Gentoo Linux Security Advisory 200602-3

Gentoo Linux Security Advisory 200602-3: Posted Feb 7, 2006; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory GLSA 200602-03 - Apache's mod_imap fails to properly sanitize the Referer directive of imagemaps in some cases, leaving the HTTP Referer header unescaped. A flaw in mod_ssl can lead to a NULL pointer dereference if the site uses a custom Error 400 document. These vulnerabilities were reported by Marc Cox and Hartmut Keil, respectively. Versions less than 2.0.55-r1 are affected.; tags | advisory, web, vulnerability; systems | linux, gentoo; SHA-256 | 9d7ba6500ea8f5b41bd71774a5f548ec21497c8fbb6ce1759111e76f8ff9416d; Download | Favorite | View

Gentoo Linux Security Advisory 200602-3

--nextPart1996273.FKl4qdeASD
Content-Type: text/plain;
  charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 200602-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

  Severity: Normal
     Title: Apache: Multiple vulnerabilities
      Date: February 06, 2006
      Bugs: #115324, #118875
        ID: 200602-03

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Apache can be exploited for cross-site scripting attacks and is
vulnerable to a Denial of Service attack.

Background
==========

The Apache HTTP server is one of the most popular web servers on the
Internet. mod_imap provides support for server-side image maps; mod_ssl
provides secure HTTP connections.

Affected packages
=================

    -------------------------------------------------------------------
     Package         /   Vulnerable   /                     Unaffected
    -------------------------------------------------------------------
  1  net-www/apache      < 2.0.55-r1                      >= 2.0.55-r1
                                                        *>= 2.0.54-r16
                                                          == 1.3.34-r2
                                                        *>= 1.3.34-r11

Description
===========

Apache's mod_imap fails to properly sanitize the "Referer" directive of
imagemaps in some cases, leaving the HTTP Referer header unescaped. A
flaw in mod_ssl can lead to a NULL pointer dereference if the site uses
a custom "Error 400" document. These vulnerabilities were reported by
Marc Cox and Hartmut Keil, respectively.

Impact
======

A remote attacker could exploit mod_imap to inject arbitrary HTML or
JavaScript into a user's browser to gather sensitive information.
Attackers could also cause a Denial of Service on hosts using the SSL
module (Apache 2.0.x only).

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Apache users should upgrade to the latest version, depending on
whether they still use the old configuration style
(/etc/apache/conf/*.conf) or the new one (/etc/apache2/httpd.conf).

2.0.x users, new style config:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=net-www/apache-2.0.55-r1"

2.0.x users, old style config:

    # emerge --sync
    # emerge --ask --oneshot --verbose "=net-www/apache-2.0.54-r16"

1.x users, new style config:

    # emerge --sync
    # emerge --ask --oneshot --verbose "=net-www/apache-1.3.34-r11"

1.x users, old style config:

    # emerge --sync
    # emerge --ask --oneshot --verbose "=net-www/apache-1.3.34-r2"

References
==========

  [ 1 ] CVE-2005-3352
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352
  [ 2 ] CVE-2005-3357
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3357

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

  http://security.gentoo.org/glsa/glsa-200602-03.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.

License
=======

Copyright 2006 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0

--nextPart1996273.FKl4qdeASD
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQBD55EPzKC5hMHO6rkRAtoeAJ4pW7WGDIPCAByqJPu46PBfSAW9xACfavsc
pj+V+f56WhHtyJdccCIjLVY=
=GgmQ
-----END PGP SIGNATURE-----

--nextPart1996273.FKl4qdeASD--

Top Authors In Last 30 Days

Red Hat 213 files
indoushka 118 files
Ubuntu 88 files
Gentoo 33 files
Debian 25 files
Jasper Nota 25 files
Willem Westerhof 19 files
Jim Blankendaal 11 files
Apple 9 files
Martijn Baalman 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,107)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,567)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,890)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,615)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,777)
UNIX (9,440)
UnixWare (187)
Windows (6,676)
Other

Gentoo Linux Security Advisory 200602-3

Gentoo Linux Security Advisory 200602-3

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Gentoo Linux Security Advisory 200602-3

Share This

Gentoo Linux Security Advisory 200602-3

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems