dcsimg
Linux Today: Linux News On Internet Time.




More on LinuxToday


Conectiva Linux Security Announcement - apache

Oct 12, 2000, 00:40 (0 Talkback[s])

Date: Wed, 11 Oct 2000 16:20:28 -0300
From: secure@CONECTIVA.COM.BR
To: BUGTRAQ@SECURITYFOCUS.COM
Subject: Conectiva Linux Security Announcement - apache


CONECTIVA LINUX SECURITY ANNOUNCEMENT


PACKAGE   : apache
SUMMARY   : mod_rewrite and Host header vulnerability
DATE      : 2000-10-11 16:19:00
RELEVANT
RELEASES  : 4.0, 4.0es, 4.1, 4.2, 5.0, prg gráficos, ecommerce, 5.1

DESCRIPTION There are two vulnerabilities in the Apache web server as shipped with Conectiva Linux.

1) Under certain configurations, the mod_rewrite module could be used to access any file on the server, provided that filesystem access rights permitted that. Now the mod_rewrite module makes a one-pass expansion and is no longer vulnerable to this.

2) The other vulnerability is regarding the handling of Host: headers in mass virtual hosting configurations. The check for dot (".") charactes in that header was not complete and could permit access to a parent directory.

SOLUTION It is recommended that users using mod_rewrite or with virtual hosting update their servers. Users of Conectiva Linux 4.1 and 4.2 will also find apache-1.3.12 on the FTP site. That package should be used for those who upgraded to 1.3.12 because of the IMP/HORDE advisory a while ago.

DIRECT DOWNLOAD LINKS TO THE UPDATED PACKAGES
ftp://atualizacoes.conectiva.com.br/4.0/SRPMS/apache-1.3.6-16cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.0/i386/apache-1.3.6-16cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0/i386/apache-devel-1.3.6-16cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/SRPMS/apache-1.3.6-16cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/i386/apache-1.3.6-16cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/i386/apache-devel-1.3.6-16cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.1/SRPMS/apache-1.3.9-17cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.1/i386/apache-1.3.9-17cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.1/i386/apache-devel-1.3.9-17cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.2/SRPMS/apache-1.3.9-17cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.2/i386/apache-1.3.9-17cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.2/i386/apache-devel-1.3.9-17cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/apache-1.3.12-14cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/apache-1.3.12-14cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/apache-doc-1.3.12-14cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/apache-devel-1.3.12-14cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/apache-1.3.12-14cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/apache-1.3.12-14cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/apache-doc-1.3.12-14cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/apache-devel-1.3.12-14cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/SRPMS/apache-1.3.12-14cl.src.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/apache-1.3.12-14cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/apache-doc-1.3.12-14cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/apache-devel-1.3.12-14cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/SRPMS/apache-1.3.12-14cl.src.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/apache-1.3.12-14cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/apache-doc-1.3.12-14cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/apache-devel-1.3.12-14cl.i386.rpm


All packages are signed with Conectiva's GPG key. The key can be obtained at http://www.conectiva.com.br/contato