Date: Mon, 1 Jul 2002 15:15:43 -0700
From: security@caldera.com
To: bugtraq@securityfocus.com, announce@lists.caldera.com,
Subject: Security Update: [CSSA-2002-SCO.31] UnixWare 7.1.1 Open UNIX 8.0.0 : Apache Web Server Chunk Handling Vulnerability / mod_ssl off-by-one error
--WhfpMioaduB5tiZL
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
To: bugtraq@securityfocus.com announce@lists.caldera.com scoannmod@xenitec.on.ca
______________________________________________________________________________
Caldera International, Inc. Security Advisory
Subject: UnixWare 7.1.1 Open UNIX 8.0.0 : Apache Web Server Chunk Handling Vulnerability / mod_ssl off-by-one error
Advisory number: CSSA-2002-SCO.31
Issue date: 2002 July 01
Cross reference:
______________________________________________________________________________
1. Problem Description
This advisory addresses two separate vulnerabilities:
1) There is a remotely exploitable vulnerability in the
handling of large chunks of data in web servers that are
based on Apache source code.
2) mod_ssl registers a rewrite_command hook when backward
compatibility is enabled. The ssl_compat_directive() is
called for every line read in a configuration file, and
contains an off-by-one error while doing so.
2. Vulnerable Supported Versions
System Subsystem
----------------------------------------------------------------------
UnixWare 7.1.1 Apache
Open UNIX 8.0.0 Apache
3. Solution
The proper solution is to install the latest packages.
4. UnixWare 7.1.1
4.1 Location of Fixed Binaries
ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.31
4.2 Verification
MD5 (apache-1.3.26.pkg.Z) = 75391ed80d727d9cd00a73c2cc24816b
md5 is available for download from
ftp://ftp.caldera.com/pub/security/tools
4.3 Installing Fixed Binaries
Upgrade the affected binaries with the following commands:
Download apache-1.3.26.pkg.Z to the /var/spool/pkg directory
# uncompress /var/spool/pkg/apache-1.3.26.pkg.Z
# pkgadd -d /var/spool/pkg/apache-1.3.26.pkg
5. Open UNIX 8.0.0
5.1 Location of Fixed Binaries
ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.31
5.2 Verification
MD5 (apache-1.3.26.pkg.Z) = 75391ed80d727d9cd00a73c2cc24816b
md5 is available for download from
ftp://ftp.caldera.com/pub/security/tools
5.3 Installing Fixed Binaries
Upgrade the affected binaries with the following commands:
Download apache-1.3.26.pkg.Z to the /var/spool/pkg directory
# uncompress /var/spool/pkg/apache-1.3.26.pkg.Z
# pkgadd -d /var/spool/pkg/apache-1.3.26.pkg
6. References
Specific references for this advisory:
http://www.cert.org/advisories/CA-2002-17.htmlhttp://httpd.apache.org/info/security_bulletin_20020617.txthttp://www.modssl.org/
Caldera security resources:
http://www.caldera.com/support/security/index.html
This security fix closes Caldera incidents sr865893, fz521273,
erg712079.
7. Disclaimer
Caldera International, Inc. is not responsible for the
misuse of any of the information we provide on this website
and/or through our security advisories. Our advisories are
a service to our customers intended to promote secure
installation and use of Caldera products.
8. Acknowledgements
Neel Mehta of the ISS X-Force discovered the Apache
vulnerability. Mark Litchfield reported the vulnerability
to the Apache Software Foundation, and Mark Cox reported
it to the CERT/CC.
The mod_ssl vulnerability information was obtained from an
advisory by Frank Denis (j@pureftpd.org)
______________________________________________________________________________
--WhfpMioaduB5tiZL
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (SCO_SV)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAj0g1I8ACgkQaqoBO7ipriFCdgCcCSMR3nP8rOR6jcJobrRs9YP7
1uQAoK4MJvfdutO6DcS91C6igrrAt9/L
=xP1c
-----END PGP SIGNATURE-----
--WhfpMioaduB5tiZL--
