LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: September 26th, 2014
Linux Security Week: September 22nd, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandrake: apache2 Denial of service vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by LinuxSecurity.com Team   
Mandrake A memory leak in mod_ssl in the Apache HTTP Server prior to version 2.0.49 allows a remote denial of service attack against an SSL-enabled server.

Mandrakelinux Security Update Advisory
 _______________________________________________________________________

 Package name:           apache2
 Advisory ID:            MDKSA-2004:043
 Date:                   May 10th, 2004

 Affected versions:	 10.0, 9.1, 9.2
 ______________________________________________________________________

 Problem Description:

 A memory leak in mod_ssl in the Apache HTTP Server prior to version           
 2.0.49 allows a remote denial of service attack against an SSL-enabled
 server. 
 
 The updated packages provide a patched mod_ssl to correct these
 problems.
 _______________________________________________________________________

 References:

   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0113
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 532c951a2e856a199362407bbd720bea  10.0/RPMS/apache2-2.0.48-6.1.100mdk.i586.rpm
 aaf7818ed49d7eea93cd8be9bafc9604  10.0/RPMS/apache2-common-2.0.48-6.1.100mdk.i586.rpm
 42e8e3361a2870ae5c764bee2334d3d2  10.0/RPMS/apache2-devel-2.0.48-6.1.100mdk.i586.rpm
 93974a49c89c02483887bdbd80108ab2  10.0/RPMS/apache2-manual-2.0.48-6.1.100mdk.i586.rpm
 ba37cf3b1997eb9449a7b1639c495afe  10.0/RPMS/apache2-mod_cache-2.0.48-6.1.100mdk.i586.rpm
 16a6141a93fb829f491daf60860f5666  10.0/RPMS/apache2-mod_dav-2.0.48-6.1.100mdk.i586.rpm
 6a8d97f4e4ac74aad25483b22fad95fc  10.0/RPMS/apache2-mod_deflate-2.0.48-6.1.100mdk.i586.rpm
 1827a1ecf6250cb6d31c2613ad810463  10.0/RPMS/apache2-mod_disk_cache-2.0.48-6.1.100mdk.i586.rpm
 5ef4c065e071275a9b291e483b3986e5  10.0/RPMS/apache2-mod_file_cache-2.0.48-6.1.100mdk.i586.rpm
 9c863cb5101db085b9955824bd452092  10.0/RPMS/apache2-mod_ldap-2.0.48-6.1.100mdk.i586.rpm
 677d50bcfd6400e2d599a0f6076b68af  10.0/RPMS/apache2-mod_mem_cache-2.0.48-6.1.100mdk.i586.rpm
 b76151c0bedac4f608617ed2af18abf4  10.0/RPMS/apache2-mod_proxy-2.0.48-6.1.100mdk.i586.rpm
 e2adf66af1c6741fb2054197c2dbd6a6  10.0/RPMS/apache2-mod_ssl-2.0.48-6.1.100mdk.i586.rpm
 7a27537ef71bc4d5c54625b060dbedf5  10.0/RPMS/apache2-modules-2.0.48-6.1.100mdk.i586.rpm
 62e878523dc30fa0eb026b89d53c1194  10.0/RPMS/apache2-source-2.0.48-6.1.100mdk.i586.rpm
 2a6c31fcaeb7bd382b2014c0e26e7aa1  10.0/RPMS/libapr0-2.0.48-6.1.100mdk.i586.rpm
 10f0202c416df685f75cdf2e9e17371e  10.0/SRPMS/apache2-2.0.48-6.1.100mdk.src.rpm

 Mandrakelinux 9.1:
 224e5dda94a7a7dab82d79f6c46396a8  9.1/RPMS/apache2-2.0.47-1.7.91mdk.i586.rpm
 22968f6ad5b25bff2642ad28021fc4af  9.1/RPMS/apache2-common-2.0.47-1.7.91mdk.i586.rpm
 f1f68cdc9b7b7d0c54147dc3bf6640fa  9.1/RPMS/apache2-devel-2.0.47-1.7.91mdk.i586.rpm
 0be71b125b03073f6488f36169559c47  9.1/RPMS/apache2-manual-2.0.47-1.7.91mdk.i586.rpm
 1ce19c65a7934dfb5fa62ed2115351eb  9.1/RPMS/apache2-mod_dav-2.0.47-1.7.91mdk.i586.rpm
 7887a7082207cce69fcc2ced053a4044  9.1/RPMS/apache2-mod_ldap-2.0.47-1.7.91mdk.i586.rpm
 4e719e3ec078fe05b6b58916baf311eb  9.1/RPMS/apache2-mod_ssl-2.0.47-1.7.91mdk.i586.rpm
 1908bcc959a702a9d7265dc3116a6ead  9.1/RPMS/apache2-modules-2.0.47-1.7.91mdk.i586.rpm
 5817db5654c325471219ec4b3c98ccf4  9.1/RPMS/apache2-source-2.0.47-1.7.91mdk.i586.rpm
 fcbc8d2e20e477aa0b63bb6a7e67c55b  9.1/RPMS/libapr0-2.0.47-1.7.91mdk.i586.rpm
 3a63938eae592a0437fb76f64c7efd60  9.1/SRPMS/apache2-2.0.47-1.7.91mdk.src.rpm

 Mandrakelinux 9.1/PPC:
 b55c0dfd5a5d90ebc2e536c90d20ccf1  ppc/9.1/RPMS/apache2-2.0.47-1.7.91mdk.ppc.rpm
 49400d29d0f7589bbd26f0ae3c4c689d  ppc/9.1/RPMS/apache2-common-2.0.47-1.7.91mdk.ppc.rpm
 b07803b544d4e001976229d21fbc531e  ppc/9.1/RPMS/apache2-devel-2.0.47-1.7.91mdk.ppc.rpm
 1fb08c4e5db906dc378b2f1c4899ea33  ppc/9.1/RPMS/apache2-manual-2.0.47-1.7.91mdk.ppc.rpm
 fda663af745d7ad64279e9572dae211e  ppc/9.1/RPMS/apache2-mod_dav-2.0.47-1.7.91mdk.ppc.rpm
 d4de598464a6428923de3043ffa0c2a6  ppc/9.1/RPMS/apache2-mod_ldap-2.0.47-1.7.91mdk.ppc.rpm
 2105ce6164a02e459bb3eeeb07f3c8dd  ppc/9.1/RPMS/apache2-mod_ssl-2.0.47-1.7.91mdk.ppc.rpm
 65b7f816e1931d238675d24b8395c610  ppc/9.1/RPMS/apache2-modules-2.0.47-1.7.91mdk.ppc.rpm
 b1857e8f6b90546a8f0e1640e5af378d  ppc/9.1/RPMS/apache2-source-2.0.47-1.7.91mdk.ppc.rpm
 68860abfbb9e7ebd1454feebf2b261dd  ppc/9.1/RPMS/libapr0-2.0.47-1.7.91mdk.ppc.rpm
 3a63938eae592a0437fb76f64c7efd60  ppc/9.1/SRPMS/apache2-2.0.47-1.7.91mdk.src.rpm

 Mandrakelinux 9.2:
 789a99411d67d1ce4ea4476739fe8f05  9.2/RPMS/apache2-2.0.47-6.4.92mdk.i586.rpm
 4a69dbc249db52654ce08c458bb12590  9.2/RPMS/apache2-common-2.0.47-6.4.92mdk.i586.rpm
 e637e85cf0e7d26a3db224ca275873d4  9.2/RPMS/apache2-devel-2.0.47-6.4.92mdk.i586.rpm
 aeba5b682e253a78068a7ee65de2f66c  9.2/RPMS/apache2-manual-2.0.47-6.4.92mdk.i586.rpm
 81d435af697858141a8fabc90b33ae26  9.2/RPMS/apache2-mod_cache-2.0.47-6.4.92mdk.i586.rpm
 b893135ff384838c0a349ea2eac4d3de  9.2/RPMS/apache2-mod_dav-2.0.47-6.4.92mdk.i586.rpm
 9a20ef3b0904bf445b3ece28b7080164  9.2/RPMS/apache2-mod_deflate-2.0.47-6.4.92mdk.i586.rpm
 ddec306b01653022bc65631bf05e5fde  9.2/RPMS/apache2-mod_disk_cache-2.0.47-6.4.92mdk.i586.rpm
 ffd1676b2b7b86846634979f4b168859  9.2/RPMS/apache2-mod_file_cache-2.0.47-6.4.92mdk.i586.rpm
 bac512f8f990400ad0dbef903b38448b  9.2/RPMS/apache2-mod_ldap-2.0.47-6.4.92mdk.i586.rpm
 7eda96296894a887d4d7618a24dc5aec  9.2/RPMS/apache2-mod_mem_cache-2.0.47-6.4.92mdk.i586.rpm
 6a79afc9bd5f1850be2bd82d244d8ccb  9.2/RPMS/apache2-mod_proxy-2.0.47-6.4.92mdk.i586.rpm
 61972ba631c361f0e3f0863a26001d20  9.2/RPMS/apache2-mod_ssl-2.0.47-6.4.92mdk.i586.rpm
 d97100f8181716eeb5d2ab4d20bb8bc1  9.2/RPMS/apache2-modules-2.0.47-6.4.92mdk.i586.rpm
 08905fea2a078dbb36f953c17f334dce  9.2/RPMS/apache2-source-2.0.47-6.4.92mdk.i586.rpm
 93c6a24dd9f4af88157e193df63a47c6  9.2/RPMS/libapr0-2.0.47-6.4.92mdk.i586.rpm
 7d51dac774f2d887b4856990dc9fd5b1  9.2/SRPMS/apache2-2.0.47-6.4.92mdk.src.rpm

 Mandrakelinux 9.2/AMD64:
 7348baec2a9ee27adb7d3f0b9338a88d  amd64/9.2/RPMS/apache2-2.0.47-6.4.92mdk.amd64.rpm
 9397b3136c547cd44108572b95a77070  amd64/9.2/RPMS/apache2-common-2.0.47-6.4.92mdk.amd64.rpm
 96fb3738db8400f305ec9dcb7d1ac6fa  amd64/9.2/RPMS/apache2-devel-2.0.47-6.4.92mdk.amd64.rpm
 41e476759a14a345664c23ff41352032  amd64/9.2/RPMS/apache2-manual-2.0.47-6.4.92mdk.amd64.rpm
 6e7981bb03b337e006332b3954505353  amd64/9.2/RPMS/apache2-mod_cache-2.0.47-6.4.92mdk.amd64.rpm
 9ac5aa7d5d4789c405606ffb94c73c27  amd64/9.2/RPMS/apache2-mod_dav-2.0.47-6.4.92mdk.amd64.rpm
 69f831614c30c05396219c1f005e2a8f  amd64/9.2/RPMS/apache2-mod_deflate-2.0.47-6.4.92mdk.amd64.rpm
 732d8e9b68178cff1ff84d461782471c  amd64/9.2/RPMS/apache2-mod_disk_cache-2.0.47-6.4.92mdk.amd64.rpm
 de7d183e50e3f8d1f21b3096e3b673a6  amd64/9.2/RPMS/apache2-mod_file_cache-2.0.47-6.4.92mdk.amd64.rpm
 a6e91e4734ced8e5374efaa1f2ca3a4c  amd64/9.2/RPMS/apache2-mod_ldap-2.0.47-6.4.92mdk.amd64.rpm
 23efa2aebf4f31a22e039f30f30c13ae  amd64/9.2/RPMS/apache2-mod_mem_cache-2.0.47-6.4.92mdk.amd64.rpm
 ec40d800c099decec00a5aae69b3b703  amd64/9.2/RPMS/apache2-mod_proxy-2.0.47-6.4.92mdk.amd64.rpm
 2fbf446a8c3d9bda09598415cb3c641d  amd64/9.2/RPMS/apache2-mod_ssl-2.0.47-6.4.92mdk.amd64.rpm
 c6ab1265bf1ea5c2d34ac42293f5e12c  amd64/9.2/RPMS/apache2-modules-2.0.47-6.4.92mdk.amd64.rpm
 b1d8ff422f5fd0dd161208018717f0e0  amd64/9.2/RPMS/apache2-source-2.0.47-6.4.92mdk.amd64.rpm
 9995904303e6275524baf47b16adbe39  amd64/9.2/RPMS/lib64apr0-2.0.47-6.4.92mdk.amd64.rpm
 7d51dac774f2d887b4856990dc9fd5b1  amd64/9.2/SRPMS/apache2-2.0.47-6.4.92mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 A list of FTP mirrors can be obtained from:

   http://www.mandrakesecure.net/en/ftp.php

 All packages are signed by Mandrakesoft for security.  You can obtain
 the GPG public key of the Mandrakelinux Security Team by executing:

  gpg --recv-keys --keyserver www.mandrakesecure.net 0x22458A98

 Please be aware that sometimes it takes the mirrors a few hours to
 update.

 You can view other update advisories for Mandrakelinux at:

   http://www.mandrakesecure.net/en/advisories/

 Mandrakesoft has several security-related mailing list services that
 anyone can subscribe to.  Information on these lists can be obtained by
 visiting:

   http://www.mandrakesecure.net/en/mlist.php

 If you want to report vulnerabilities, please contact

  security_linux-mandrake.com

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team
  

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Honeypot Snares Two Bots Exploiting Bash Vulnerability
CloudFlare Rolls Out Free SSL
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.