SecurityTracker.com Archives - (Red Hat Issues Fix) Apache Memory Leak in MPM 'worker.c' Code May Let Remote Users Deny Service

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

SecurityTracker
Archives

Sign Up

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Affiliates

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Partners

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Category: Application (Web Server/CGI) > Apache

Vendors: Apache Software Foundation

(Red Hat Issues Fix) Apache Memory Leak in MPM 'worker.c' Code May Let Remote Users Deny Service

SecurityTracker Alert ID: 1015440

SecurityTracker URL: http://securitytracker.com/id?1015440

CVE Reference: CVE-2005-2970 (Links to External Site)

Date: Jan 5 2006

Impact: Denial of service via network

Fix Available: Yes Vendor Confirmed: Yes

Advisory: Red Hat Advisory

Version(s): 2.x

Description: A vulnerability was reported in the Apache httpd server. A remote user may be able to deny service.

In certain situations after an aborted connection, a remote user can trigger a memory leak in some Multi-Processing Module code.

The flaw resides in 'server/mpm/worker/worker.c'.

Impact: A remote user may be able to cause denial of service conditions.

Vendor URL: httpd.apache.org/ (Links to External Site)

Cause: Boundary error

Underlying OS: Linux (Red Hat Enterprise)

Underlying OS Comments: 3, 4

Reported By: bugzilla@redhat.com

Message History: This archive entry is a follow-up to the message listed below.

Oct 24 2005

Apache Memory Leak in MPM 'worker.c' Code May Let Remote Users Deny Service

Source Message Contents

Date: Thu, 5 Jan 2006 11:06:55 -0500
From: bugzilla@redhat.com
Subject: [RHSA-2006:0159-01] Moderate: httpd security update

 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Moderate: httpd security update
Advisory ID:       RHSA-2006:0159-01
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2006-0159.html
Issue date:        2006-01-05
Updated on:        2006-01-05
Product:           Red Hat Enterprise Linux
CVE Names:         CVE-2005-2970 CVE-2005-3352 CVE-2005-3357
- ---------------------------------------------------------------------

1. Summary:

Updated Apache httpd packages that correct three security issues are now
available for Red Hat Enterprise Linux 3 and 4.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

The Apache HTTP Server is a popular and freely-available Web server.

A memory leak in the worker MPM could allow remote attackers to cause a
denial of service (memory consumption) via aborted connections, which
prevents the memory for the transaction pool from being reused for other
connections.  The Common Vulnerabilities and Exposures project assigned the
name CVE-2005-2970 to this issue.  This vulnerability only affects users
who are using the non-default worker MPM.

A flaw in mod_imap when using the Referer directive with image maps was
discovered.  With certain site configurations, a remote attacker could
perform a cross-site scripting attack if a victim can be forced to visit a
malicious URL using certain web browsers.  (CVE-2005-3352)

A NULL pointer dereference flaw in mod_ssl was discovered affecting server
configurations where an SSL virtual host is configured with access control
and a custom 400 error document.  A remote attacker could send a carefully
crafted request to trigger this issue which would lead to a crash.  This
crash would only be a denial of service if using the non-default worker
MPM.  (CVE-2005-3357)

Users of httpd should update to these erratum packages which contain
backported patches to correct these issues along with some additional bugs.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via Red Hat Network.  To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

170383 - mod_ssl per-directory renegotiation with request body
171756 - CVE-2005-2970 httpd worker MPM memory consumption DoS
175602 - CVE-2005-3352 cross-site scripting flaw in mod_imap
175720 - CVE-2005-3357 mod_ssl crash


6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/httpd-2.0.46-56.ent.src.rpm
5fb40d08b35daf0b9dca84bae2d807ad  httpd-2.0.46-56.ent.src.rpm

i386:
58472c7851877c10d75fc11acc987690  httpd-2.0.46-56.ent.i386.rpm
7c5a357dc808d626e84f0b811d875087  httpd-devel-2.0.46-56.ent.i386.rpm
fd69217826949e34854440914919115d  mod_ssl-2.0.46-56.ent.i386.rpm

ia64:
9ba4fcecc7a987e0095cab3f3097573e  httpd-2.0.46-56.ent.ia64.rpm
eaaa9f395d525f97d864fa8fb7abf0b3  httpd-devel-2.0.46-56.ent.ia64.rpm
5c1958e1b3abe828ccc70ef6aed3bb64  mod_ssl-2.0.46-56.ent.ia64.rpm

ppc:
463c75e6ea66006c222c769c133bc4a0  httpd-2.0.46-56.ent.ppc.rpm
fbfa43b0915f7593b0b53b060ccaa5f8  httpd-devel-2.0.46-56.ent.ppc.rpm
a9c64df8a73025eca98e931dd074b69a  mod_ssl-2.0.46-56.ent.ppc.rpm

s390:
fe25eb28019d8d9a3a75b87eb60dbfe9  httpd-2.0.46-56.ent.s390.rpm
21a7aab2c525ea1f61528823f440c1ab  httpd-devel-2.0.46-56.ent.s390.rpm
4bec0fb1ba74b43121cba95fcbc54430  mod_ssl-2.0.46-56.ent.s390.rpm

s390x:
1f0093a5d44fa75ad8d5dff12f6a8f81  httpd-2.0.46-56.ent.s390x.rpm
e005b654914be004d22d456c3f7cd9f1  httpd-devel-2.0.46-56.ent.s390x.rpm
ed206f46043e55028a3a1ec63f516042  mod_ssl-2.0.46-56.ent.s390x.rpm

x86_64:
19e480d4aaf0e54cd1e8beb741081e1c  httpd-2.0.46-56.ent.x86_64.rpm
204c07d7e05a9d4b3292a5072d9c6f2a  httpd-devel-2.0.46-56.ent.x86_64.rpm
770cc4db896225d99e1df93a589a02b4  mod_ssl-2.0.46-56.ent.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/httpd-2.0.46-56.ent.src.rpm
5fb40d08b35daf0b9dca84bae2d807ad  httpd-2.0.46-56.ent.src.rpm

i386:
58472c7851877c10d75fc11acc987690  httpd-2.0.46-56.ent.i386.rpm
7c5a357dc808d626e84f0b811d875087  httpd-devel-2.0.46-56.ent.i386.rpm
fd69217826949e34854440914919115d  mod_ssl-2.0.46-56.ent.i386.rpm

x86_64:
19e480d4aaf0e54cd1e8beb741081e1c  httpd-2.0.46-56.ent.x86_64.rpm
204c07d7e05a9d4b3292a5072d9c6f2a  httpd-devel-2.0.46-56.ent.x86_64.rpm
770cc4db896225d99e1df93a589a02b4  mod_ssl-2.0.46-56.ent.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/httpd-2.0.46-56.ent.src.rpm
5fb40d08b35daf0b9dca84bae2d807ad  httpd-2.0.46-56.ent.src.rpm

i386:
58472c7851877c10d75fc11acc987690  httpd-2.0.46-56.ent.i386.rpm
7c5a357dc808d626e84f0b811d875087  httpd-devel-2.0.46-56.ent.i386.rpm
fd69217826949e34854440914919115d  mod_ssl-2.0.46-56.ent.i386.rpm

ia64:
9ba4fcecc7a987e0095cab3f3097573e  httpd-2.0.46-56.ent.ia64.rpm
eaaa9f395d525f97d864fa8fb7abf0b3  httpd-devel-2.0.46-56.ent.ia64.rpm
5c1958e1b3abe828ccc70ef6aed3bb64  mod_ssl-2.0.46-56.ent.ia64.rpm

x86_64:
19e480d4aaf0e54cd1e8beb741081e1c  httpd-2.0.46-56.ent.x86_64.rpm
204c07d7e05a9d4b3292a5072d9c6f2a  httpd-devel-2.0.46-56.ent.x86_64.rpm
770cc4db896225d99e1df93a589a02b4  mod_ssl-2.0.46-56.ent.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/httpd-2.0.46-56.ent.src.rpm
5fb40d08b35daf0b9dca84bae2d807ad  httpd-2.0.46-56.ent.src.rpm

i386:
58472c7851877c10d75fc11acc987690  httpd-2.0.46-56.ent.i386.rpm
7c5a357dc808d626e84f0b811d875087  httpd-devel-2.0.46-56.ent.i386.rpm
fd69217826949e34854440914919115d  mod_ssl-2.0.46-56.ent.i386.rpm

ia64:
9ba4fcecc7a987e0095cab3f3097573e  httpd-2.0.46-56.ent.ia64.rpm
eaaa9f395d525f97d864fa8fb7abf0b3  httpd-devel-2.0.46-56.ent.ia64.rpm
5c1958e1b3abe828ccc70ef6aed3bb64  mod_ssl-2.0.46-56.ent.ia64.rpm

x86_64:
19e480d4aaf0e54cd1e8beb741081e1c  httpd-2.0.46-56.ent.x86_64.rpm
204c07d7e05a9d4b3292a5072d9c6f2a  httpd-devel-2.0.46-56.ent.x86_64.rpm
770cc4db896225d99e1df93a589a02b4  mod_ssl-2.0.46-56.ent.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/httpd-2.0.52-22.ent.src.rpm
1758c0d1f6326b2f8d77885a351872a1  httpd-2.0.52-22.ent.src.rpm

i386:
64b2b544496645ed16ce4e7415b358b0  httpd-2.0.52-22.ent.i386.rpm
7191377bec8fdd54c327830b05f74e7e  httpd-devel-2.0.52-22.ent.i386.rpm
5b69c82ad64cee1b4c46e9f814e88286  httpd-manual-2.0.52-22.ent.i386.rpm
4cde89fc87b21feff51d54098fe4ed83  httpd-suexec-2.0.52-22.ent.i386.rpm
97f4a87d758c4b84def3abf53e6293cc  mod_ssl-2.0.52-22.ent.i386.rpm

ia64:
c7522babbf9b3a24f8c3bfaff8e2e10f  httpd-2.0.52-22.ent.ia64.rpm
10a317c00ae0e59b4f3071870f6d939a  httpd-devel-2.0.52-22.ent.ia64.rpm
adaf0ba8b49ee0ceb3469e1b5f67c339  httpd-manual-2.0.52-22.ent.ia64.rpm
38dec291e729a7e69bdc9ba25cfca5be  httpd-suexec-2.0.52-22.ent.ia64.rpm
fa92eddcfe59311085ed2c0c7675380b  mod_ssl-2.0.52-22.ent.ia64.rpm

ppc:
1fef1c2e4c3e8796c8d29f1a8b4288f2  httpd-2.0.52-22.ent.ppc.rpm
756f217a147ae442b5b60612c42a6e80  httpd-devel-2.0.52-22.ent.ppc.rpm
d8f0dd7e832cad4efa48333ed1d649af  httpd-manual-2.0.52-22.ent.ppc.rpm
3a466a4bceadf2fcc1994206481062a6  httpd-suexec-2.0.52-22.ent.ppc.rpm
a293bf05ecae2c4b192d5ec3dfcbb98d  mod_ssl-2.0.52-22.ent.ppc.rpm

s390:
c9aee197a528745c6c8590f7605b1643  httpd-2.0.52-22.ent.s390.rpm
9f8f303a60b8b52a5a1c4be911df9212  httpd-devel-2.0.52-22.ent.s390.rpm
f3107dc3d74f773f21854fc94e2eca2d  httpd-manual-2.0.52-22.ent.s390.rpm
4f3d8737a2656298e7b2b867b0f35d2a  httpd-suexec-2.0.52-22.ent.s390.rpm
e78eb4e3946b778fcd3a8fd650c1cc02  mod_ssl-2.0.52-22.ent.s390.rpm

s390x:
c175a4c5c89597afd57932e6e08f5755  httpd-2.0.52-22.ent.s390x.rpm
f894f7f71f4ab719d09812bb794f37df  httpd-devel-2.0.52-22.ent.s390x.rpm
da94d5e68605db9f5c4c801e853e60ad  httpd-manual-2.0.52-22.ent.s390x.rpm
350bbc702110c42e1cf95787168d63b1  httpd-suexec-2.0.52-22.ent.s390x.rpm
321b95391c4d73b76fb632db96fec976  mod_ssl-2.0.52-22.ent.s390x.rpm

x86_64:
e0c7651c64d7ba3c4c1e6e5b0296295c  httpd-2.0.52-22.ent.x86_64.rpm
95f9a419ba8d943c5a99fc750fc82176  httpd-devel-2.0.52-22.ent.x86_64.rpm
f72c3a86cae6f4a2716e27d1e315797c  httpd-manual-2.0.52-22.ent.x86_64.rpm
dbbd0863f64a60bba95c0bd2164e4d17  httpd-suexec-2.0.52-22.ent.x86_64.rpm
8ee3ac6dff631ffc1d2b645582b35cfb  mod_ssl-2.0.52-22.ent.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/httpd-2.0.52-22.ent.src.rpm
1758c0d1f6326b2f8d77885a351872a1  httpd-2.0.52-22.ent.src.rpm

i386:
64b2b544496645ed16ce4e7415b358b0  httpd-2.0.52-22.ent.i386.rpm
7191377bec8fdd54c327830b05f74e7e  httpd-devel-2.0.52-22.ent.i386.rpm
5b69c82ad64cee1b4c46e9f814e88286  httpd-manual-2.0.52-22.ent.i386.rpm
4cde89fc87b21feff51d54098fe4ed83  httpd-suexec-2.0.52-22.ent.i386.rpm
97f4a87d758c4b84def3abf53e6293cc  mod_ssl-2.0.52-22.ent.i386.rpm

x86_64:
e0c7651c64d7ba3c4c1e6e5b0296295c  httpd-2.0.52-22.ent.x86_64.rpm
95f9a419ba8d943c5a99fc750fc82176  httpd-devel-2.0.52-22.ent.x86_64.rpm
f72c3a86cae6f4a2716e27d1e315797c  httpd-manual-2.0.52-22.ent.x86_64.rpm
dbbd0863f64a60bba95c0bd2164e4d17  httpd-suexec-2.0.52-22.ent.x86_64.rpm
8ee3ac6dff631ffc1d2b645582b35cfb  mod_ssl-2.0.52-22.ent.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/httpd-2.0.52-22.ent.src.rpm
1758c0d1f6326b2f8d77885a351872a1  httpd-2.0.52-22.ent.src.rpm

i386:
64b2b544496645ed16ce4e7415b358b0  httpd-2.0.52-22.ent.i386.rpm
7191377bec8fdd54c327830b05f74e7e  httpd-devel-2.0.52-22.ent.i386.rpm
5b69c82ad64cee1b4c46e9f814e88286  httpd-manual-2.0.52-22.ent.i386.rpm
4cde89fc87b21feff51d54098fe4ed83  httpd-suexec-2.0.52-22.ent.i386.rpm
97f4a87d758c4b84def3abf53e6293cc  mod_ssl-2.0.52-22.ent.i386.rpm

ia64:
c7522babbf9b3a24f8c3bfaff8e2e10f  httpd-2.0.52-22.ent.ia64.rpm
10a317c00ae0e59b4f3071870f6d939a  httpd-devel-2.0.52-22.ent.ia64.rpm
adaf0ba8b49ee0ceb3469e1b5f67c339  httpd-manual-2.0.52-22.ent.ia64.rpm
38dec291e729a7e69bdc9ba25cfca5be  httpd-suexec-2.0.52-22.ent.ia64.rpm
fa92eddcfe59311085ed2c0c7675380b  mod_ssl-2.0.52-22.ent.ia64.rpm

x86_64:
e0c7651c64d7ba3c4c1e6e5b0296295c  httpd-2.0.52-22.ent.x86_64.rpm
95f9a419ba8d943c5a99fc750fc82176  httpd-devel-2.0.52-22.ent.x86_64.rpm
f72c3a86cae6f4a2716e27d1e315797c  httpd-manual-2.0.52-22.ent.x86_64.rpm
dbbd0863f64a60bba95c0bd2164e4d17  httpd-suexec-2.0.52-22.ent.x86_64.rpm
8ee3ac6dff631ffc1d2b645582b35cfb  mod_ssl-2.0.52-22.ent.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/httpd-2.0.52-22.ent.src.rpm
1758c0d1f6326b2f8d77885a351872a1  httpd-2.0.52-22.ent.src.rpm

i386:
64b2b544496645ed16ce4e7415b358b0  httpd-2.0.52-22.ent.i386.rpm
7191377bec8fdd54c327830b05f74e7e  httpd-devel-2.0.52-22.ent.i386.rpm
5b69c82ad64cee1b4c46e9f814e88286  httpd-manual-2.0.52-22.ent.i386.rpm
4cde89fc87b21feff51d54098fe4ed83  httpd-suexec-2.0.52-22.ent.i386.rpm
97f4a87d758c4b84def3abf53e6293cc  mod_ssl-2.0.52-22.ent.i386.rpm

ia64:
c7522babbf9b3a24f8c3bfaff8e2e10f  httpd-2.0.52-22.ent.ia64.rpm
10a317c00ae0e59b4f3071870f6d939a  httpd-devel-2.0.52-22.ent.ia64.rpm
adaf0ba8b49ee0ceb3469e1b5f67c339  httpd-manual-2.0.52-22.ent.ia64.rpm
38dec291e729a7e69bdc9ba25cfca5be  httpd-suexec-2.0.52-22.ent.ia64.rpm
fa92eddcfe59311085ed2c0c7675380b  mod_ssl-2.0.52-22.ent.ia64.rpm

x86_64:
e0c7651c64d7ba3c4c1e6e5b0296295c  httpd-2.0.52-22.ent.x86_64.rpm
95f9a419ba8d943c5a99fc750fc82176  httpd-devel-2.0.52-22.ent.x86_64.rpm
f72c3a86cae6f4a2716e27d1e315797c  httpd-manual-2.0.52-22.ent.x86_64.rpm
dbbd0863f64a60bba95c0bd2164e4d17  httpd-suexec-2.0.52-22.ent.x86_64.rpm
8ee3ac6dff631ffc1d2b645582b35cfb  mod_ssl-2.0.52-22.ent.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2970
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3357

8. Contact:

The Red Hat security contact is <secalert@redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2006 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFDvUQUXlSAg2UNWIIRAplfAKCmM3iZcFxAbp2XAX/fT5PMzAkVWgCfU/9Z
A9/rGrsb1I+EMGl17TUFFYo=
=nbln
-----END PGP SIGNATURE-----


-- 
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us | Help
Copyright 2006, SecurityGlobal.net LLC