bb0757ac735b5be257899dc7dccb

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.50-12ubuntu4.3_powerpc.deb
      Size/MD5:   903886 c79d8200dafe755df9b4353a461431f8
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.50-12ubuntu4.3_powerpc.deb
      Size/MD5:   223044 668546270ebbb3fc0722bb4e9e15c551
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.50-12ubuntu4.3_powerpc.deb
      Size/MD5:   218040 8a720021cb2ad66178fa7338c321d9b9
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-threadpool_2.0.50-12ubuntu4.3_powerpc.deb
      Size/MD5:   221164 d79bb29298a9e3b404f75feac66a4f0e
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.50-12ubuntu4.3_powerpc.deb
      Size/MD5:   221810 065beb73cd4d89f58b2937eb8f40f2e1
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.50-12ubuntu4.3_powerpc.deb
      Size/MD5:    30008 2df17775733e03d4b7a24f30db85abc0
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.50-12ubuntu4.3_powerpc.deb
      Size/MD5:   269302 d78bb039553b55d88fd7b0482b0fa45e
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.50-12ubuntu4.3_powerpc.deb
      Size/MD5:   130790 19af1dc64928adca136c3cd4a5d43368

Updated packages for Ubuntu 5.04 (Hoary Hedgehog):

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.53-5ubuntu5.2.diff.gz
      Size/MD5:   106802 52ae05de8e2234de5379947bc97e6b6f
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.53-5ubuntu5.2.dsc
      Size/MD5:     1159 e21eb214e35d20449d52ea8e6c4a1256
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.53.orig.tar.gz
      Size/MD5:  6925351 40507bf19919334f07355eda2df017e5

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.53-5ubuntu5.2_all.deb
      Size/MD5:  3578208 08bca5aab442a3483739f3b753f2b3a3
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-threadpool_2.0.53-5ubuntu5.2_all.deb
      Size/MD5:    33806 47590c2159403038c34e51651b9b3ffe

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.53-5ubuntu5.2_amd64.deb
      Size/MD5:   826094 8b1404e64736660a2958992d3bc525f1
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.53-5ubuntu5.2_amd64.deb
      Size/MD5:   221110 e3aa00811f28469bfbb8ef22ecd145d2
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.53-5ubuntu5.2_amd64.deb
      Size/MD5:   216690 00e809503238ca2e73c42fc52f3016db
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.53-5ubuntu5.2_amd64.deb
      Size/MD5:   220032 10d8a9fce44a4096d31ade012a28079e
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.53-5ubuntu5.2_amd64.deb
      Size/MD5:   167464 6c91ab0c339f3a74535ed36172ada81c
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.53-5ubuntu5.2_amd64.deb
      Size/MD5:   168258 c4afd1d5a85633e95c2fe835def03ad7
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.53-5ubuntu5.2_amd64.deb
      Size/MD5:    92934 26ccc095b0f9c15224bd054f758109a0
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.53-5ubuntu5.2_amd64.deb
      Size/MD5:    33732 498cf774f6197fc10292365422739196
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.53-5ubuntu5.2_amd64.deb
      Size/MD5:   279090 536b2c9b9fa300090d53b48e746a9378
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.53-5ubuntu5.2_amd64.deb
      Size/MD5:   137596 5559d096c8cf747ce5d7f68e672c73eb

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.53-5ubuntu5.2_i386.deb
      Size/MD5:   789008 09bbc361b3aaa028014a19d58f2186f5
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.53-5ubuntu5.2_i386.deb
      Size/MD5:   201274 cc9c15af3dbbcc5213eeb49cdef69f31
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.53-5ubuntu5.2_i386.deb
      Size/MD5:   197146 26bc333b69cc2a58b2fe41c610c41927
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.53-5ubuntu5.2_i386.deb
      Size/MD5:   200568 6c1189649fb0a3a04205f2528b0e1b5a
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.53-5ubuntu5.2_i386.deb
      Size/MD5:   167466 66b4c17f7b92ce69dc983b79d8beafa7
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.53-5ubuntu5.2_i386.deb
      Size/MD5:   168248 624c88d5d611211be441e5179489f134
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.53-5ubuntu5.2_i386.deb
      Size/MD5:    90654 ff649857f12acf7164b78665a3df1340
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.53-5ubuntu5.2_i386.deb
      Size/MD5:    33734 dc48007f8db1e2d870da4c69cb056bcf
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.53-5ubuntu5.2_i386.deb
      Size/MD5:   257040 f38390e08a7f1fb35a3bab2fe0aa43e4
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.53-5ubuntu5.2_i386.deb
      Size/MD5:   128270 d5e2e3bd12723420a852eab1e606cb2f

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.53-5ubuntu5.2_powerpc.deb
      Size/MD5:   855412 fc8f89f45ed5fe9323228db12d5e6af4
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.53-5ubuntu5.2_powerpc.deb
      Size/MD5:   214298 abf499003a7cd1fb01908508375b9b0a
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.53-5ubuntu5.2_powerpc.deb
      Size/MD5:   209416 e67390ec75e08bd176093b44cd6a29e7
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.53-5ubuntu5.2_powerpc.deb
      Size/MD5:   213410 56548f06302e1e30c72d1e14568ef042
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.53-5ubuntu5.2_powerpc.deb
      Size/MD5:   167472 0137079f14ad6afbbeafbe9c222e3099
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.53-5ubuntu5.2_powerpc.deb
      Size/MD5:   168252 f595e5e6a871ce89a52494db766be9ed
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.53-5ubuntu5.2_powerpc.deb
      Size/MD5:   102328 eccac03681d081ed37f2393196714edb
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.53-5ubuntu5.2_powerpc.deb
      Size/MD5:    33744 b5c4d07b3e4a5b5945ad4670a52b818d
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.53-5ubuntu5.2_powerpc.deb
      Size/MD5:   272312 9ad600dd8a99577138bdc3d7081c490e
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.53-5ubuntu5.2_powerpc.deb
      Size/MD5:   134578 c0d2e7a4a29d9cf05cf99d3aa9b71621

--6TrnltStXW4iwmi0
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFC8ihpDecnbV4Fd/IRAnpLAJ9MPFT7NVASClcTcAysa4hRIgmM+wCfdmXf
FsYs27LyPO00zX/W1vJzmSg=
=JHPN
-----END PGP SIGNATURE-----

--6TrnltStXW4iwmi0--
    

- 漏洞信息

17738
Apache HTTP Server HTTP Request Smuggling
Remote / Network Access Input Manipulation
Loss of Integrity
Vendor Verified

- 漏洞描述

- 时间线

2005-06-06 Unknow
2005-06-06 Unknow

- 解决方案

Products

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Apache HTTP Request Smuggling Vulnerability
Input Validation Error 14106
Yes No
2005-06-30 12:00:00 2008-05-06 03:26:00
Discovery of this issue is credited to Chaim Linhart, Amit Klein, Ronen Heled, and Steve Orrin of Watchfire.

- 受影响的程序版本

Ubuntu Ubuntu Linux 5.0 4 powerpc
Ubuntu Ubuntu Linux 5.0 4 i386
Ubuntu Ubuntu Linux 5.0 4 amd64
Ubuntu Ubuntu Linux 4.1 ppc
Ubuntu Ubuntu Linux 4.1 ia64
Ubuntu Ubuntu Linux 4.1 ia32
Turbolinux Turbolinux Workstation 8.0
Turbolinux Turbolinux Workstation 7.0
Turbolinux Turbolinux Server 10.0
Turbolinux Turbolinux Server 8.0
Turbolinux Turbolinux Server 7.0
Turbolinux Turbolinux Desktop 10.0
Turbolinux Turbolinux 10 F...
TurboLinux Personal
TurboLinux Multimedia
Turbolinux Home
Turbolinux Appliance Server Workgroup Edition 1.0
Turbolinux Appliance Server Hosting Edition 1.0
Turbolinux Appliance Server 1.0 Workgroup Edition
Turbolinux Appliance Server 1.0 Hosting Edition
Trustix Secure Linux 3.0
Trustix Secure Linux 2.2
Trustix Secure Linux 2.1
Trustix Secure Enterprise Linux 2.0
SuSE SUSE Linux Enterprise Server 8
+ Linux kernel 2.4.21
+ Linux kernel 2.4.19
Sun Solaris 9_x86
Sun Solaris 9
Sun Solaris 8_x86
Sun Solaris 8_sparc
Sun Solaris 10.0_x86
Sun Solaris 10.0
Sun Solaris 10
SmoothWall Express 2.0
Slackware Linux 10.2
Slackware Linux 10.1
Slackware Linux 10.0
Slackware Linux 9.1
Slackware Linux 9.0
Slackware Linux 8.1
Slackware Linux -current
SGI ProPack 3.0 SP6
S.u.S.E. SuSE Linux Standard Server 8.0
S.u.S.E. SuSE Linux School Server for i386
S.u.S.E. SUSE LINUX Retail Solution 8.0
S.u.S.E. SuSE Linux Openexchange Server 4.0
S.u.S.E. Open-Enterprise-Server 9.0
S.u.S.E. Novell Linux Desktop 9.0
S.u.S.E. Linux Professional 9.3 x86_64
S.u.S.E. Linux Professional 9.3
S.u.S.E. Linux Professional 9.2 x86_64
S.u.S.E. Linux Professional 9.2
S.u.S.E. Linux Professional 9.1 x86_64
S.u.S.E. Linux Professional 9.1
S.u.S.E. Linux Professional 9.0 x86_64
S.u.S.E. Linux Professional 9.0
S.u.S.E. Linux Professional 8.2
S.u.S.E. Linux Personal 9.3 x86_64
S.u.S.E. Linux Personal 9.3
S.u.S.E. Linux Personal 9.2 x86_64
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1 x86_64
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0 x86_64
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Personal 8.2
S.u.S.E. Linux Enterprise Server 9
S.u.S.E. Linux Desktop 1.0
RedHat arpwatch-2.1a11-1.i386.rpm
Red Hat Fedora Core4
Red Hat Fedora Core3
Novell Netware 6.5
Mandriva Linux Mandrake 10.2 x86_64
Mandriva Linux Mandrake 10.2
Mandriva Linux Mandrake 10.1 x86_64
Mandriva Linux Mandrake 10.1
Mandriva Linux Mandrake 10.0 AMD64
Mandriva Linux Mandrake 10.0
MandrakeSoft Multi Network Firewall 2.0
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
MandrakeSoft Corporate Server 2.1 x86_64
MandrakeSoft Corporate Server 2.1
IBM HTTP Server 1.3.28 .1
IBM HTTP Server 1.3.28
IBM HTTP Server 1.3.26 .2
IBM HTTP Server 1.3.26 .1
IBM HTTP Server 1.3.26
IBM Hardware Management Console (HMC) for pSeries 4.0 R2.0
IBM Hardware Management Console (HMC) for pSeries 3.3.2
IBM Hardware Management Console (HMC) for iSeries 4.0 R2.0
IBM Hardware Management Console (HMC) for iSeries 3.3.2
HP HP-UX 11.23
HP HP-UX 11.11
HP HP-UX 11.0 4
HP HP-UX 11.0
HP HP-UX B.11.23
HP HP-UX B.11.11
HP HP-UX B.11.11
HP HP-UX B.11.04
HP HP-UX B.11.00
Conectiva Linux 10.0
Conectiva Linux 9.0
Apple Mac OS X Server 10.4.3
Apple Mac OS X Server 10.4.2
Apple Mac OS X Server 10.4.1
Apple Mac OS X Server 10.4
Apple Mac OS X Server 10.3.9
Apple Mac OS X Server 10.3.8
Apple Mac OS X Server 10.3.7
Apple Mac OS X Server 10.3.6
Apple Mac OS X Server 10.3.5
Apple Mac OS X Server 10.3.4
Apple Mac OS X Server 10.3.3
Apple Mac OS X Server 10.3.2
Apple Mac OS X Server 10.3.1
Apple Mac OS X Server 10.3
Apache Software Foundation Apache 2.1.5
Apache Software Foundation Apache 2.1.4
Apache Software Foundation Apache 2.1.3
Apache Software Foundation Apache 2.1.2
Apache Software Foundation Apache 2.1.1
Apache Software Foundation Apache 2.1
Apache Software Foundation Apache 2.0.55
Apache Software Foundation Apache 2.0.54
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1
Apache Software Foundation Apache 2.0.53
Apache Software Foundation Apache 2.0.52
Apache Software Foundation Apache 2.0.51
Apache Software Foundation Apache 2.0.50
Apache Software Foundation Apache 2.0.49
+ S.u.S.E. Linux Personal 9.1
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
Apache Software Foundation Apache 2.0.48
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
+ S.u.S.E. Linux 8.1
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
+ S.u.S.E. Linux Personal 8.2
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
Apache Software Foundation Apache 2.0.47
Apache Software Foundation Apache 2.0.46
Apache Software Foundation Apache 2.0.45
Apache Software Foundation Apache 2.0.44
Apache Software Foundation Apache 2.0.43
Apache Software Foundation Apache 2.0.42
Apache Software Foundation Apache 2.0.41
Apache Software Foundation Apache 2.0.40
+ RedHat Linux 9.0 i386
+ RedHat Linux 8.0
+ Terra Soft Solutions Yellow Dog Linux 3.0
Apache Software Foundation Apache 2.0.39
Apache Software Foundation Apache 2.0.38
Apache Software Foundation Apache 2.0.37
Apache Software Foundation Apache 2.0.36
Apache Software Foundation Apache 2.0.35
Apache Software Foundation Apache 2.0.32
Apache Software Foundation Apache 2.0.28 Beta
Apache Software Foundation Apache 2.0.28
Apache Software Foundation Apache 2.0 a9
Apache Software Foundation Apache 2.0
Apache Software Foundation Apache 1.3.33
Apache Software Foundation Apache 1.3.29
+ Apple Mac OS X 10.3.5
+ Apple Mac OS X 10.2.7
+ Apple Mac OS X Server 10.3.5
+ Apple Mac OS X Server 10.2.7
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
+ OpenPKG OpenPKG 2.0
Apache Software Foundation Apache 1.3.26
+ Conectiva Linux 8.0
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
+ Mandriva Linux Mandrake 9.0
+ OpenPKG OpenPKG 1.1
+ Trustix Secure Linux 1.5
+ Trustix Secure Linux 1.2
+ Trustix Secure Linux 1.1
Apache Software Foundation Apache 2.1.6
Apache Software Foundation Apache 2.0.55
Apache Software Foundation Apache 1.3.34

- 不受影响的程序版本

Apache Software Foundation Apache 2.1.6
Apache Software Foundation Apache 2.0.55
Apache Software Foundation Apache 1.3.34

- 漏洞讨论

Apache is prone to an HTTP-request-smuggling attack.

A specially crafted request with a 'Transfer-Encoding: chunked' header and a 'Content-Length' header can cause the server to forward a reassembled request with the original 'Content-Length' header. As a result, the malicious request may piggyback on the valid HTTP request.

This attack may result in cache poisoning, cross-site scripting, session hijacking, and other attacks.

NOTE: This issue was originally described in BID 13873 (Multiple Vendor Multiple HTTP Request Smuggling Vulnerabilities). Since vendor confirmation and more details are available, the issue has now been assigned a new BID.

- 漏洞利用

No exploit is required. Proof-of-concept examples are available in the referenced Watchfire paper 'HTTP Request Smuggling'.

- 解决方案

NOTE: The vendor has released Apache 2.1.6 to address this issue in the 2.1.x branch. The vendor addressed this issue for earlier versions as well:

- Apache 2.0.55 of the 2.0 branch.
- Apache 1.3.34 of the 1.3 branch.

Please see the referenced vendor advisories for more information.


Sun Solaris 10.0

Sun Solaris 8_sparc

Sun Solaris 10

HP HP-UX B.11.11

HP HP-UX B.11.23

HP HP-UX B.11.11

HP HP-UX B.11.00

Apache Software Foundation Apache 1.3.26

Apache Software Foundation Apache 1.3.29

Apple Mac OS X Server 10.3.2

Apple Mac OS X Server 10.3.4

Apple Mac OS X Server 10.3.5

Apple Mac OS X Server 10.3.6

Apple Mac OS X Server 10.3.7

Apple Mac OS X Server 10.3.8

Apple Mac OS X Server 10.3.9

Apple Mac OS X Server 10.4

Apple Mac OS X Server 10.4.1

Apple Mac OS X Server 10.4.3

HP HP-UX 11.11

HP HP-UX 11.23

Apache Software Foundation Apache 2.0 a9

Apache Software Foundation Apache 2.0.28 Beta

Apache Software Foundation Apache 2.0.28

Apache Software Foundation Apache 2.0.37

Apache Software Foundation Apache 2.0.38

Apache Software Foundation Apache 2.0.40

Apache Software Foundation Apache 2.0.44

Apache Software Foundation Apache 2.0.48

Apache Software Foundation Apache 2.0.49

Apache Software Foundation Apache 2.0.53

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站