SecurityTracker.com Archives - (Red Hat Issues Fix) Apache Memory Leak in 'byterange filter' Lets Remote Users Deny Service

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

SecurityTracker
Archives

Sign Up

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Affiliates

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Partners

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Category: Application (Web Server/CGI) > Apache

Vendors: Apache Software Foundation

(Red Hat Issues Fix) Apache Memory Leak in 'byterange filter' Lets Remote Users Deny Service

SecurityTracker Alert ID: 1014859

SecurityTracker URL: http://securitytracker.com/id?1014859

CVE Reference: CVE-2005-2728 (Links to External Site)

Updated: Nov 16 2005

Original Entry Date: Sep 6 2005

Impact: Denial of service via network

Fix Available: Yes Vendor Confirmed: Yes

Advisory: Red Hat Advisory

Version(s): 2.0.x

Description: A vulnerability was reported in Apache. A remote user can cause denial of service conditions.

The ap_byterange_filter() function does not properly buffer responses in memory. A remote user can send specially crafted HTTP requests to a CGI script on the target web server that typically provides large responses to trigger a memory leak.

The flaw resides in 'modules/http/http_protocol.c'.

Impact: A remote user can consume excessive memory on the target system.

Vendor URL: httpd.apache.org/ (Links to External Site)

Cause: Resource error, State error

Underlying OS: Linux (Red Hat Enterprise)

Underlying OS Comments: 3, 4

Reported By: bugzilla@redhat.com

Message History: This archive entry is a follow-up to the message listed below.

Aug 31 2005

Apache Memory Leak in 'byterange filter' Lets Remote Users Deny Service

Source Message Contents

Date: Tue, 6 Sep 2005 09:44:44 -0400
From: bugzilla@redhat.com
Subject: [RHSA-2005:608-01] Important: httpd security update

 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Important: httpd security update
Advisory ID:       RHSA-2005:608-01
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2005-608.html
Issue date:        2005-09-06
Updated on:        2005-09-06
Product:           Red Hat Enterprise Linux
CVE Names:         CAN-2005-2700 CAN-2005-2728
- ---------------------------------------------------------------------

1. Summary:

Updated Apache httpd packages that correct two security issues are now
available for Red Hat Enterprise Linux 3 and 4.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

The Apache HTTP Server is a popular and freely-available Web server.

A flaw was discovered in mod_ssl's handling of the "SSLVerifyClient"
directive.  This flaw occurs if a virtual host is configured
using "SSLVerifyClient optional" and a directive "SSLVerifyClient
required" is set for a specific location.  For servers configured in this
fashion, an attacker may be able to access resources that should otherwise
be protected, by not supplying a client certificate when connecting.  The
Common Vulnerabilities and Exposures project assigned the name
CAN-2005-2700 to this issue.

A flaw was discovered in Apache httpd where the byterange filter would
buffer certain responses into memory.  If a server has a dynamic
resource such as a CGI script or PHP script that generates a large amount
of data, an attacker could send carefully crafted requests in order to
consume resources, potentially leading to a Denial of Service.  (CAN-2005-2728)

Users of Apache httpd should update to these errata packages that contain
backported patches to correct these issues.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via Red Hat Network.  To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

167102 - CAN-2005-2728 byterange memory DoS
167194 - CAN-2005-2700 SSLVerifyClient flaw


6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/httpd-2.0.46-46.3.ent.src.rpm
484b418c080a8fc60b3add4dfcf1900f  httpd-2.0.46-46.3.ent.src.rpm

i386:
319460633151ee1517c8148931ca72de  httpd-2.0.46-46.3.ent.i386.rpm
6cc3044405158920afedbd288430544c  httpd-devel-2.0.46-46.3.ent.i386.rpm
ee51eb393a77fcbc28640ab9c7c0376c  mod_ssl-2.0.46-46.3.ent.i386.rpm

ia64:
5f9c92619f6a7e60409aeef7b92f5056  httpd-2.0.46-46.3.ent.ia64.rpm
cba1acc27a9904ea4988159c81e96a97  httpd-devel-2.0.46-46.3.ent.ia64.rpm
15b4dba781df66f9cbcfc0230b96d261  mod_ssl-2.0.46-46.3.ent.ia64.rpm

ppc:
2ae362a59d4c95ef58879a9f74ec6c30  httpd-2.0.46-46.3.ent.ppc.rpm
2b61fbe228b61e5d113abd012e9bf619  httpd-devel-2.0.46-46.3.ent.ppc.rpm
6f653931571bfaebb519aecdbb7150c8  mod_ssl-2.0.46-46.3.ent.ppc.rpm

s390:
c59a7c3908fa71b8b7ba36d07cd0d0d4  httpd-2.0.46-46.3.ent.s390.rpm
2d3f8bf4a5745ba5b87d188f18d04a75  httpd-devel-2.0.46-46.3.ent.s390.rpm
e1bc611d1e4eaecffbc58ff669d16b39  mod_ssl-2.0.46-46.3.ent.s390.rpm

s390x:
ba883d990a3fc34d2c6d20b6329372c1  httpd-2.0.46-46.3.ent.s390x.rpm
57c48448f06e2444d285440a6e43631c  httpd-devel-2.0.46-46.3.ent.s390x.rpm
2f44730013c2c1aef58d4c81e9ae613b  mod_ssl-2.0.46-46.3.ent.s390x.rpm

x86_64:
d1bd5698951993680a3f4d78b332117e  httpd-2.0.46-46.3.ent.x86_64.rpm
9d57852140e597b4719cda1d8aee4101  httpd-devel-2.0.46-46.3.ent.x86_64.rpm
fc4beccd061aa1de3286a4548d820bcc  mod_ssl-2.0.46-46.3.ent.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/httpd-2.0.46-46.3.ent.src.rpm
484b418c080a8fc60b3add4dfcf1900f  httpd-2.0.46-46.3.ent.src.rpm

i386:
319460633151ee1517c8148931ca72de  httpd-2.0.46-46.3.ent.i386.rpm
6cc3044405158920afedbd288430544c  httpd-devel-2.0.46-46.3.ent.i386.rpm
ee51eb393a77fcbc28640ab9c7c0376c  mod_ssl-2.0.46-46.3.ent.i386.rpm

x86_64:
d1bd5698951993680a3f4d78b332117e  httpd-2.0.46-46.3.ent.x86_64.rpm
9d57852140e597b4719cda1d8aee4101  httpd-devel-2.0.46-46.3.ent.x86_64.rpm
fc4beccd061aa1de3286a4548d820bcc  mod_ssl-2.0.46-46.3.ent.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/httpd-2.0.46-46.3.ent.src.rpm
484b418c080a8fc60b3add4dfcf1900f  httpd-2.0.46-46.3.ent.src.rpm

i386:
319460633151ee1517c8148931ca72de  httpd-2.0.46-46.3.ent.i386.rpm
6cc3044405158920afedbd288430544c  httpd-devel-2.0.46-46.3.ent.i386.rpm
ee51eb393a77fcbc28640ab9c7c0376c  mod_ssl-2.0.46-46.3.ent.i386.rpm

ia64:
5f9c92619f6a7e60409aeef7b92f5056  httpd-2.0.46-46.3.ent.ia64.rpm
cba1acc27a9904ea4988159c81e96a97  httpd-devel-2.0.46-46.3.ent.ia64.rpm
15b4dba781df66f9cbcfc0230b96d261  mod_ssl-2.0.46-46.3.ent.ia64.rpm

x86_64:
d1bd5698951993680a3f4d78b332117e  httpd-2.0.46-46.3.ent.x86_64.rpm
9d57852140e597b4719cda1d8aee4101  httpd-devel-2.0.46-46.3.ent.x86_64.rpm
fc4beccd061aa1de3286a4548d820bcc  mod_ssl-2.0.46-46.3.ent.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/httpd-2.0.46-46.3.ent.src.rpm
484b418c080a8fc60b3add4dfcf1900f  httpd-2.0.46-46.3.ent.src.rpm

i386:
319460633151ee1517c8148931ca72de  httpd-2.0.46-46.3.ent.i386.rpm
6cc3044405158920afedbd288430544c  httpd-devel-2.0.46-46.3.ent.i386.rpm
ee51eb393a77fcbc28640ab9c7c0376c  mod_ssl-2.0.46-46.3.ent.i386.rpm

ia64:
5f9c92619f6a7e60409aeef7b92f5056  httpd-2.0.46-46.3.ent.ia64.rpm
cba1acc27a9904ea4988159c81e96a97  httpd-devel-2.0.46-46.3.ent.ia64.rpm
15b4dba781df66f9cbcfc0230b96d261  mod_ssl-2.0.46-46.3.ent.ia64.rpm

x86_64:
d1bd5698951993680a3f4d78b332117e  httpd-2.0.46-46.3.ent.x86_64.rpm
9d57852140e597b4719cda1d8aee4101  httpd-devel-2.0.46-46.3.ent.x86_64.rpm
fc4beccd061aa1de3286a4548d820bcc  mod_ssl-2.0.46-46.3.ent.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/httpd-2.0.52-12.2.ent.src.rpm
de6c9583b0be4f8a91d58f9d96082d3c  httpd-2.0.52-12.2.ent.src.rpm

i386:
2b535c428cc468bb8c94e88cb47b48a0  httpd-2.0.52-12.2.ent.i386.rpm
62933dc89da98cf4e2cdb885cb195d29  httpd-devel-2.0.52-12.2.ent.i386.rpm
573ee8e079b51dd2d6a474c7513ede63  httpd-manual-2.0.52-12.2.ent.i386.rpm
ee7ce0885eb313d0f359c89b0d22b637  httpd-suexec-2.0.52-12.2.ent.i386.rpm
df4a617088e7c3d22cdb88d149f81209  mod_ssl-2.0.52-12.2.ent.i386.rpm

ia64:
2c03808a9cf8081f395259ae21730af0  httpd-2.0.52-12.2.ent.ia64.rpm
99fcf9f0c7ea2b8a4248cd3a0d25da89  httpd-devel-2.0.52-12.2.ent.ia64.rpm
856092d56cc712997901f534a76f568c  httpd-manual-2.0.52-12.2.ent.ia64.rpm
92ac8b5beb4e12b1ead63f7027d07cfb  httpd-suexec-2.0.52-12.2.ent.ia64.rpm
a44cc800809c368c7455c1af306b8e7d  mod_ssl-2.0.52-12.2.ent.ia64.rpm

ppc:
7f49f8989dd2261c2d137af07e14ff54  httpd-2.0.52-12.2.ent.ppc.rpm
a6e1f360410c36f2cc641e321395fd16  httpd-devel-2.0.52-12.2.ent.ppc.rpm
69ce88336483a278bcad15ea6eaca096  httpd-manual-2.0.52-12.2.ent.ppc.rpm
f396126f7386857c22eeeef20d947652  httpd-suexec-2.0.52-12.2.ent.ppc.rpm
99b6d20eed066a3b565756ad83888d22  mod_ssl-2.0.52-12.2.ent.ppc.rpm

s390:
0cbd52d64a91644717a1df0e15ccc39a  httpd-2.0.52-12.2.ent.s390.rpm
ca79cb435376a78d9f6b33c83473defe  httpd-devel-2.0.52-12.2.ent.s390.rpm
3e8a5481d36c837350b17ee20c4fd429  httpd-manual-2.0.52-12.2.ent.s390.rpm
2899ee38bcd82766e731b57d3330ce9a  httpd-suexec-2.0.52-12.2.ent.s390.rpm
7b5f79e871aefd2482c18cff9904c7c4  mod_ssl-2.0.52-12.2.ent.s390.rpm

s390x:
ca68a1ae7ab25f761c901f28cd522f74  httpd-2.0.52-12.2.ent.s390x.rpm
09c838209a62cba64e5b28688e313026  httpd-devel-2.0.52-12.2.ent.s390x.rpm
caf032aaba9e03987ba1413743c47088  httpd-manual-2.0.52-12.2.ent.s390x.rpm
0eeea0d60e789902f10252c39b13140a  httpd-suexec-2.0.52-12.2.ent.s390x.rpm
cedd7dadf3408b281a9d4d7d45e31b16  mod_ssl-2.0.52-12.2.ent.s390x.rpm

x86_64:
34ec39c05630e576fad8859e8f233ba7  httpd-2.0.52-12.2.ent.x86_64.rpm
614164cb0770a14d30eacc211fed4242  httpd-devel-2.0.52-12.2.ent.x86_64.rpm
2b59b10e2c8e41ed23041e3d433a67c7  httpd-manual-2.0.52-12.2.ent.x86_64.rpm
2ce9c581b49e48da9db9b95e61f18ea9  httpd-suexec-2.0.52-12.2.ent.x86_64.rpm
048f5c406bac99d9026eca82573c59f1  mod_ssl-2.0.52-12.2.ent.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/httpd-2.0.52-12.2.ent.src.rpm
de6c9583b0be4f8a91d58f9d96082d3c  httpd-2.0.52-12.2.ent.src.rpm

i386:
2b535c428cc468bb8c94e88cb47b48a0  httpd-2.0.52-12.2.ent.i386.rpm
62933dc89da98cf4e2cdb885cb195d29  httpd-devel-2.0.52-12.2.ent.i386.rpm
573ee8e079b51dd2d6a474c7513ede63  httpd-manual-2.0.52-12.2.ent.i386.rpm
ee7ce0885eb313d0f359c89b0d22b637  httpd-suexec-2.0.52-12.2.ent.i386.rpm
df4a617088e7c3d22cdb88d149f81209  mod_ssl-2.0.52-12.2.ent.i386.rpm

x86_64:
34ec39c05630e576fad8859e8f233ba7  httpd-2.0.52-12.2.ent.x86_64.rpm
614164cb0770a14d30eacc211fed4242  httpd-devel-2.0.52-12.2.ent.x86_64.rpm
2b59b10e2c8e41ed23041e3d433a67c7  httpd-manual-2.0.52-12.2.ent.x86_64.rpm
2ce9c581b49e48da9db9b95e61f18ea9  httpd-suexec-2.0.52-12.2.ent.x86_64.rpm
048f5c406bac99d9026eca82573c59f1  mod_ssl-2.0.52-12.2.ent.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/httpd-2.0.52-12.2.ent.src.rpm
de6c9583b0be4f8a91d58f9d96082d3c  httpd-2.0.52-12.2.ent.src.rpm

i386:
2b535c428cc468bb8c94e88cb47b48a0  httpd-2.0.52-12.2.ent.i386.rpm
62933dc89da98cf4e2cdb885cb195d29  httpd-devel-2.0.52-12.2.ent.i386.rpm
573ee8e079b51dd2d6a474c7513ede63  httpd-manual-2.0.52-12.2.ent.i386.rpm
ee7ce0885eb313d0f359c89b0d22b637  httpd-suexec-2.0.52-12.2.ent.i386.rpm
df4a617088e7c3d22cdb88d149f81209  mod_ssl-2.0.52-12.2.ent.i386.rpm

ia64:
2c03808a9cf8081f395259ae21730af0  httpd-2.0.52-12.2.ent.ia64.rpm
99fcf9f0c7ea2b8a4248cd3a0d25da89  httpd-devel-2.0.52-12.2.ent.ia64.rpm
856092d56cc712997901f534a76f568c  httpd-manual-2.0.52-12.2.ent.ia64.rpm
92ac8b5beb4e12b1ead63f7027d07cfb  httpd-suexec-2.0.52-12.2.ent.ia64.rpm
a44cc800809c368c7455c1af306b8e7d  mod_ssl-2.0.52-12.2.ent.ia64.rpm

x86_64:
34ec39c05630e576fad8859e8f233ba7  httpd-2.0.52-12.2.ent.x86_64.rpm
614164cb0770a14d30eacc211fed4242  httpd-devel-2.0.52-12.2.ent.x86_64.rpm
2b59b10e2c8e41ed23041e3d433a67c7  httpd-manual-2.0.52-12.2.ent.x86_64.rpm
2ce9c581b49e48da9db9b95e61f18ea9  httpd-suexec-2.0.52-12.2.ent.x86_64.rpm
048f5c406bac99d9026eca82573c59f1  mod_ssl-2.0.52-12.2.ent.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/httpd-2.0.52-12.2.ent.src.rpm
de6c9583b0be4f8a91d58f9d96082d3c  httpd-2.0.52-12.2.ent.src.rpm

i386:
2b535c428cc468bb8c94e88cb47b48a0  httpd-2.0.52-12.2.ent.i386.rpm
62933dc89da98cf4e2cdb885cb195d29  httpd-devel-2.0.52-12.2.ent.i386.rpm
573ee8e079b51dd2d6a474c7513ede63  httpd-manual-2.0.52-12.2.ent.i386.rpm
ee7ce0885eb313d0f359c89b0d22b637  httpd-suexec-2.0.52-12.2.ent.i386.rpm
df4a617088e7c3d22cdb88d149f81209  mod_ssl-2.0.52-12.2.ent.i386.rpm

ia64:
2c03808a9cf8081f395259ae21730af0  httpd-2.0.52-12.2.ent.ia64.rpm
99fcf9f0c7ea2b8a4248cd3a0d25da89  httpd-devel-2.0.52-12.2.ent.ia64.rpm
856092d56cc712997901f534a76f568c  httpd-manual-2.0.52-12.2.ent.ia64.rpm
92ac8b5beb4e12b1ead63f7027d07cfb  httpd-suexec-2.0.52-12.2.ent.ia64.rpm
a44cc800809c368c7455c1af306b8e7d  mod_ssl-2.0.52-12.2.ent.ia64.rpm

x86_64:
34ec39c05630e576fad8859e8f233ba7  httpd-2.0.52-12.2.ent.x86_64.rpm
614164cb0770a14d30eacc211fed4242  httpd-devel-2.0.52-12.2.ent.x86_64.rpm
2b59b10e2c8e41ed23041e3d433a67c7  httpd-manual-2.0.52-12.2.ent.x86_64.rpm
2ce9c581b49e48da9db9b95e61f18ea9  httpd-suexec-2.0.52-12.2.ent.x86_64.rpm
048f5c406bac99d9026eca82573c59f1  mod_ssl-2.0.52-12.2.ent.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2700
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2728

8. Contact:

The Red Hat security contact is <secalert@redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFDHZ1DXlSAg2UNWIIRAhAaAKCLHwSGizEHoseJwUtrHko26MrF1QCfdu6p
USKagCRGlItbZeQXAjvAkm4=
=A+ZE
-----END PGP SIGNATURE-----


-- 
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us | Help
Copyright 2005, SecurityGlobal.net LLC