rhsa-2004_139
Vulnerability from csaf_redhat
Published
2004-03-17 17:20
Modified
2024-11-05 16:22
Summary
Red Hat Security Advisory: apache, openssl security update for Stronghold

Notes

Topic
Updated versions of Stronghold 4 cross-platform are available that fix security issues affecting OpenSSL and the Apache HTTP Server. A number of bug fixes are also included.
Details
Stronghold 4 contains a number of open source technologies, including OpenSSL 0.9.6 and the Apache HTTP Server. Testing performed by the OpenSSL group using the Codenomicon TLS Test Tool uncovered a bug in older versions of OpenSSL 0.9.6 prior to 0.9.6d that can lead to a denial of service attack (infinite loop). The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0081 to this issue. Testing performed by the OpenSSL group using the Codenomicon TLS Test Tool uncovered a null-pointer assignment in the do_change_cipher_spec() function in OpenSSL 0.9.6c-0.9.6k and 0.9.7a-0.9.7c. A remote attacker could send a carefully crafted SSL/TLS handshake which could lead to a denial of service attack. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0079 to this issue. Testing performed by Novell using a test suite provided by NISCC uncovered an issue in the ASN.1 parser in versions of OpenSSL 0.9.6 prior to 0.9.6l which could cause large recursion and possibly lead to a denial of service attack if used where stack space is limited. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0851 to this issue. An issue in the handling of regular expressions from configuration files was discovered in releases of the Apache HTTP Server version 1.3 prior to 1.3.29. To exploit this issue an attacker would need to have the ability to write to Apache configuration files such as .htaccess or httpd.conf. A carefully-crafted configuration file can cause an exploitable buffer overflow and would allow the attacker to execute arbitrary code in the context of the server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0542 to this issue. Users of Stronghold 4 cross-platform are advised to update to these errata versions, which contain backported security fixes and are not vulnerable to these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.


To clipboard 

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated versions of Stronghold 4 cross-platform are available that fix\nsecurity issues affecting OpenSSL and the Apache HTTP Server. A number\nof bug fixes are also included.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Stronghold 4 contains a number of open source technologies, including\nOpenSSL 0.9.6 and the Apache HTTP Server.\n\nTesting performed by the OpenSSL group using the Codenomicon TLS Test Tool\nuncovered a bug in older versions of OpenSSL 0.9.6 prior to 0.9.6d that can\nlead to a denial of service attack (infinite loop). The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\nCAN-2004-0081 to this issue.\n\nTesting performed by the OpenSSL group using the Codenomicon TLS Test Tool\nuncovered a null-pointer assignment in the do_change_cipher_spec() function\nin OpenSSL 0.9.6c-0.9.6k and 0.9.7a-0.9.7c. A remote attacker could\nsend a carefully crafted SSL/TLS handshake which could lead to a denial of\nservice attack.  The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CAN-2004-0079 to this issue.\n\nTesting performed by Novell using a test suite provided by NISCC uncovered\nan issue in the ASN.1 parser in versions of OpenSSL 0.9.6 prior to 0.9.6l\nwhich could cause large recursion and possibly lead to a denial of service\nattack if used where stack space is limited. The Common Vulnerabilities\nand Exposures project (cve.mitre.org) has assigned the name CAN-2003-0851\nto this issue.\n\nAn issue in the handling of regular expressions from configuration files\nwas discovered in releases of the Apache HTTP Server version 1.3 prior to\n1.3.29. To exploit this issue an attacker would need to have the ability\nto write to Apache configuration files such as .htaccess or httpd.conf. A\ncarefully-crafted configuration file can cause an exploitable buffer\noverflow and would allow the attacker to execute arbitrary code in the\ncontext of the server. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CAN-2003-0542 to this issue.\n\nUsers of Stronghold 4 cross-platform are advised to update to these errata\nversions, which contain backported security fixes and are not vulnerable to\nthese issues.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2004:139",
        "url": "https://access.redhat.com/errata/RHSA-2004:139"
      },
      {
        "category": "external",
        "summary": "http://www.niscc.gov.uk/",
        "url": "http://www.niscc.gov.uk/"
      },
      {
        "category": "external",
        "summary": "http://www.codenomicon.com/testtools/tls/",
        "url": "http://www.codenomicon.com/testtools/tls/"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2004/rhsa-2004_139.json"
      }
    ],
    "title": "Red Hat Security Advisory: apache, openssl security update for Stronghold",
    "tracking": {
      "current_release_date": "2024-11-05T16:22:11+00:00",
      "generator": {
        "date": "2024-11-05T16:22:11+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.1.1"
        }
      },
      "id": "RHSA-2004:139",
      "initial_release_date": "2004-03-17T17:20:00+00:00",
      "revision_history": [
        {
          "date": "2004-03-17T17:20:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2004-03-17T00:00:00+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-05T16:22:11+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Stronghold 4",
                "product": {
                  "name": "Red Hat Stronghold 4",
                  "product_id": "Red Hat Stronghold 4",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:stronghold:4"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Stronghold Cross Platform"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2003-0542",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1617048"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 captures.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Stronghold 4"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2003-0542"
        },
        {
          "category": "external",
          "summary": "RHBZ#1617048",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617048"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2003-0542",
          "url": "https://www.cve.org/CVERecord?id=CVE-2003-0542"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2003-0542",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2003-0542"
        }
      ],
      "release_date": "2003-10-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2004-03-17T17:20:00+00:00",
          "details": "Updated Stronghold 4 packages are now available via the update agent\nservice. Run the following command from the Stronghold 4 install root to\nupgrade an existing Stronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0h patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4",
          "product_ids": [
            "Red Hat Stronghold 4"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2004:139"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2003-0851",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1617090"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Stronghold 4"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2003-0851"
        },
        {
          "category": "external",
          "summary": "RHBZ#1617090",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617090"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2003-0851",
          "url": "https://www.cve.org/CVERecord?id=CVE-2003-0851"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2003-0851",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2003-0851"
        }
      ],
      "release_date": "2003-11-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2004-03-17T17:20:00+00:00",
          "details": "Updated Stronghold 4 packages are now available via the update agent\nservice. Run the following command from the Stronghold 4 install root to\nupgrade an existing Stronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0h patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4",
          "product_ids": [
            "Red Hat Stronghold 4"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2004:139"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2004-0079",
      "discovery_date": "2004-03-08T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1617140"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
          "title": "Statement"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Stronghold 4"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2004-0079"
        },
        {
          "category": "external",
          "summary": "RHBZ#1617140",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617140"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2004-0079",
          "url": "https://www.cve.org/CVERecord?id=CVE-2004-0079"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2004-0079",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2004-0079"
        }
      ],
      "release_date": "2004-03-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2004-03-17T17:20:00+00:00",
          "details": "Updated Stronghold 4 packages are now available via the update agent\nservice. Run the following command from the Stronghold 4 install root to\nupgrade an existing Stronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0h patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4",
          "product_ids": [
            "Red Hat Stronghold 4"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2004:139"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2004-0081",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1617142"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Stronghold 4"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2004-0081"
        },
        {
          "category": "external",
          "summary": "RHBZ#1617142",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617142"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2004-0081",
          "url": "https://www.cve.org/CVERecord?id=CVE-2004-0081"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2004-0081",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2004-0081"
        }
      ],
      "release_date": "2004-03-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2004-03-17T17:20:00+00:00",
          "details": "Updated Stronghold 4 packages are now available via the update agent\nservice. Run the following command from the Stronghold 4 install root to\nupgrade an existing Stronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0h patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4",
          "product_ids": [
            "Red Hat Stronghold 4"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2004:139"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "security flaw"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.