Tenon Intersystems Please see text links at bottom of page for navigation
Please see text links at bottom of page for navigation

Search tenon.com

Thanks to:

WebTen
[Top] [All Lists]
<prev [Date] next> <prev [Thread] next>

Re: Apache Vulnerability in WebTen

To: webten@xxxxxxxxxxxxxxx
Subject: Re: Apache Vulnerability in WebTen
From: Robert Brandtjen <rob@xxxxxxxxxxxxxxxxxxx>
Date: Mon, 24 Jun 2002 16:55:32 -0500 
On Monday 24 June 2002 04:41 pm, you wrote:
> THat may be true for user "nobody" but it has nothing to do with the apache
> problem. re-read the cert - assumption of root is usually the object of
> most such hack attempts, for your future reference. What do you think
> arbitrary code is ?

Read below:

Red Hat Network has determined that the following advisory is applicable to
one or more of the systems you have registered:


Complete information about this errata can be found at the following location:
     https://rhn.redhat.com/network/errata/errata_details.pxt?eid=1100


Security Advisory - RHSA-2002:103-13
------------------------------------------------------------------------------
Summary:
Updated Apache packages fix chunked encoding issue


The Apache Web server contains a security vulnerability which can be used
to launch a denial of service attack, or in some cases, allow remote code
execution.


Description:
Versions of the Apache Web server up to and including 1.3.24 contain a bug
in the routines which deal with requests encoded using "chunked" encoding.
A carefully crafted invalid request can cause an Apache child process to
call the memcpy() function in a way that will write past the end of its
buffer, corrupting the stack.


The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2002-0392 to this issue.


Our investigations show that this bug cannot be used to gain remote access
to a server running Apache on Red Hat Linux on 32-bit platforms, but it
does cause the child process to die. The Apache parent process will
notice this and start a new child process when necessary -- using more
resources than normal.


Investigations by the Apache Software Foundation show that in some cases
64-bit platforms may have a greater exposure and could be remotely
exploited to allow arbitrary code to be run on the server.


We have backported the security fix from the official Apache 1.3.26
release. This should help minimize the impact of upgrading to our errata
packages.


All users of Apache should update to these errata packages to correct this
security issue.


References:
http://httpd.apache.org/info/security_bulletin_20020617.txt
http://www.apacheweek.com/issues/02-06-21

I'm not sure about webten, but I know of know ordinary user account on any 
other *nix which could instigate a DoS attack.

-- 
 Robert Brandtjen
 --------------------------------------
 Web Site Creation and Hosting Services
 Hostmaster@xxxxxxxxxxxxxxxxxxx
 www.prometheusmedia.com
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Apache Vulnerability in WebTen, Robert Brandtjen
Next by Date:  Re: Apache Vulnerability in WebTen, Erik Lotspeich
Previous by Thread:  Re: Apache Vulnerability in WebTen, Ed Pastore
Next by Thread:  RE: Apache Vulnerability in WebTen, David Kazias
Indexes:  [Date] [Thread] [Top] [All Lists]
| Tenon Home | Products | Order | Contact Us | About Tenon | Register | Tech Support | Resources | Press Room | Mailing Lists |

Powered By iTools

Copyright©2003 Tenon Intersystems, 232 Anacapa Street, Suite 2A, Santa Barbara, CA 93101. All rights reserved.
Questions about our website - Contact: webmaster@tenon.com.

Tenon Home Tenon Home Tenon Home Tenon Home Product Info Tenon Ordering Contact About Register Support Resources Press Mailing Lists