Secunia Security Advisory - Sun has acknowledged some vulnerabilities in Apache2 for Solaris, where the most critical can be exploited by malicious people to cause a DoS (Denial of Service), conduct HTTP request smuggling attacks, and bypass certain security restrictions.
9d9f975b47d8abe002e0e57f66ab81f5c2070031eb7049bafdb112f25f1f8cbe
TITLE:
Sun Solaris Multiple Apache2 Vulnerabilities
SECUNIA ADVISORY ID:
SA19072
VERIFY ADVISORY:
http://secunia.com/advisories/19072/
CRITICAL:
Moderately critical
IMPACT:
Security Bypass, Cross Site Scripting, Manipulation of data, Exposure
of sensitive information, Privilege escalation, DoS
WHERE:
>From remote
OPERATING SYSTEM:
Sun Solaris 10
http://secunia.com/product/4813/
DESCRIPTION:
Sun has acknowledged some vulnerabilities in Apache2 for Solaris,
where the most critical can be exploited by malicious people to cause
a DoS (Denial of Service), conduct HTTP request smuggling attacks, and
bypass certain security restrictions.
For more information:
SA11176
SA12787
SA13045
SA14530
SA16559
SA16688
SA16700
SOLUTION:
The vendor recommends installing Apache 2.0.55 or later from the
Apache site, until patches are available.
ORIGINAL ADVISORY:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1
OTHER REFERENCES:
SA11176:
http://secunia.com/advisories/11176/
SA12787:
http://secunia.com/advisories/12787/
SA13045:
http://secunia.com/advisories/13045/
SA14530:
http://secunia.com/advisories/14530/
SA16559:
http://secunia.com/advisories/16559/
SA16688:
http://secunia.com/advisories/16688/
SA16700:
http://secunia.com/advisories/16700/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------