What Are You Looking For?

Sign Up
Date:         Thu, 25 Mar 2010 11:12:26 -0500
Reply-To:     Troy Dawson 
Sender:       Security Errata for Scientific Linux
              
From:         Troy Dawson 
Subject:      Security ERRATA Moderate: httpd on SL5.x i386/x86_64
Comments: To: "scientific-linux-errata@fnal.gov"
          

Synopsis:	Moderate: httpd security and enhancement update
Issue date:	2010-03-25
CVE Names:	CVE-2010-0408 CVE-2010-0434

CVE-2010-0408 httpd: mod_proxy_ajp remote temporary DoS
CVE-2010-0434 httpd: request header information leak

It was discovered that mod_proxy_ajp incorrectly returned an "Internal
Server Error" response when processing certain malformed requests, which
caused the back-end server to be marked as failed in configurations 
where mod_proxy is used in load balancer mode. A remote attacker could 
cause mod_proxy to not send requests to back-end AJP (Apache JServ 
Protocol) servers for the retry timeout period (60 seconds by default) 
by sending specially-crafted requests. (CVE-2010-0408)

A use-after-free flaw was discovered in the way the Apache HTTP Server
handled request headers in subrequests. In configurations where 
subrequests are used, a multithreaded MPM (Multi-Processing Module) 
could possibly leak information from other requests in request replies. 
(CVE-2010-0434)

This update also adds the following enhancement:

* with the updated openssl packages from RHSA-2010:0162 installed, 
mod_ssl will refuse to renegotiate a TLS/SSL connection with an 
unpatched client that does not support RFC 5746. This update adds the
"SSLInsecureRenegotiation" configuration directive. If this directive is
enabled, mod_ssl will renegotiate insecurely with unpatched clients.
(BZ#567980)

Refer to the following Red Hat Knowledgebase article for more details 
about the changed mod_ssl behavior: 

After installing the updated packages, the httpd daemon must be 
restarted for the update to take effect.

SL 5.x

     SRPMS:
httpd-2.2.3-31.el5_4.4.src.rpm
     i386:
httpd-2.2.3-31.sl5.4.i386.rpm
httpd-devel-2.2.3-31.sl5.4.i386.rpm
httpd-manual-2.2.3-31.sl5.4.i386.rpm
mod_ssl-2.2.3-31.sl5.4.i386.rpm
     x86_64:
httpd-2.2.3-31.sl5.4.x86_64.rpm
httpd-devel-2.2.3-31.sl5.4.i386.rpm
httpd-devel-2.2.3-31.sl5.4.x86_64.rpm
httpd-manual-2.2.3-31.sl5.4.x86_64.rpm
mod_ssl-2.2.3-31.sl5.4.x86_64.rpm

-Connie Sieh
-Troy Dawson

SciLinux: CVE-2010-0408 Moderate: httpd SL5.x i386/x86_64

Moderate: httpd security and enhancement update

Summary

It was discovered that mod_proxy_ajp incorrectly returned an "InternalServer Error" response when processing certain malformed requests, whichcaused the back-end server to be marked as failed in configurationswhere mod_proxy is used in load balancer mode. A remote attacker couldcause mod_proxy to not send requests to back-end AJP (Apache JServProtocol) servers for the retry timeout period (60 seconds by default)by sending specially-crafted requests. (CVE-2010-0408)A use-after-free flaw was discovered in the way the Apache HTTP Serverhandled request headers in subrequests. In configurations wheresubrequests are used, a multithreaded MPM (Multi-Processing Module)could possibly leak information from other requests in request replies.(CVE-2010-0434)This update also adds the following enhancement:* with the updated openssl packages from RHSA-2010:0162 installed,mod_ssl will refuse to renegotiate a TLS/SSL connection with anunpatched client that does not support RFC 5746. This update adds the"SSLInsecureRenegotiation" configuration directive. If this directive isenabled, mod_ssl will renegotiate insecurely with unpatched clients.(BZ#567980)Refer to the following Red Hat Knowledgebase article for more detailsabout the changed mod_ssl behavior:After installing the updated packages, the httpd daemon must berestarted for the update to take effect.SL 5.xSRPMS:httpd-2.2.3-31.el5_4.4.src.rpmi386:httpd-2.2.3-31.sl5.4.i386.rpmhttpd-devel-2.2.3-31.sl5.4.i386.rpmhttpd-manual-2.2.3-31.sl5.4.i386.rpmmod_ssl-2.2.3-31.sl5.4.i386.rpmx86_64:httpd-2.2.3-31.sl5.4.x86_64.rpmhttpd-devel-2.2.3-31.sl5.4.i386.rpmhttpd-devel-2.2.3-31.sl5.4.x86_64.rpmhttpd-manual-2.2.3-31.sl5.4.x86_64.rpmmod_ssl-2.2.3-31.sl5.4.x86_64.rpm-Connie Sieh-Troy Dawson



Security Fixes

Severity
Issued Date: : 2010-03-25
CVE Names: CVE-2010-0408 CVE-2010-0434
CVE-2010-0408 httpd: mod_proxy_ajp remote temporary DoS
CVE-2010-0434 httpd: request header information leak

Related News

Kubernetes Security on AWS: A Practical Guide

Nov 18, 2023

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

Nov 25, 2023

Nitrux 3.2.0 Linux Distro Released with Enhanced Security and New Features

Nov 28, 2023

Severe Firefox, Thunderbird Bugs Could Lead to System Takeover

Dec 2, 2023

News

Advisories

HOWTOs

Features

Using Open Source to Ensure Compliance & Data Integrity through Data Governance
Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024

About Us

Powered By

Footer Logo