SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com





Category:   Application (Web Server/CGI)  >   Apache Vendors:   Apache Software Foundation
(Trustix Issues Fix) Apache Web Server Does Not Filter Terminal Escape Sequences From Log Files
SecurityTracker Alert ID:  1009609
SecurityTracker URL:  http://securitytracker.com/id/1009609
CVE Reference:   CAN-2003-0083, CAN-2003-0020   (Links to External Site)
Date:  Apr 1 2004
Impact:   Execution of arbitrary code via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Prior to 1.3.25 and 2.0.46
Description:   A potential security issue was reported in the Apache web server. The server does not filter terminal escape sequences from the log files.

[Originally reported in April 2003]

It is reported that the Apache web server does not filter terminal escape sequences from the access logs (CVE: CAN-2003-0083) and error logs (CVE: CAN-2003-0020). A remote user can request a specially crafted URL to cause the web server to log malicious escape sequences to the log files. Then, if a target user views the log files with certain terminal applications, the escape sequences may be executed by the target user's terminal application.
Impact:   If a target user views the log files using certain terminal applications and a remote user has caused the server to log certain escape sequences, the terminal application may execute the escape sequences.

[Editor's note: This security weakness does not affect the Apache web server by itself or any software distributed with Apache. This security weakness is only an issue if certain terminal applications are used to view the log files.]
Solution:   Trustix has released a fix, available at:

http://http.trustix.org/pub/trustix/updates/
ftp://ftp.trustix.org/pub/trustix/updates/

The MD5sums of the packages are:

2f8cb6185125538096f5294dd73fcfdf 2.1/rpms/apache-2.0.49-2tr.i586.rpm
d4a92784e59270f8213b10ec47150ec4 2.1/rpms/apache-dbm-2.0.49-2tr.i586.rpm
1f0cba7667cbd4c0e235f056aff03df2 2.1/rpms/apache-devel-2.0.49-2tr.i586.rpm
65c9b7530f0d7e9ba38e7a0d8d106083 2.1/rpms/apache-manual-2.0.49-2tr.i586.rpm
3f1efb8f665de116a06b9ebb780e81cb 2.0/rpms/apache-2.0.49-1tr.i586.rpm
64ab42919cdef6ede9d4efc9c82df2e5 2.0/rpms/apache-devel-2.0.49-1tr.i586.rpm
f40a03994d7140311cf2e5fe714bc410 2.0/rpms/apache-manual-2.0.49-1tr.i586.rpm
Vendor URL:  httpd.apache.org/ (Links to External Site)
Cause:   Input validation error
Underlying OS:   Linux (Trustix)

Message History:   This archive entry is a follow-up to the message listed below.
Aug 22 2003 Apache Web Server Does Not Filter Terminal Escape Sequences From Log Files


 Source Message Contents
Date:  Tue, 30 Mar 2004 16:24:45 +0200
Subject:  TSLSA-2004-0017 - apache


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Trustix Secure Linux Security Advisory #2004-0017

Package name:      apache
Summary:           new upstream
Date:              2004-03-30
Affected versions: Trustix 2.1

- --------------------------------------------------------------------------
Package description:
  Apache is a full featured web server that is freely available, and also
  happens to be the most widely used.Built with loadable modules (all standard
  modules enabled). This verion is intended as a replacement for a standard
  apache, the configuration files provided with apache and apache-ssl are
  unchanged.

Problem description:
  The new upstream version of apache addresses several security issues:
  - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174
  - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0113
  - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020


Action:
  We recommend that all systems with this package installed be upgraded.
  Please note that if you do not need the functionality provided by this
  package, you may want to remove it from your system.


Location:
  All Trustix updates are available from
  <URI:http://http.trustix.org/pub/trustix/updates/>
  <URI:ftp://ftp.trustix.org/pub/trustix/updates/>


About Trustix Secure Linux:
  Trustix Secure Linux is a small Linux distribution for servers. With focus
  on security and stability, the system is painlessly kept safe and up to
  date from day one using swup, the automated software updater.


Automatic updates:
  Users of the SWUP tool can enjoy having updates automatically
  installed using 'swup --upgrade'.


Public testing:
  Most updates for Trustix are made available for public testing some time
  before release.
  If you want to contribute by testing the various packages in the
  testing tree, please feel free to share your findings on the
  tsl-discuss mailinglist.
  The testing tree is located at
  <URI:http://tsldev.trustix.org/horizon/>

  You may also use swup for public testing of updates:
  
  site {
      class = 0
      location = "http://tsldev.trustix.org/horizon/rdfs/latest.rdf"
      regexp = ".*"
  }
  

Questions?
  Check out our mailing lists:
  <URI:http://www.trustix.org/support/>


Verification:
  This advisory along with all Trustix packages are signed with the
  TSL sign key.
  This key is available from:
  <URI:http://www.trustix.org/TSL-SIGN-KEY>

  The advisory itself is available from the errata pages at
  <URI:http://www.trustix.org/errata/trustix-2.0/> and
  <URI:http://www.trustix.org/errata/trustix-2.1/>
  or directly at
  <URI:http://www.trustix.org/errata/misc/2004/TSL-2004-0017-apache.asc.txt>


MD5sums of the packages:
- --------------------------------------------------------------------------
2f8cb6185125538096f5294dd73fcfdf  2.1/rpms/apache-2.0.49-2tr.i586.rpm
d4a92784e59270f8213b10ec47150ec4  2.1/rpms/apache-dbm-2.0.49-2tr.i586.rpm
1f0cba7667cbd4c0e235f056aff03df2  2.1/rpms/apache-devel-2.0.49-2tr.i586.rpm
65c9b7530f0d7e9ba38e7a0d8d106083  2.1/rpms/apache-manual-2.0.49-2tr.i586.rpm
3f1efb8f665de116a06b9ebb780e81cb  2.0/rpms/apache-2.0.49-1tr.i586.rpm
64ab42919cdef6ede9d4efc9c82df2e5  2.0/rpms/apache-devel-2.0.49-1tr.i586.rpm
f40a03994d7140311cf2e5fe714bc410  2.0/rpms/apache-manual-2.0.49-1tr.i586.rpm
- --------------------------------------------------------------------------


Trustix Security Team

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQFAaXuvi8CEzsK9IksRAq5CAKCp6Wnz4BmOLfwSqYFU5BDedt5d1wCgo8mn
ZYNT+qxDVYQ4vOZvo/pQ040=
=hqpX
-----END PGP SIGNATURE-----
_______________________________________________
tsl-announce mailing list
tsl-announce@lists.trustix.org
http://lists.trustix.org/mailman/listinfo/tsl-announce


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

Copyright 2013, SecurityGlobal.net LLC