SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   Mod_ssl Vendors:   Modssl.org
(Caldera Issues Fix for OpenLinux) 'mod_ssl' Security Package for Apache Web Server Has Buffer Overflow That Can Be Triggered By Remote Users
SecurityTracker Alert ID:  1003928
SecurityTracker URL:  http://securitytracker.com/id/1003928
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Mar 31 2002
Impact:   Execution of arbitrary code via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 2.8.7
Description:   A vulnerability was reported in the 'mod_ssl' package for the Apache web server. A remote user may be able to overflow a buffer. The potential impact is not yet know.

It is reported that a remote user may be able to trigger a buffer overflow in the DBM and SHMHT session cache by using very large certificate chains. This is reportedly due to the unbounded nature of ASN.1 representations that could overflow a large but statically allocated buffer.

It is not yet clear if remote code execution is feasible.

Impact:   A remote user may be able to trigger a buffer overflow in mod_ssl. It is not yet clear if remote code execution is feasible.
Solution:   The vendor has released a fix.

For OpenLinux 3.1 Server:

The 3.1 version of this package is not yet available. An updated advisory will be published when the package is released.


For OpenLinux 3.1 Workstation:

The 3.1 version of this package is not yet available. An updated advisory will be published when the package is released.


For OpenLinux 3.1.1 Server:

ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/current/RPMS

The corresponding source code package can be found at:

ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/current/SRPMS

The verification checksums are:

64223d2995fd5501b440d14d9af35359 RPMS/mod_ssl-2.8.5_1.3.22-2.i386.rpm
f45c83a03d7fa38825645d551d5a1489 RPMS/mod_ssl-sxnet-2.8.5_1.3.22-2.i386.rpm
57ad82f8f53b9745929002b06d8e26da SRPMS/mod_ssl-2.8.5_1.3.22-2.src.rpm

Upgrade the affected packages with the following commands:

rpm -Fvh mod_ssl-2.8.5_1.3.22-2.i386.rpm \
mod_ssl-sxnet-2.8.5_1.3.22-2.i386.rpm


For OpenLinux 3.1.1 Workstation:

ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Workstation/current/RPMS

The corresponding source code package can be found at:

ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Workstation/current/SRPMS

The verification checksums are:

64223d2995fd5501b440d14d9af35359 RPMS/mod_ssl-2.8.5_1.3.22-2.i386.rpm
f45c83a03d7fa38825645d551d5a1489 RPMS/mod_ssl-sxnet-2.8.5_1.3.22-2.i386.rpm
57ad82f8f53b9745929002b06d8e26da SRPMS/mod_ssl-2.8.5_1.3.22-2.src.rpm

Upgrade the affected packages with the following commands:

rpm -Fvh mod_ssl-2.8.5_1.3.22-2.i386.rpm \
mod_ssl-sxnet-2.8.5_1.3.22-2.i386.rpm

Vendor URL:  www.modssl.org/ (Links to External Site)
Cause:   Boundary error
Underlying OS:  Linux (Caldera/SCO)
Underlying OS Comments:  3.1, 3.1.1

Message History:   This archive entry is a follow-up to the message listed below.
Feb 26 2002 'mod_ssl' Security Package for Apache Web Server Has Buffer Overflow That Can Be Triggered By Remote Users



 Source Message Contents

Subject:  Security Update: [CSSA-2002-011.0] Linux: mod_ssl Buffer Overflow Condition


--VV4b6MQE+OnNyhkM
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: 8bit            

To: bugtraq@securityfocus.com announce@lists.caldera.com security-alerts@linuxsecurity.com

______________________________________________________________________________
		   Caldera International, Inc.  Security Advisory

Subject:		Linux: mod_ssl Buffer Overflow Condition
Advisory number: 	CSSA-2002-011.0
Issue date: 		2002, March 18
Cross reference:
______________________________________________________________________________


1. Problem Description

   modssl uses underlying OpenSSL routines in a manner which could cause
   a buffer overflow.


2. Vulnerable Supported Versions

   System                       Package
   -----------------------------------------------------------
   OpenLinux Server 3.1          All packages previous to
                                 mod_ssl-2.8.5_1.3.22-2   

   OpenLinux Workstation 3.1     All packages previous to
                                 mod_ssl-2.8.5_1.3.22-2

   OpenLinux Server 3.1.1        All packages previous to      
                                 mod_ssl-2.8.5_1.3.22-2        
   
   OpenLinux Workstation         All packages previous to      
   3.1.1                         mod_ssl-2.8.5_1.3.22-2        
   


3. Solution

   Workaround

     none

   The proper solution is to upgrade to the latest packages.


4. OpenLinux 3.1 Server

    4.1 Location of Fixed Packages

         The 3.1 version of this package is not yet available. An updated
         advisory will be published when the package is released.
 

5. OpenLinux 3.1 Workstation

    5.1 Location of Fixed Packages

         The 3.1 version of this package is not yet available. An updated
         advisory will be published when the package is released.
 

6. OpenLinux 3.1.1 Server

    6.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:

       ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/current/RPMS

       The corresponding source code package can be found at:

       ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/current/SRPMS

   6.2 Verification

       64223d2995fd5501b440d14d9af35359  RPMS/mod_ssl-2.8.5_1.3.22-2.i386.rpm
       f45c83a03d7fa38825645d551d5a1489  RPMS/mod_ssl-sxnet-2.8.5_1.3.22-2.i386.rpm
       57ad82f8f53b9745929002b06d8e26da  SRPMS/mod_ssl-2.8.5_1.3.22-2.src.rpm
       

   6.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

         rpm -Fvh mod_ssl-2.8.5_1.3.22-2.i386.rpm \
              mod_ssl-sxnet-2.8.5_1.3.22-2.i386.rpm
         

7. OpenLinux 3.1.1 Workstation

    7.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:

       ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Workstation/current/RPMS

       The corresponding source code package can be found at:

       ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Workstation/current/SRPMS

   7.2 Verification

       64223d2995fd5501b440d14d9af35359  RPMS/mod_ssl-2.8.5_1.3.22-2.i386.rpm
       f45c83a03d7fa38825645d551d5a1489  RPMS/mod_ssl-sxnet-2.8.5_1.3.22-2.i386.rpm
       57ad82f8f53b9745929002b06d8e26da  SRPMS/mod_ssl-2.8.5_1.3.22-2.src.rpm
       

   7.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

         rpm -Fvh mod_ssl-2.8.5_1.3.22-2.i386.rpm \
              mod_ssl-sxnet-2.8.5_1.3.22-2.i386.rpm
         


8. References

   Specific references for this advisory:

	none


   Caldera OpenLinux security resources:

	http://www.caldera.com/support/security/index.html

   Caldera UNIX security resources:

	http://stage.caldera.com/support/security/



   This security fix closes Caldera incidents sr861039, erg711978,
   fz520252.


9. Disclaimer

   Caldera International, Inc. is not responsible for the misuse of
   any of the information we provide on this website and/or through
   our security advisories.  Our advisories are a service to our
   customers intended to promote secure installation and use of
   Caldera International products.


10. Acknowledgements

   Ed Moyle <emoyle@scsnet.csc.com> discovered and researched this
   vulnerability.
______________________________________________________________________________

--VV4b6MQE+OnNyhkM
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (SCO_SV)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAjykxIIACgkQbluZssSXDTFcIACgok2omM3v3vvg5ZKPG2TnBU5c
5EAAn0ZpxBmgxWOHfeuQrrYc8+77pb+8
=LpWT
-----END PGP SIGNATURE-----

--VV4b6MQE+OnNyhkM--

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC