SciLinux: CVE-2010-0408 Moderate: httpd SL5.x i386/x86_64
Summary
It was discovered that mod_proxy_ajp incorrectly returned an "InternalServer Error" response when processing certain malformed requests, whichcaused the back-end server to be marked as failed in configurationswhere mod_proxy is used in load balancer mode. A remote attacker couldcause mod_proxy to not send requests to back-end AJP (Apache JServProtocol) servers for the retry timeout period (60 seconds by default)by sending specially-crafted requests. (CVE-2010-0408)A use-after-free flaw was discovered in the way the Apache HTTP Serverhandled request headers in subrequests. In configurations wheresubrequests are used, a multithreaded MPM (Multi-Processing Module)could possibly leak information from other requests in request replies.(CVE-2010-0434)This update also adds the following enhancement:* with the updated openssl packages from RHSA-2010:0162 installed,mod_ssl will refuse to renegotiate a TLS/SSL connection with anunpatched client that does not support RFC 5746. This update adds the"SSLInsecureRenegotiation" configuration directive. If this directive isenabled, mod_ssl will renegotiate insecurely with unpatched clients.(BZ#567980)Refer to the following Red Hat Knowledgebase article for more detailsabout the changed mod_ssl behavior:After installing the updated packages, the httpd daemon must berestarted for the update to take effect.SL 5.xSRPMS:httpd-2.2.3-31.el5_4.4.src.rpmi386:httpd-2.2.3-31.sl5.4.i386.rpmhttpd-devel-2.2.3-31.sl5.4.i386.rpmhttpd-manual-2.2.3-31.sl5.4.i386.rpmmod_ssl-2.2.3-31.sl5.4.i386.rpmx86_64:httpd-2.2.3-31.sl5.4.x86_64.rpmhttpd-devel-2.2.3-31.sl5.4.i386.rpmhttpd-devel-2.2.3-31.sl5.4.x86_64.rpmhttpd-manual-2.2.3-31.sl5.4.x86_64.rpmmod_ssl-2.2.3-31.sl5.4.x86_64.rpm-Connie Sieh-Troy Dawson