Slashdot Mirror

← Back to Stories (view on slashdot.org)

SecurityFocus Updates 2 Apache Vulnerabilities

Posted by timothy on from the chin-up-buckle-down dept.

michael path writes "SecurityFocus released two updated Apache vulnerabilities, one affecting 2.0.x (a DOS vulnerability), the other affecting both the 1.3.x and 2.0.x revisions (a buffer overflow). IBM HTTP Server is also affected by these vulnerabilities in similar version numbers."

15 comments

  1. phew by roll_w.it · · Score: 5, Informative

    from my logs [Mon Apr 12 16:29:53 2004] [error] [client 64.229.154.62] request failed: URI too long

    from the article
    not vulnerable Apache Software Foundation
    Apache 1.3.29
    Apache Software Foundation Apache 2.0.48
    + Trustix Secure Linux 2.0
    + Trustix Secure Linux 2.1

    From my machine $ httpd -v
    Server version: Apache/1.3.29 (Unix)
    Server built: Nov 3 2003 19:54:39

  2. OS X by b1t+r0t · · Score: 4, Informative

    For those of you running OS X who don't want to scroll through the three thousand lines of version information in the securityfocus.com link, if you're running 10.3.3 you should be fine, because 10.3.3 uses Apache 1.3.29.

    --

    --
    "Open source is good." - Steve Jobs
    "Open source is evil." - Microsoft
  3. 2.0.49 by name773 · · Score: 1

    it doesn't say whether httpd-2.0.49 is or is not vulnerable.

  4. Old news by slive · · Score: 5, Informative

    These are both rather old.

    If you want more complete information about
    apache security issues, a better source is
    http://www.apacheweek.com/features/security-20
    and
    http://www.apacheweek.com/features/security -13

  5. That's a different bug. by Inoshiro · · Score: 3, Informative

    If you actually check your access_log for the partner entry, you'll see it's a request for the SEARCH command which seems to be a new IIS exploit heading around. My vulnerable 1.3.28 also spits out:
    [Sun Apr 11 00:45:43 2004] [error] [client 24.78.143.66] request failed: URI too long

    You haven't identified the problem at all. I just wish there was an easy way to filter out those requests before they hit by Apache and crapfill my logs.

    --
    --
    Internet Explorer (n): Another bug -- that is, a feature that can't be turned off -- in Windows.
    1. Re:That's a different bug. by roll_w.it · · Score: 1

      I know :) - But there has been a lot of attempts at buffer exploits via the url lately... it just happened to be handy. I believe this is the webdav exploit.

      I'm getting sick of seeing \xb1\x02 in my access log too - theres a thread over here with some ideas on how to do it - but haven't had the chance yet (exam week)

  6. Some information in incorrect. by Inoshiro · · Score: 2, Informative

    Slackware-current has Apache 1.3.29, which happens to be the version listed as not vulnerable.

    If you're running Slack, just download the source, run apache.SlackBuild, and upgradepkg to become non-vulnerable.

    --
    --
    Internet Explorer (n): Another bug -- that is, a feature that can't be turned off -- in Windows.
  7. The issue is: by Anonymous Coward · · Score: 0

    If you look up the specifics of the vulnerability CAN-2003-0542, it's something to do with mod-alias/mod-rewrite. If someone creates a bunch of rewrite rules in a .htaccess or httpd.conf that match 9 "captures", it can trigger a boundary condition/overflow that can cause bad things to happen.

  8. Fixed for 1.3.x a long time ago... by Edgewize · · Score: 1

    It's a little late for the buffer overflow to be hitting Slashdot's Apache news. The fix was known and published back in December 2003.

    Red Hat backported the fix into their custom 1.3.27 version in this errata, released 12/18:
    https://rhn.redhat.com/errata/RHSA-2003-405.html

  9. APT-GET UPDATE; APT-GET DIST-UPGRADE by osewa77 · · Score: 1

    Why is this article not so hot? Well, because the upgrade process is so easy, for us!
    - A Weblog from Nigeria

    1. Re:APT-GET UPDATE; APT-GET DIST-UPGRADE by Anonymous Coward · · Score: 0

      For a minute, when reading that URL I almost thought it said "a refrigerator"