Linux Today: Linux News On Internet Time.
Search Linux Today
search.internet.com
Linux News Sections: Blog - Developer - High Performance - Infrastructure - IT Management - Security - Storage -
Linux Today Navigation
LT Home
Preferences
Contribute
Link to Us
Search
Linux Jobs

Become a Marketplace Partner

internet.commerce
Be a Commerce Partner














The Linux Channel at internet.com
Linux Today
Enterprise Linux Today
Apache Today
JustLinux.com
Linux Planet
PHPBuilder
All Linux Devices
Technology Jobs

JustTechJobs.com

LinuxToday Newsletters
Subscribe News
Subscribe PR
Subscribe Security

internet.com
IT
Developer
Internet News
Small Business
Personal Technology

Search internet.com
Advertise
Corporate Info
Newsletters
Tech Jobs
E-mail Offers

 






Current Newswire:

3 Easy ways to try out Linux

Amahi Linux Home Server 4.2

Matthias Ettrich Receives German Federal Cross of Merit

Using Windows Is Like...

Installing Ubuntu 9.10

Hands-on: OpenMoko WikiReader is simple, appealing

Perl far from dead, more popular than you think

Microsoft Exchange alternatives

Kubuntu 9.10: A Mixed Bag

Could Microsoft switch to Linux?




UNIX System Administrator - SUN Solaris, Veritas, EMC, Shell Scripting, SAN (NYC)
Next Step Systems
US-NY-New York

Justtechjobs.com Post A Job | Post A Resume
:tinysofa Advisory: apache/httpd
tinysofa Advisory: apache/httpd
Jun 30, 2004, 02 :28 UTC (0 Talkback[s]) (2272 reads)

Package name: apache / httpd
Summary: Denial Of Service
Advisory ID: TSSA-2004-012
Date: 2004-06-29 Affected versions: tinysofa enterprise server 1.0 tinysofa enterprise server 1.0-U1 tinysofa enterprise server 1.0-U2 tinysofa enterprise server 2.0-pre1

Security Fixes

Description

apache:

  • A remote exploit has been discovered in the Apache HTTP server [0]=20 which allows an attacker to cause the server to allocate increasing amounts of memory until system memory is exhausted or until process limits are reached.

This problem has been assigned the name CAN-2004-0493 [1] by the=20 Common Vulnerabilities and Exposures (CVE) project.

References

[0] http://httpd.apache.org/
[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCAN-2004-0493

Recommended Action

We recommend that all systems with these packages installed be upgraded. Please note that if you do not need the functionality provided by this package, you may want to remove it from your system.

Location

All tinysofa updates are available from <URI:http://http.tinysofa.org/pub/tinysofa/updates/>
<URI:ftp://ftp.tinysofa.org/pub/tinysofa/updates/>

Automatic Updates

Users of the SWUP tool can enjoy having updates automatically installed using 'swup --upgrade'.

Users of the APT tool may use the 'apt-get upgrade' command.

Questions?

Check out our mailing lists:
<URI:http://www.tinysofa.org/support/>

Verification

This advisory is signed with the tinysofa security sign key. This key is available from:
<URI:http://pgp.mit.edu:11371/pks/lookup?op=3Dget&search=3D0xAEDCBB4B>

All tinysofa packages are signed with the tinysofa stable sign key. This key is available from:
<URI:http://pgp.mit.edu:11371/pks/lookup?op=3Dget&search=3D0x0F1240A2>

The advisory is available from the tinysofa errata database at
<URI:http://www.tinysofa.org/support/errata/>
or directly at
<URI:http://www.tinysofa.org/support/errata/2004/012.html>

MD5sums Of The Packages

[server-1.0]

ebc6032e2b8581955df97921bd194fda apache-2.0.49-14ts.i586.rpm
581dfd444acf8e5d22bd1f2ce34a7213 apache-dbm-2.0.49-14ts.i586.rpm
079c2e42a23afbe60f8f8b98b9287410 apache-devel-2.0.49-14ts.i586.rpm
4956d084928e6f3591cf112d211496a5 apache-manual-2.0.49-14ts.i586.rpm
e36c1e88e598907e7ec44b13eca9d64b apr-0.9.5-14ts.i586.rpm
acdac3d099decb442e271febc18696d9 apr-devel-0.9.5-14ts.i586.rpm
b45a7a65fe3cc2bc435bdabb79535373 apr-util-0.9.5-14ts.i586.rpm
5110e06e4d7bf2b24e8298cc2c0b54f4 apr-util-devel-0.9.5-14ts.i586.rpm

[server-2.0]

dc3bf12c0df7ea363da38382e11ed5d4 httpd-2.0.49-8ts.i386.rpm
0cb2829c70eed23a3a839ee0e3cb755a httpd-devel-2.0.49-8ts.i386.rpm
6f4915a3221629c2a56b4ccc517509f4 httpd-manual-2.0.49-8ts.i386.rpm
62df1e70370c41795e6abff6950e925b mod_ssl-2.0.49-8ts.i386.rpm

--
tinysofa Security Team <security at tinysofa dot org>



No talkbacks posted.
  Home | Search Talkbacks | Customize View    Top of Page  



Enter your comments below:

* Your Name:

* Your Email Address:

* Subject:

CC: [will also send this talkback to an E-Mail address]

* Comments:

Tags allowed:<I>,<B> and <U>. See our talkback-policy for more about talkback content.

Fields marked with * are required!






..............................




All times are recorded in UTC.
Linux is a trademark of Linus Torvalds.
Powered by Linux, Apache and PHP

internet.commediabistro.comJusttechjobs.comGraphics.com

Search:

WebMediaBrands Corporate Info

Legal Notices, Licensing, Reprints, Permissions, Privacy Policy.
Advertise | Newsletters | Shopping | E-mail Offers | Freelance Jobs

Solutions

Whitepapers and eBooks

Adobe Article: Adobe Helps PHP Developers Create Rich Internet Applications
Adobe Article: Java Developers Finding a Home at Adobe Flex
IBM Articles: A Smarter Business Needs Smarter Technology
Intel Xeon Processor Increases Server Efficiency and Capabilities
Intel Tech Brief: Automated Energy Efficiency for the Intelligent Enterprise
Oracle Whitepaper: Using Oracle In-Memory Database Cache to Accelerate the Oracle Database
Oracle Whitepapers - Innovation for IT Leaders
Avaya Article: Communication-Enabled Mashups--Empowering Both Business Owners and IT
 Internet.com eBook: IT Manager's Guide to Social Networking
Internet.com eBook: Get Ready for Windows 7
Microsoft Article: Expression Web 3--New Features for PHP Developers
Whitepapers: Manage Your Business Infrastracture with IBM
Whitepaper: Maximize Your Storage Investment with HP
Internet.com eBook: Becoming a Better Project Manager
Microsoft Article: Stress Free and Efficient Designer/Developer Collaboration
MORE WHITEPAPERS, EBOOKS, AND ARTICLES

Webcasts

Webcast: Connecting PHP to Microsoft Technologies
Video: Microsoft Partner Program Benefits
Video: Windows Azure Debugging Tips
SAP BusinessObjects Webcast: Unlock the Power of Reporting with Crystal Reports
 IBM Webcast: Speed Business Innovation with Reduced Cost and Risk
Video: Deploy Applications on Windows Azure
MORE WEBCASTS, PODCASTS, AND VIDEOS

Downloads and eKits

Downloads & Free Trials: Microsoft's New Efficiency Resource Center
Get the Windows 7 SDK
Free Trial: Red Gate SQL Backup Pro 6
 Iron Speed Designer Application Generator
MORE DOWNLOADS, EKITS, AND FREE TRIALS

Tutorials and Demos

Virtual Lab: Migrating PHP Applications
Enabling Web Slices and Accelerators with a PHP Site
Internet.com Hot List: Get the Inside Scoop on the Hottest IT and Developer Products
 All About Botnets
MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES