---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: Mandriva update for apache2 SECUNIA ADVISORY ID: SA16753 VERIFY ADVISORY: http://secunia.com/advisories/16753/ CRITICAL: Moderately critical IMPACT: Security Bypass, DoS WHERE: >From remote OPERATING SYSTEM: Mandrakelinux 10.0 http://secunia.com/product/3918/ Mandrakelinux 10.1 http://secunia.com/product/4198/ DESCRIPTION: Mandriva has issued an update for apache2. This fixes a vulnerability and a security issue, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially bypass certain security restrictions. For more information: SA16559 SA16700 SOLUTION: Apply updated packages. Mandrakelinux 10.0 c3ed23adb5520b012f1c10bd631c6018 10.0/RPMS/apache2-2.0.48-6.11.100mdk.i586.rpm f8761ef4e61ce7744b75c8a8de61cdf1 10.0/RPMS/apache2-common-2.0.48-6.11.100mdk.i586.rpm de2e7f74e89ebb37a6ef718a12be902f 10.0/RPMS/apache2-devel-2.0.48-6.11.100mdk.i586.rpm ed0b72d5309626b96c3c38f1015c2860 10.0/RPMS/apache2-manual-2.0.48-6.11.100mdk.i586.rpm f65a339780a083298403712270bf517a 10.0/RPMS/apache2-mod_cache-2.0.48-6.11.100mdk.i586.rpm 9810ac0cdc1d6215c4704f29eb315d0e 10.0/RPMS/apache2-mod_dav-2.0.48-6.11.100mdk.i586.rpm 1ec5364b1fcacfe2a38a9ec1d25b114b 10.0/RPMS/apache2-mod_deflate-2.0.48-6.11.100mdk.i586.rpm b82a66e437c462e401fd3722a465bcf4 10.0/RPMS/apache2-mod_disk_cache-2.0.48-6.11.100mdk.i586.rpm e0fddaa3c8655c76dddeaefb3e0570ac 10.0/RPMS/apache2-mod_file_cache-2.0.48-6.11.100mdk.i586.rpm 59363c9c0d6525b269a40f975f4a6259 10.0/RPMS/apache2-mod_ldap-2.0.48-6.11.100mdk.i586.rpm 5b43545c79965b11d7957e6adba2313e 10.0/RPMS/apache2-mod_mem_cache-2.0.48-6.11.100mdk.i586.rpm dfcdfb0d8650d7c930172a3a5db3f441 10.0/RPMS/apache2-mod_proxy-2.0.48-6.11.100mdk.i586.rpm 0ce6233be2b2e36b0b386497bf208bc7 10.0/RPMS/apache2-mod_ssl-2.0.48-6.11.100mdk.i586.rpm 70dacf1f98682b910d0eaffd8b8e0eb9 10.0/RPMS/apache2-modules-2.0.48-6.11.100mdk.i586.rpm 7c409711aa895c8ea8cd3e7518e57bcb 10.0/RPMS/apache2-source-2.0.48-6.11.100mdk.i586.rpm 9bad55274b504895e56c53311c6b549f 10.0/RPMS/libapr0-2.0.48-6.11.100mdk.i586.rpm 8d29bf56013554140ee53950fcca9410 10.0/SRPMS/apache2-2.0.48-6.11.100mdk.src.rpm Mandrakelinux 10.0/AMD64 5959aa420b784a3c948a654f321cd2b9 amd64/10.0/RPMS/apache2-2.0.48-6.11.100mdk.amd64.rpm 111ac8f83281fb77a5dbc6736acacdb0 amd64/10.0/RPMS/apache2-common-2.0.48-6.11.100mdk.amd64.rpm 24ace7ff54ed9ca30ad63d2db911e488 amd64/10.0/RPMS/apache2-devel-2.0.48-6.11.100mdk.amd64.rpm 4d0c62200bcddbb537babe29ab8ee86a amd64/10.0/RPMS/apache2-manual-2.0.48-6.11.100mdk.amd64.rpm 86bc78ee571b5e447d0db8178e0a4862 amd64/10.0/RPMS/apache2-mod_cache-2.0.48-6.11.100mdk.amd64.rpm c7d69bd5d51eb9f234c818199fddbdea amd64/10.0/RPMS/apache2-mod_dav-2.0.48-6.11.100mdk.amd64.rpm 4785b9e8da509317f018c582ea2fe9f4 amd64/10.0/RPMS/apache2-mod_deflate-2.0.48-6.11.100mdk.amd64.rpm ce00c70b1079da0a0a5432abc1d708a0 amd64/10.0/RPMS/apache2-mod_disk_cache-2.0.48-6.11.100mdk.amd64.rpm 51e31767d8722fdd7e15fd7fc2c1bdde amd64/10.0/RPMS/apache2-mod_file_cache-2.0.48-6.11.100mdk.amd64.rpm 562604623e02b8e4ad814dedb2c775eb amd64/10.0/RPMS/apache2-mod_ldap-2.0.48-6.11.100mdk.amd64.rpm 5f8bf2dab896c449e41702e400175d06 amd64/10.0/RPMS/apache2-mod_mem_cache-2.0.48-6.11.100mdk.amd64.rpm ea55786b6fc44014f08711fd6b94118e amd64/10.0/RPMS/apache2-mod_proxy-2.0.48-6.11.100mdk.amd64.rpm 0c4ee48682525c6c019ceaf7f3ffc21e amd64/10.0/RPMS/apache2-mod_ssl-2.0.48-6.11.100mdk.amd64.rpm 171cd403c98c5ffbc7085e458b52bbad amd64/10.0/RPMS/apache2-modules-2.0.48-6.11.100mdk.amd64.rpm f07995ed367ce585efa450d282a39f2a amd64/10.0/RPMS/apache2-source-2.0.48-6.11.100mdk.amd64.rpm 7516f39fd25dfbe9df156d050cd5cf37 amd64/10.0/RPMS/lib64apr0-2.0.48-6.11.100mdk.amd64.rpm 8d29bf56013554140ee53950fcca9410 amd64/10.0/SRPMS/apache2-2.0.48-6.11.100mdk.src.rpm Mandrakelinux 10.1 9298f100a016ebf91e7ed2bb68ffa782 10.1/RPMS/apache2-2.0.50-7.4.101mdk.i586.rpm c3c7c01a71aca7d898071fe38b9e0029 10.1/RPMS/apache2-common-2.0.50-7.4.101mdk.i586.rpm 06c7b2f7a0e294d7115472ec2795c6eb 10.1/RPMS/apache2-devel-2.0.50-7.4.101mdk.i586.rpm 3241deb8bfdce1d810552e1da4172eca 10.1/RPMS/apache2-manual-2.0.50-7.4.101mdk.i586.rpm 547d637c9af30e21159b7e5ca55f2e9e 10.1/RPMS/apache2-mod_cache-2.0.50-7.4.101mdk.i586.rpm 0d3b51a87cc28953a2f8e62a10060c78 10.1/RPMS/apache2-mod_dav-2.0.50-7.4.101mdk.i586.rpm 4a3e71db64f56229805ced06a2796143 10.1/RPMS/apache2-mod_deflate-2.0.50-7.4.101mdk.i586.rpm 7a14a53f7eb3c356c5f1aa377938e69d 10.1/RPMS/apache2-mod_disk_cache-2.0.50-7.4.101mdk.i586.rpm aa39ba4d397d0095a0854ee77ae72e1f 10.1/RPMS/apache2-mod_file_cache-2.0.50-7.4.101mdk.i586.rpm a314cc48a755408e80bb9626e7a28731 10.1/RPMS/apache2-mod_ldap-2.0.50-7.4.101mdk.i586.rpm b97420430cfd9190917dfb7a41e5f8d0 10.1/RPMS/apache2-mod_mem_cache-2.0.50-7.4.101mdk.i586.rpm 5922f944a8fcf74ff0c9b45cffbb09f6 10.1/RPMS/apache2-mod_proxy-2.0.50-7.4.101mdk.i586.rpm 51111f25851c1bb2f4965070caf5ef0b 10.1/RPMS/apache2-mod_ssl-2.0.50-4.3.101mdk.i586.rpm 18d3410a2f360d821b60b46b3ec018a3 10.1/RPMS/apache2-modules-2.0.50-7.4.101mdk.i586.rpm a5beb9688175b863ed6f6892bf23bed4 10.1/RPMS/apache2-source-2.0.50-7.4.101mdk.i586.rpm bf038c8af8453bb09a25bd86d7a5d63f 10.1/RPMS/apache2-worker-2.0.50-7.4.101mdk.i586.rpm 02670d7f806c01e9733af31a5a829127 10.1/SRPMS/apache2-2.0.50-7.4.101mdk.src.rpm bde0511732391a216ab69617740b1285 10.1/SRPMS/apache2-mod_ssl-2.0.50-4.3.101mdk.src.rpm Mandrakelinux 10.1/X86_64 cf3ffc2f4c6f77bef3fe9fdfbfa6ab18 x86_64/10.1/RPMS/apache2-2.0.50-7.4.101mdk.x86_64.rpm 0b859489be6190cc8864dd43ea25f6c9 x86_64/10.1/RPMS/apache2-common-2.0.50-7.4.101mdk.x86_64.rpm f79e4889060bdaef1a0ba1f2e5e2d109 x86_64/10.1/RPMS/apache2-devel-2.0.50-7.4.101mdk.x86_64.rpm 9210487fb9bb2198ea9f7a344686ddfa x86_64/10.1/RPMS/apache2-manual-2.0.50-7.4.101mdk.x86_64.rpm 2a003b0b92cf73dbd97357cdc83f7a80 x86_64/10.1/RPMS/apache2-mod_cache-2.0.50-7.4.101mdk.x86_64.rpm e9158f8904f42917b109d8c29a1eaef5 x86_64/10.1/RPMS/apache2-mod_dav-2.0.50-7.4.101mdk.x86_64.rpm 7bc7ada5cb2e49eafacd58658a804e23 x86_64/10.1/RPMS/apache2-mod_deflate-2.0.50-7.4.101mdk.x86_64.rpm 3c2eb02ec0b6996b40ec2ed63ba0461b x86_64/10.1/RPMS/apache2-mod_disk_cache-2.0.50-7.4.101mdk.x86_64.rpm c5ef16ceace6b39b02980a2c1b2926db x86_64/10.1/RPMS/apache2-mod_file_cache-2.0.50-7.4.101mdk.x86_64.rpm c8c0bd27d380053ae9639355a1879e12 x86_64/10.1/RPMS/apache2-mod_ldap-2.0.50-7.4.101mdk.x86_64.rpm a0d9bb42c623783e2b69ace91ef8fe89 x86_64/10.1/RPMS/apache2-mod_mem_cache-2.0.50-7.4.101mdk.x86_64.rpm 4e01447b5b84020d1fef62334d134054 x86_64/10.1/RPMS/apache2-mod_proxy-2.0.50-7.4.101mdk.x86_64.rpm b9452df883f869eb41ee8f1cbecbfe99 x86_64/10.1/RPMS/apache2-mod_ssl-2.0.50-4.3.101mdk.x86_64.rpm f27ab73ba4c86da7d28185d01defa216 x86_64/10.1/RPMS/apache2-modules-2.0.50-7.4.101mdk.x86_64.rpm f5b12191de96443e50de6d066e27bfa9 x86_64/10.1/RPMS/apache2-source-2.0.50-7.4.101mdk.x86_64.rpm b9cec7a4e167a1f270452d4701447cb3 x86_64/10.1/RPMS/apache2-worker-2.0.50-7.4.101mdk.x86_64.rpm 02670d7f806c01e9733af31a5a829127 x86_64/10.1/SRPMS/apache2-2.0.50-7.4.101mdk.src.rpm bde0511732391a216ab69617740b1285 x86_64/10.1/SRPMS/apache2-mod_ssl-2.0.50-4.3.101mdk.src.rpm Corporate Server 3.0 22e18eaab021cfccf717d5eaec082ab1 corporate/3.0/RPMS/apache2-2.0.48-6.11.C30mdk.i586.rpm 24c63b872a0a532910acd4e700f69a06 corporate/3.0/RPMS/apache2-common-2.0.48-6.11.C30mdk.i586.rpm 764978136b58e99af9c26d57ef6f3b31 corporate/3.0/RPMS/apache2-manual-2.0.48-6.11.C30mdk.i586.rpm 4295a667e7658163c7b3f90556adce47 corporate/3.0/RPMS/apache2-mod_cache-2.0.48-6.11.C30mdk.i586.rpm 001d15856d121400c0dcfb3b5a1e9f3c corporate/3.0/RPMS/apache2-mod_dav-2.0.48-6.11.C30mdk.i586.rpm 7d9c3ea628e86fbe2385c07f2b04a69d corporate/3.0/RPMS/apache2-mod_disk_cache-2.0.48-6.11.C30mdk.i586.rpm eb7869e4b3f2e73b0636e6b06fce364a corporate/3.0/RPMS/apache2-mod_ldap-2.0.48-6.11.C30mdk.i586.rpm 457a47ed2f7279f303cc2e9d86030cda corporate/3.0/RPMS/apache2-mod_proxy-2.0.48-6.11.C30mdk.i586.rpm 4f929704feed4dcb3c9c443f3bed01dd corporate/3.0/RPMS/apache2-mod_ssl-2.0.48-6.11.C30mdk.i586.rpm f7738c77a130fbbae2ee44b3af16e4a0 corporate/3.0/RPMS/apache2-modules-2.0.48-6.11.C30mdk.i586.rpm d131b9a5dcd101b61779ee0ce619d105 corporate/3.0/RPMS/libapr0-2.0.48-6.11.C30mdk.i586.rpm d9878cfe7baf397d8380155859a44f94 corporate/3.0/SRPMS/apache2-2.0.48-6.11.C30mdk.src.rpm ORIGINAL ADVISORY: http://www.mandriva.com/security/advisories?name=MDKSA-2005:161 OTHER REFERENCES: SA16559: http://secunia.com/advisories/16559/ SA16700: http://secunia.com/advisories/16700/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------