SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Web Server/CGI)  >   Apache HTTPD Vendors:   Apache Software Foundation
Apache mod_proxy Integer Overflow May Let Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1023533
SecurityTracker URL:  http://securitytracker.com/id/1023533
CVE Reference:   CVE-2010-0010   (Links to External Site)
Date:  Feb 3 2010
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 1.3.41 and prior versions
Description:   A vulnerability was reported in Apache mod_proxy. A remote user can execute arbitrary code on the target system.

A remote user can send specially crafted data to trigger an integer overflow and potentially execute arbitrary code on the target system. The code will run with the privileges of the target service.

The vulnerability resides in the ap_proxy_send_fb() function in 'modules/proxy/proxy_util.c'.

Adam Zabrocki reported this vulnerability.

Impact:   A remote user can execute arbitrary code on the target system.
Solution:   The vendor has issued a fixed version (1.3.42).
Vendor URL:  httpd.apache.org/ (Links to External Site)
Cause:   Boundary error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   None.


 Source Message Contents

Subject:  Apache HTTP Server 1.3.42 released (final release of 1.3.x)


--HlL+5n6rz5pIUxbD
Content-Type: text/plain; charset=iso-8859-15
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable


                       Apache HTTP Server 1.3.42 Released

   The Apache Software Foundation and the Apache HTTP Server Project are
   pleased to announce the release of version 1.3.42 of the Apache HTTP
   Server ("Apache"). This release is intended as the final release of
   version 1.3 of the Apache HTTP Server, which has reached end of life
   status.

   There will be no more full releases of Apache HTTP Server 1.3.
   However, critical security updates may be made available from the
   following website:

        http://www.apache.org/dist/httpd/patches/=20
  =20
   Our thanks go to everyone who has helped make Apache HTTP Server 1.3
   the most successful, and most used, webserver software on the planet!

   This Announcement notes the significant changes in
   1.3.42 as compared to 1.3.41.

   This version of Apache is is principally a bug and security fix release.
   The following moderate security flaw has been addressed:

     * CVE-2010-0010 (cve.mitre.org)
       mod_proxy: Prevent chunk-size integer overflow on platforms
       where sizeof(int) < sizeof(long). Reported by Adam Zabrocki.

   Please see the CHANGES_1.3.42 file in this directory for a full list
   of changes for this version.

   Apache 1.3.42 is the final stable release of the Apache 1.3 family. We
   strongly recommend that users of all earlier versions, including 1.3
   family releases, upgrade to to the current 2.2 version as soon as possib=
le.
   For information about how to upgrade, please see the documentation:
         =20
	  http://httpd.apache.org/docs/2.2/upgrading.html


   Apache 1.3.42 is available for download from

           http://httpd.apache.org/download.cgi

   This service utilizes the network of mirrors listed at:

           http://www.apache.org/mirrors/

   Binary distributions may be available for your specific platform from

           http://www.apache.org/dist/httpd/binaries/

   Binaries distributed by the Apache HTTP Server Project are provided as a
   courtesy by individual project contributors. The project makes no
   commitment to release the Apache HTTP Server in binary form for any
   particular platform, nor on any particular schedule.

   IMPORTANT NOTE FOR APACHE USERS: Apache 1.3 was designed for Unix OS
   variants. While the ports to non-Unix platforms (such as Win32, Netware =
or
   OS2) will function for some applications, Apache 1.3 is not designed for
   these platforms. Apache 2 was designed from the ground up for security,
   stability, or performance issues across all modern operating systems.
   Users of any non-Unix ports are strongly cautioned to move to Apache 2.

   The Apache project no longer distributes non-Unix platform binaries from
   the main download pages for Apache 1.3. If absolutely necessary, a binary
   may be available at http://archive.apache.org/dist/httpd/.

Apache 1.3.42 Major changes

  Security vulnerabilities

   The main security vulnerabilities addressed in 1.3.42 are:

  *) SECURITY: CVE-2010-0010 (cve.mitre.org)
     mod_proxy: Prevent chunk-size integer overflow on platforms
     where sizeof(int) < sizeof(long). Reported by Adam Zabrocki.

  Bugfixes addressed in 1.3.42 are:

  *) Protect logresolve from mismanaged DNS records that return
     blank/null hostnames.=20

--=20
Colm MacC=E1rthaigh

--HlL+5n6rz5pIUxbD
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFLaL1Vdcqio/ObN1ARAntFAKCYGvOqjdcUEFDosX+VEM9+6KOj5ACfUQqC
siKoc29zzBZSXhY+yhMlGMs=
=scSI
-----END PGP SIGNATURE-----

--HlL+5n6rz5pIUxbD--
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC