SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com





Category:   Application (Web Server/CGI)  >   Apache mod_rewrite Vendors:   Apache Software Foundation
(Apple Issues Fix) Apache mod_rewrite Contains a Buffer Overflow
SecurityTracker Alert ID:  1008859
SecurityTracker URL:  http://securitytracker.com/id/1008859
CVE Reference:   CAN-2003-0542   (Links to External Site)
Date:  Jan 27 2004
Impact:   Denial of service via network, Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2.0.47 and prior versions
Description:   A vulnerability was reported in the Apache mod_rewrite component. A remote user may be able to trigger a buffer overflow.

It is reported that both mod_alias and mod_rewrite contain a buffer overflow. If the administrator has configured a regular expression with more than 9 captures, the overflow can be triggered.

[Editor's note: The Apache notice did not indicate the impact of the buffer overflow.]
Impact:   [Editor's note: The Apache notice did not indicate the impact of the buffer overflow.]
Solution:   Apple has released a fix (Security Update 2004-01-26), available at:

* Software Update pane in System Preferences

* Apple's Software Downloads web site:

Mac OS X 10.3.2 Client
======================
http://www.info.apple.com/kbnum/n120301
The download file is named: "SecurityUpd2004-01-26Pan.dmg"
Its SHA-1 digest is: 8977b3420a6343d53b79f23c409a601d269d87a4

Mac OS X 10.3.2 Server
======================
http://www.info.apple.com/kbnum/n120300
The download file is named: "SecUpdSrvr2004-01-26Pan.dmg"
Its SHA-1 digest is: 15bfa92c439c6fee1e690703359778cefabf58d7

Mac OS X 10.2.8 Client
======================
http://www.info.apple.com/kbnum/n120302
The download file is named: "SecurityUpd2004-01-26Jag.dmg"
Its SHA-1 digest is: 365401ca71387a45a34ecab5ec7278b62e3089b3

Mac OS X 10.2.8 Server
======================
http://www.info.apple.com/kbnum/n120304
The download file is named: "SecUpdSrvr2004-01-26Jag.dmg"
Its SHA-1 digest is: 605578cbf0d6005ee5f6b474026b908e47175268

Security Update 2004-01-26 for Jaguar and Panther includes Security Update 2003-12-19.

Information is available at:

http://www.apple.com/support/security/security_updates.html
Vendor URL:  httpd.apache.org/ (Links to External Site)
Cause:   Boundary error
Underlying OS:   UNIX (OS X)

Message History:   This archive entry is a follow-up to the message listed below.
Oct 29 2003 Apache mod_rewrite Contains a Buffer Overflow


 Source Message Contents
Date:  Mon, 26 Jan 2004 16:26:51 -0800
Subject:  APPLE-SA-2004-01-26 Security Update 2004-01-26


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2004-01-26 Security Update 2004-01-26

Security Update 2004-01-26 is now available.  It contains security
enhancements for the following:

AFP Server:  Improves AFP over the 2003-12-19 security update.

Apache 1.3: Fixes CAN-2003-0542, a buffer overflow in the mod_alias
    and mod_rewrite modules of the Apache webserver.

Apache 2: Fixes CAN-2003-0542 and CAN-2003-0789 by updating Apache
    2.0.47 to 2.0.48. Installed only on Server systems.

Classic:  Fixes CAN-2004-0089 to improve the handling of environment
    variables.  Credit to Dave G. of @stake for reporting this issue.

Mail:  Fixes CAN-2004-0085 and CAN-2004-0086 to deliver security
    enhancements to Apple's mail application.  Credit to Jim Roepcke
    for reporting CAN-2004-0086.

Safari:  Fixes CAN-2004-0092 by delivering security enhancements to
    the Safari web browser.

System Configuration: Fixes CAN-2004-0087 and CAN-2004-0088 where the
    SystemConfiguration subsystem allowed remote non-admin users to
    change network setting and make configuration changes to configd.
    Credit to Dave G. from @stake for reporting these issues.

Windows File Sharing: Fixes CAN-2004-0090 where Windows file sharing
    did not shutdown properly.

================================================

Security Update 2004-01-26 is available for the following systems:
   -  Mac OS X 10.1.5 "Puma" and Mac OS X Server 10.1.5
   -  Mac OS X 10.2.8 "Jaguar" and Mac OS X Server 10.2.8
   -  Mac OS X 10.3.2 "Panther" and Mac OS X Server 10.3.2

The Security Updates web page indicates which fixes are available for
each system, as not all issues apply to each system.  Security Update
2003-12-19 has been incorporated into this security update for the
Jaguar and Panther systems.

================================================

Security Update 2004-01-26 may be obtained from:

  * Software Update pane in System Preferences

  * Apple's Software Downloads web site:

    Mac OS X 10.3.2 Client
    ======================
    http://www.info.apple.com/kbnum/n120301
    The download file is named: "SecurityUpd2004-01-26Pan.dmg"
    Its SHA-1 digest is: 8977b3420a6343d53b79f23c409a601d269d87a4

    Mac OS X 10.3.2 Server
    ======================
    http://www.info.apple.com/kbnum/n120300
    The download file is named: "SecUpdSrvr2004-01-26Pan.dmg"
    Its SHA-1 digest is: 15bfa92c439c6fee1e690703359778cefabf58d7
    
    Mac OS X 10.2.8 Client
    ======================
    http://www.info.apple.com/kbnum/n120302
    The download file is named: "SecurityUpd2004-01-26Jag.dmg"
    Its SHA-1 digest is: 365401ca71387a45a34ecab5ec7278b62e3089b3
    
    Mac OS X 10.2.8 Server
    ======================
    http://www.info.apple.com/kbnum/n120304
    The download file is named: "SecUpdSrvr2004-01-26Jag.dmg"
    Its SHA-1 digest is: 605578cbf0d6005ee5f6b474026b908e47175268
    
    Mac OS X 10.1.5 Client and Server
    =================================
    http://www.info.apple.com/kbnum/n120303
    The download file is named: "SecurityUpd2004-01-26P.dmg"
    Its SHA-1 digest is: 7c7f55d675a19957bce3c5aeaa985652a8c59d7b
    
Information will also be posted to the Apple Product Security web
site:
http://www.apple.com/support/security/security_updates.html

This message is signed with Apple's Product Security PGP key, and
details are available at:
http://www.apple.com/support/security/security_pgp.html

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.2

iQEVAwUBQBWwCneI0z6bzFr0AQJq2gf9EnXdvmQv32/FEQ7oD2SMr1CRURt8obxD
/71SE+DFNS07eO8UzExNRy490hkTb8sXEpp9jeDu7hTR00ZH4FpzDX0Ydn5x/LGJ
b/wG2w9WgjVjdBKhykANAb8Pomnrm8sTzQvpfXyQmHr9q7Qt5Idcs7pjaU3UK2J4
gAhe48cBdxktBgjktoNHpZ13oF24yVUi4D0PDEdiab4ZDjJu16sox72+1Us/4cEI
xG5womXWxNXV9iF4wQeubEmsgOG+xKA++wY0At204AyR4i2UCPkynZIB7VvJh+nV
js+l4Ry02jtC+Nj50np3mPRvmLZiaC+zJeB8Vdap7m3yKTwLZ8gpFw==
=2ecE
-----END PGP SIGNATURE-----
_______________________________________________
security-announce mailing list | security-announce@lists.apple.com
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/security-announce
Do not post admin requests to the list. They will be ignored.


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

Copyright 2013, SecurityGlobal.net LLC