what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2014-142

Mandriva Linux Security Advisory 2014-142
Posted Jul 31, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-142 - A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a threaded Multi-Processing Module could send a specially crafted request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the apache user. A denial of service flaw was found in the way httpd's mod_deflate module handled request body decompression (configured via the DEFLATE input filter. A remote attacker able to send a request whose body would be decompressed could use this flaw to consume an excessive amount of system memory and CPU on the target system. A denial of service flaw was found in the way httpd's mod_cgid module executed CGI scripts that did not read data from the standard input. A remote attacker could submit a specially crafted request that would cause the httpd child process to hang indefinitely.

tags | advisory, remote, denial of service, overflow, arbitrary, cgi
systems | linux, mandriva
advisories | CVE-2014-0118, CVE-2014-0226, CVE-2014-0231
SHA-256 | 6643c25c7b920a477f9ecad591516b72e4c07aed6b35d1aaad3b6ab25aeab395

Mandriva Linux Security Advisory 2014-142

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:142
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : apache
Date : July 30, 2014
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:

Updated apache package fixes security vulnerabilities:

A race condition flaw, leading to heap-based buffer overflows,
was found in the mod_status httpd module. A remote attacker able to
access a status page served by mod_status on a server using a threaded
Multi-Processing Module (MPM) could send a specially crafted request
that would cause the httpd child process to crash or, possibly,
allow the attacker to execute arbitrary code with the privileges of
the apache user (CVE-2014-0226).

A denial of service flaw was found in the way httpd's mod_deflate
module handled request body decompression (configured via the DEFLATE
input filter). A remote attacker able to send a request whose body
would be decompressed could use this flaw to consume an excessive
amount of system memory and CPU on the target system (CVE-2014-0118).

A denial of service flaw was found in the way httpd's mod_cgid module
executed CGI scripts that did not read data from the standard input. A
remote attacker could submit a specially crafted request that would
cause the httpd child process to hang indefinitely (CVE-2014-0231).
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231
http://advisories.mageia.org/MGASA-2014-0304.html
_______________________________________________________________________

Updated Packages:

Mandriva Business Server 1/X86_64:
e7ed0d96bdef964dcb281969c84ee246 mbs1/x86_64/apache-2.2.27-1.1.mbs1.x86_64.rpm
630779667690cc0344dc3a130922efb2 mbs1/x86_64/apache-devel-2.2.27-1.1.mbs1.x86_64.rpm
02f62e776b47bc71917bacc530116601 mbs1/x86_64/apache-doc-2.2.27-1.1.mbs1.noarch.rpm
5ac808d10784e0a0fed1b1238e965dc8 mbs1/x86_64/apache-htcacheclean-2.2.27-1.1.mbs1.x86_64.rpm
12d7209a6ac1af471fef5754d1efe901 mbs1/x86_64/apache-mod_authn_dbd-2.2.27-1.1.mbs1.x86_64.rpm
08e3be5cd2f1b233ead6ba70ee9a7e40 mbs1/x86_64/apache-mod_cache-2.2.27-1.1.mbs1.x86_64.rpm
9ca153c3ee32b84a5d6e694426d93b06 mbs1/x86_64/apache-mod_dav-2.2.27-1.1.mbs1.x86_64.rpm
a7df22dbf57ad3f926300dd250a8a34c mbs1/x86_64/apache-mod_dbd-2.2.27-1.1.mbs1.x86_64.rpm
93fd5123adf783e19a7e77c49bb2bab8 mbs1/x86_64/apache-mod_deflate-2.2.27-1.1.mbs1.x86_64.rpm
e967eab04bbfefc1c038460652834e16 mbs1/x86_64/apache-mod_disk_cache-2.2.27-1.1.mbs1.x86_64.rpm
44c6603d4f40f820b702d107e367838e mbs1/x86_64/apache-mod_file_cache-2.2.27-1.1.mbs1.x86_64.rpm
e257e68818d03a7e05f99f872aadb761 mbs1/x86_64/apache-mod_ldap-2.2.27-1.1.mbs1.x86_64.rpm
7636b2db4a8461242f3eaa58ca6c5810 mbs1/x86_64/apache-mod_mem_cache-2.2.27-1.1.mbs1.x86_64.rpm
795f09dd6508ce6f84683c0a4e0f50d8 mbs1/x86_64/apache-mod_proxy-2.2.27-1.1.mbs1.x86_64.rpm
31549291edb6d91b20dda3bbf4376f3e mbs1/x86_64/apache-mod_proxy_ajp-2.2.27-1.1.mbs1.x86_64.rpm
231002ea53e9c7b1fdf78d2b415e7ebe mbs1/x86_64/apache-mod_proxy_scgi-2.2.27-1.1.mbs1.x86_64.rpm
c5ec340109b8eb0aa36113ea2b9dff8b mbs1/x86_64/apache-mod_reqtimeout-2.2.27-1.1.mbs1.x86_64.rpm
7b20b71e0c7e424212d2b941cc8e70b7 mbs1/x86_64/apache-mod_ssl-2.2.27-1.1.mbs1.x86_64.rpm
fb27d8413c6f22b94af69e23084e61b0 mbs1/x86_64/apache-mod_suexec-2.2.27-1.1.mbs1.x86_64.rpm
3965833259f643f0a7141451e442c7b2 mbs1/x86_64/apache-mod_userdir-2.2.27-1.1.mbs1.x86_64.rpm
2b7434565978780882e69bbaa9102907 mbs1/x86_64/apache-mpm-event-2.2.27-1.1.mbs1.x86_64.rpm
7c350be0d459259ce9c49c1cf51564d3 mbs1/x86_64/apache-mpm-itk-2.2.27-1.1.mbs1.x86_64.rpm
ef3a271c37fde6b19ab6adaacd3fd046 mbs1/x86_64/apache-mpm-peruser-2.2.27-1.1.mbs1.x86_64.rpm
cd7752c067797c22144f5299fe782d42 mbs1/x86_64/apache-mpm-prefork-2.2.27-1.1.mbs1.x86_64.rpm
7d8576115cb675340084b8fbf884fb94 mbs1/x86_64/apache-mpm-worker-2.2.27-1.1.mbs1.x86_64.rpm
8fd89d82d258f6cdfab8bc8bfa581872 mbs1/x86_64/apache-source-2.2.27-1.1.mbs1.noarch.rpm
5dd921dbff39365fa187e6a24975e5e8 mbs1/SRPMS/apache-2.2.27-1.1.mbs1.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/en/support/security/advisories/

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFT2LgtmqjQ0CJFipgRAjI4AKCa/EAlbAtSuYQmxwqlnBVwnpQQ4ACgqEFK
1ZYV3mxcngE2yTMgkLb4G+U=
=zVB3
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close