` 

---------------------------------------------------------------------
                   Red Hat, Inc. Red Hat Security Advisory

Synopsis:          Updated Apache packages fix chunked encoding issue
Advisory ID:       RHSA-2002:103-13
Issue date:        2002-05-29
Updated on:        2002-06-19
Product:           Red Hat Linux
Keywords:          apache chunked encoding DoS
Cross references:  RHSA-2002:117
Obsoletes:         RHSA-2001:126
CVE Names:         CAN-2002-0392
---------------------------------------------------------------------

1. Topic:

The Apache Web server contains a security vulnerability which can be used
to launch a denial of service attack, or in some cases, allow remote code
execution.

2. Relevant releases/architectures:

Red Hat Linux 6.2 - alpha, i386, sparc

Red Hat Linux 7.0 - alpha, i386

Red Hat Linux 7.1 - alpha, i386, ia64

Red Hat Linux 7.2 - i386, ia64

Red Hat Linux 7.3 - i386

3. Problem description:

Versions of the Apache Web server up to and including 1.3.24 contain a bug
in the routines which deal with requests encoded using "chunked" encoding.
A carefully crafted invalid request can cause an Apache child process to
call the memcpy() function in a way that will write past the end of its
buffer, corrupting the stack.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2002-0392 to this issue.

Our investigations show that this bug cannot be used to gain remote access
to a server running Apache on Red Hat Linux on 32-bit platforms, but it
does cause the child process to die. The Apache parent process will
notice this and start a new child process when necessary -- using more
resources than normal.

Investigations by the Apache Software Foundation show that in some cases
64-bit platforms may have a greater exposure and could be remotely
exploited to allow arbitrary code to be run on the server.

We have backported the security fix from the official Apache 1.3.26
release. This should help minimize the impact of upgrading to our errata
packages.

All users of Apache should update to these errata packages to correct this
security issue.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.  Only those
RPMs which are currently installed will be updated.  Those RPMs which are
not installed but included in the list will not be updated.  Note that you
can also use wildcards (*.rpm) if your current directory *only* contains
the desired RPMs.

Please note that this update is also available via Red Hat Network.  Many
people find this an easier way to apply updates.  To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

5. Bug IDs fixed  (  for more info):



6. RPMs required:

Red Hat Linux 6.2:

SRPMS: 
 

alpha: 
  
  
 

i386: 
  
  
 

sparc: 
  
  
 

Red Hat Linux 7.0:

SRPMS: 
 

alpha: 
  
  
 

i386: 
  
  
 

Red Hat Linux 7.1:

SRPMS: 
 

alpha: 
  
  
 

i386: 
  
  
 

ia64: 
  
  
 

Red Hat Linux 7.2:

SRPMS: 
 

i386: 
  
  
 

ia64: 
  
  
 

Red Hat Linux 7.3:

SRPMS: 
 

i386: 
  
  
 



7. Verification:

MD5 sum                          Package Name
--------------------------------------------------------------------------
c9cc91b855c94af3abe311195a04aade 6.2/en/os/SRPMS/apache-1.3.22-5.6.src.rpm
e399aa8737897f24d4623095a172f006 6.2/en/os/alpha/apache-1.3.22-5.6.alpha.rpm
8e9a722fded471509bc8931ae61d8129 6.2/en/os/alpha/apache-devel-1.3.22-5.6.alpha.rpm
88a016e02120651c31507e7b353ce70d 6.2/en/os/alpha/apache-manual-1.3.22-5.6.alpha.rpm
6d4c4572e78e896a3524e27b3a66f95c 6.2/en/os/i386/apache-1.3.22-5.6.i386.rpm
192b4845d74ea1c4ca322dd12cff6753 6.2/en/os/i386/apache-devel-1.3.22-5.6.i386.rpm
8c7c2dae4dbba20b9bc19627ca931c16 6.2/en/os/i386/apache-manual-1.3.22-5.6.i386.rpm
1a04dc5b42074c669dddf758889fdbc6 6.2/en/os/sparc/apache-1.3.22-5.6.sparc.rpm
e4b719011fc78631a7ef378c66ace855 6.2/en/os/sparc/apache-devel-1.3.22-5.6.sparc.rpm
cfe617f37ed9aab2365d67dca1f9fa52 6.2/en/os/sparc/apache-manual-1.3.22-5.6.sparc.rpm
b1add5144050db80c5b2bdce9d548b58 7.0/en/os/SRPMS/apache-1.3.22-5.7.1.src.rpm
ec7369dc5a84513635a5a98133be60be 7.0/en/os/alpha/apache-1.3.22-5.7.1.alpha.rpm
dbae5cade3259bbcf757868f1715eedb 7.0/en/os/alpha/apache-devel-1.3.22-5.7.1.alpha.rpm
2a55386b504652e054bb640e5d201f20 7.0/en/os/alpha/apache-manual-1.3.22-5.7.1.alpha.rpm
731785ece8addde5d9428b9015c57866 7.0/en/os/i386/apache-1.3.22-5.7.1.i386.rpm
1fd7cc20f207610b860d9311fddbfa09 7.0/en/os/i386/apache-devel-1.3.22-5.7.1.i386.rpm
2cadb7f177f0bb7269e6dd0a88578e4b 7.0/en/os/i386/apache-manual-1.3.22-5.7.1.i386.rpm
b1add5144050db80c5b2bdce9d548b58 7.1/en/os/SRPMS/apache-1.3.22-5.7.1.src.rpm
ec7369dc5a84513635a5a98133be60be 7.1/en/os/alpha/apache-1.3.22-5.7.1.alpha.rpm
dbae5cade3259bbcf757868f1715eedb 7.1/en/os/alpha/apache-devel-1.3.22-5.7.1.alpha.rpm
2a55386b504652e054bb640e5d201f20 7.1/en/os/alpha/apache-manual-1.3.22-5.7.1.alpha.rpm
731785ece8addde5d9428b9015c57866 7.1/en/os/i386/apache-1.3.22-5.7.1.i386.rpm
1fd7cc20f207610b860d9311fddbfa09 7.1/en/os/i386/apache-devel-1.3.22-5.7.1.i386.rpm
2cadb7f177f0bb7269e6dd0a88578e4b 7.1/en/os/i386/apache-manual-1.3.22-5.7.1.i386.rpm
b981535612f142e5a639653f0910aba7 7.1/en/os/ia64/apache-1.3.22-5.7.1.ia64.rpm
48e67955fa90dc3fca4a9fa54fab50f4 7.1/en/os/ia64/apache-devel-1.3.22-5.7.1.ia64.rpm
d7d617e218e24213b94a6c39414f2cc6 7.1/en/os/ia64/apache-manual-1.3.22-5.7.1.ia64.rpm
7f7dc17add4c51e87f575c9d92dbff93 7.2/en/os/SRPMS/apache-1.3.22-6.src.rpm
1f68721d45673d38ec8103e60f8b73f7 7.2/en/os/i386/apache-1.3.22-6.i386.rpm
c0c85594e3c818756922d227a111cbdc 7.2/en/os/i386/apache-devel-1.3.22-6.i386.rpm
c2fab1baaac50f2f7852ca452733c395 7.2/en/os/i386/apache-manual-1.3.22-6.i386.rpm
1efb1921007440d3593299ef2a0e6cb5 7.2/en/os/ia64/apache-1.3.22-6.ia64.rpm
f8f970bbc5c1fe493e7085e35c558b47 7.2/en/os/ia64/apache-devel-1.3.22-6.ia64.rpm
c838ac0248526139d2c706dd93e15f45 7.2/en/os/ia64/apache-manual-1.3.22-6.ia64.rpm
c591a36143a23a48706a88c1a031435f 7.3/en/os/SRPMS/apache-1.3.23-14.src.rpm
28471eb382a8495f3b89fb7d802659e1 7.3/en/os/i386/apache-1.3.23-14.i386.rpm
e4995ac4b722f3e53566e4dcd1b07692 7.3/en/os/i386/apache-devel-1.3.23-14.i386.rpm
be2830997ba9b1807d35985e6ab80caf 7.3/en/os/i386/apache-manual-1.3.23-14.i386.rpm
 

These packages are GPG signed by Red Hat, Inc. for security.  Our key
is available at:
     About

You can verify each package with the following command:
    rpm --checksig  

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
    rpm --checksig --nogpg 

8. References:
 
apache 
Apache Week. Security issue forces release of 1.3.26, 2.0.39 
CVE -CVE-2002-0392



Copyright(c) 2000, 2001, 2002 Red Hat, Inc.
`

RedHat: 'apache' Denial of Service vulnerability

The Apache Web server contains a security vulnerability which can be usedto launch a denial of service attack, or in some cases, allow remote codeexecution.

Summary



Summary

Versions of the Apache Web server up to and including 1.3.24 contain a bugin the routines which deal with requests encoded using "chunked" encoding.A carefully crafted invalid request can cause an Apache child process tocall the memcpy() function in a way that will write past the end of itsbuffer, corrupting the stack.The Common Vulnerabilities and Exposures project (cve.mitre.org) hasassigned the name CAN-2002-0392 to this issue.Our investigations show that this bug cannot be used to gain remote accessto a server running Apache on Red Hat Linux on 32-bit platforms, but itdoes cause the child process to die. The Apache parent process willnotice this and start a new child process when necessary -- using moreresources than normal.Investigations by the Apache Software Foundation show that in some cases64-bit platforms may have a greater exposure and could be remotelyexploited to allow arbitrary code to be run on the server.We have backported the security fix from the official Apache 1.3.26release. This should help minimize the impact of upgrading to our erratapackages.All users of Apache should update to these errata packages to correct thissecurity issue.


Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.
To update all RPMs for your particular architecture, run:
rpm -Fvh [filenames]
where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs.
Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.
5. Bug IDs fixed ( for more info):


6. RPMs required:
Red Hat Linux 6.2:
SRPMS:

alpha:



i386:



sparc:



Red Hat Linux 7.0:
SRPMS:

alpha:



i386:



Red Hat Linux 7.1:
SRPMS:

alpha:



i386:



ia64:



Red Hat Linux 7.2:
SRPMS:

i386:



ia64:



Red Hat Linux 7.3:
SRPMS:

i386:





7. Verification:
MD5 sum Package Name c9cc91b855c94af3abe311195a04aade 6.2/en/os/SRPMS/apache-1.3.22-5.6.src.rpm e399aa8737897f24d4623095a172f006 6.2/en/os/alpha/apache-1.3.22-5.6.alpha.rpm 8e9a722fded471509bc8931ae61d8129 6.2/en/os/alpha/apache-devel-1.3.22-5.6.alpha.rpm 88a016e02120651c31507e7b353ce70d 6.2/en/os/alpha/apache-manual-1.3.22-5.6.alpha.rpm 6d4c4572e78e896a3524e27b3a66f95c 6.2/en/os/i386/apache-1.3.22-5.6.i386.rpm 192b4845d74ea1c4ca322dd12cff6753 6.2/en/os/i386/apache-devel-1.3.22-5.6.i386.rpm 8c7c2dae4dbba20b9bc19627ca931c16 6.2/en/os/i386/apache-manual-1.3.22-5.6.i386.rpm 1a04dc5b42074c669dddf758889fdbc6 6.2/en/os/sparc/apache-1.3.22-5.6.sparc.rpm e4b719011fc78631a7ef378c66ace855 6.2/en/os/sparc/apache-devel-1.3.22-5.6.sparc.rpm cfe617f37ed9aab2365d67dca1f9fa52 6.2/en/os/sparc/apache-manual-1.3.22-5.6.sparc.rpm b1add5144050db80c5b2bdce9d548b58 7.0/en/os/SRPMS/apache-1.3.22-5.7.1.src.rpm ec7369dc5a84513635a5a98133be60be 7.0/en/os/alpha/apache-1.3.22-5.7.1.alpha.rpm dbae5cade3259bbcf757868f1715eedb 7.0/en/os/alpha/apache-devel-1.3.22-5.7.1.alpha.rpm 2a55386b504652e054bb640e5d201f20 7.0/en/os/alpha/apache-manual-1.3.22-5.7.1.alpha.rpm 731785ece8addde5d9428b9015c57866 7.0/en/os/i386/apache-1.3.22-5.7.1.i386.rpm 1fd7cc20f207610b860d9311fddbfa09 7.0/en/os/i386/apache-devel-1.3.22-5.7.1.i386.rpm 2cadb7f177f0bb7269e6dd0a88578e4b 7.0/en/os/i386/apache-manual-1.3.22-5.7.1.i386.rpm b1add5144050db80c5b2bdce9d548b58 7.1/en/os/SRPMS/apache-1.3.22-5.7.1.src.rpm ec7369dc5a84513635a5a98133be60be 7.1/en/os/alpha/apache-1.3.22-5.7.1.alpha.rpm dbae5cade3259bbcf757868f1715eedb 7.1/en/os/alpha/apache-devel-1.3.22-5.7.1.alpha.rpm 2a55386b504652e054bb640e5d201f20 7.1/en/os/alpha/apache-manual-1.3.22-5.7.1.alpha.rpm 731785ece8addde5d9428b9015c57866 7.1/en/os/i386/apache-1.3.22-5.7.1.i386.rpm 1fd7cc20f207610b860d9311fddbfa09 7.1/en/os/i386/apache-devel-1.3.22-5.7.1.i386.rpm 2cadb7f177f0bb7269e6dd0a88578e4b 7.1/en/os/i386/apache-manual-1.3.22-5.7.1.i386.rpm b981535612f142e5a639653f0910aba7 7.1/en/os/ia64/apache-1.3.22-5.7.1.ia64.rpm 48e67955fa90dc3fca4a9fa54fab50f4 7.1/en/os/ia64/apache-devel-1.3.22-5.7.1.ia64.rpm d7d617e218e24213b94a6c39414f2cc6 7.1/en/os/ia64/apache-manual-1.3.22-5.7.1.ia64.rpm 7f7dc17add4c51e87f575c9d92dbff93 7.2/en/os/SRPMS/apache-1.3.22-6.src.rpm 1f68721d45673d38ec8103e60f8b73f7 7.2/en/os/i386/apache-1.3.22-6.i386.rpm c0c85594e3c818756922d227a111cbdc 7.2/en/os/i386/apache-devel-1.3.22-6.i386.rpm c2fab1baaac50f2f7852ca452733c395 7.2/en/os/i386/apache-manual-1.3.22-6.i386.rpm 1efb1921007440d3593299ef2a0e6cb5 7.2/en/os/ia64/apache-1.3.22-6.ia64.rpm f8f970bbc5c1fe493e7085e35c558b47 7.2/en/os/ia64/apache-devel-1.3.22-6.ia64.rpm c838ac0248526139d2c706dd93e15f45 7.2/en/os/ia64/apache-manual-1.3.22-6.ia64.rpm c591a36143a23a48706a88c1a031435f 7.3/en/os/SRPMS/apache-1.3.23-14.src.rpm 28471eb382a8495f3b89fb7d802659e1 7.3/en/os/i386/apache-1.3.23-14.i386.rpm e4995ac4b722f3e53566e4dcd1b07692 7.3/en/os/i386/apache-devel-1.3.23-14.i386.rpm be2830997ba9b1807d35985e6ab80caf 7.3/en/os/i386/apache-manual-1.3.23-14.i386.rpm

These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: About
You can verify each package with the following command: rpm --checksig
If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg

References

apache Apache Week. Security issue forces release of 1.3.26, 2.0.39 CVE -CVE-2002-0392 Copyright(c) 2000, 2001, 2002 Red Hat, Inc. `

Package List


Severity
Advisory ID: RHSA-2002:103-13
Issued Date: : 2002-05-29
Updated on: 2002-06-19
Product: Red Hat Linux
Keywords: apache chunked encoding DoS
Cross references: RHSA-2002:117
Obsoletes: RHSA-2001:126
CVE Names: CAN-2002-0392

Topic


Topic

The Apache Web server contains a security vulnerability which can be used

to launch a denial of service attack, or in some cases, allow remote code

execution.


 

Relevant Releases Architectures

Red Hat Linux 6.2 - alpha, i386, sparc

Red Hat Linux 7.0 - alpha, i386

Red Hat Linux 7.1 - alpha, i386, ia64

Red Hat Linux 7.2 - i386, ia64

Red Hat Linux 7.3 - i386


Bugs Fixed


Related News

24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved