Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT Security Bulletin
ASB-2010.0087
Update for IBM HTTP Server Corrects Multiple Vulnerabilities
22 March 2010
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: IBM HTTP Server
Operating System: Windows
Linux variants
HP-UX
Solaris
AIX
Impact/Access: Denial of Service -- Remote/Unauthenticated
Access Privileged Data -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2010-0434 CVE-2010-0408
Member content until: Wednesday, April 21 2010
Reference: ASB-2010.0073
ASB-2010.0070
OVERVIEW
IBM have released an update for HTTP Server correcting multiple
security vulnerabilities.
IMPACT
The vendor has provided the following information regarding these
vulnerabilities:
Potential vulnerabilities: CVE-2010-0434, CVE-2010-0408 [1]
The National Vulnerability Database [2] has provided the following
information on these vulnerabilities:
* CVE-2010-0434:"The ap_read_request function in server/protocol.c
in the Apache HTTP Server 2.2.x before 2.2.15, when a
multithreaded MPM is used, does not properly handle headers in
subrequests in certain circumstances involving a parent request
that has a body, which might allow remote attackers to obtain
sensitive information via a crafted request that triggers access
to memory locations associated with an earlier request." [3]
* CVE-2010-0408:"The ap_proxy_ajp_request function in
mod_proxy_ajp.c in mod_proxy_ajp in the Apache HTTP Server 2.2.x
before 2.2.15 does not properly handle certain situations in
which a client sends no request body, which allows remote
attackers to cause a denial of service (backend server outage)
via a crafted request, related to use of a 500 error code instead
of the appropriate 400 error code." [4]
MITIGATION
APAR PM08939 has been released to correct these vulnerabilities.
They are also targeted to be corrected in fixpacks 6.0.2.41, 6.1.0.31
and 7.0.0.11. [1]
REFERENCES
[1] PM08939: CVE-2010-0434 / CVE-2010-0408
http://www-01.ibm.com/support/docview.wss?uid=swg1PM08939
[2] National Vulnerability Database
http://web.nvd.nist.gov/view/vuln/search?execution=e5s1
[3] Vulnerability Summary for CVE-2010-0434
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0434
[4] Vulnerability Summary for CVE-2010-0408
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0408
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iD8DBQFLpuJl/iFOrG6YcBERAr0bAJ41j5EMYUloImdFnNkqGBC0U9FYQACeNnOG
tFcZ01HFASwWD3UB9JCfhso=
=+i/i
-----END PGP SIGNATURE-----