Executive Summary

Summary
Title httpd security and bug fix update
Informations
Name RHSA-2010:0659 First vendor Publication 2010-08-30
Vendor RedHat Last vendor Modification 2010-08-30
Severity (Vendor) Moderate Revision 01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score 5 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

Updated httpd packages that fix two security issues and multiple bugs are now available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

2. Relevant releases/architectures:

RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64

3. Description:

The Apache HTTP Server is a popular web server.

A flaw was discovered in the way the mod_proxy module of the Apache HTTP Server handled the timeouts of requests forwarded by a reverse proxy to the back-end server. If the proxy was configured to reuse existing back-end connections, it could return a response intended for another user under certain timeout conditions, possibly leading to information disclosure. (CVE-2010-2791)

A flaw was found in the way the mod_dav module of the Apache HTTP Server handled certain requests. If a remote attacker were to send a carefully crafted request to the server, it could cause the httpd child process to crash. (CVE-2010-1452)

This update also fixes the following bugs:

* numerous issues in the INFLATE filter provided by mod_deflate. "Inflate error -5 on flush" errors may have been logged. This update upgrades mod_deflate to the newer upstream version from Apache HTTP Server 2.2.15. (BZ#625435)

* the response would be corrupted if mod_filter applied the DEFLATE filter to a resource requiring a subrequest with an internal redirect. (BZ#625451)

* the OID() function used in the mod_ssl "SSLRequire" directive did not correctly evaluate extensions of an unknown type. (BZ#625452)

All httpd users should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

617523 - CVE-2010-2791 httpd: Reverse proxy sends wrong responses after time-outs 618189 - CVE-2010-1452 httpd mod_cache, mod_dav: DoS (httpd child process crash) by parsing URI structure with missing path segments 625435 - mod_deflate/mod_proxy generating 'Inflate error -5 on flush' errors 625451 - [APACHE BUG] filter handling issues with subrequests and internal redirects 625452 - mod_ssl: Further fix for SSLRequire OID() function

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2010-0659.html

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-200 Information Exposure

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:11683
 
Oval ID: oval:org.mitre.oval:def:11683
Title: Apache 'mod_cache' and 'mod_dav' Request Handling Denial of Service Vulnerability
Description: The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service (process crash) via a request that lacks a path.
Family: windows Class: vulnerability
Reference(s): CVE-2010-1452
 Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
 Product(s): Apache
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12341
 
Oval ID: oval:org.mitre.oval:def:12341
Title: HP-UX Apache-based Web Server, Local Information Disclosure, Increase of Privilege, Remote Denial of Service (DoS)
Description: The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service (process crash) via a request that lacks a path.
Family: unix Class: vulnerability
Reference(s): CVE-2010-1452
 Version: 12
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22131
 
Oval ID: oval:org.mitre.oval:def:22131
Title: RHSA-2010:0659: httpd security and bug fix update (Moderate)
Description: mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request. NOTE: this is the same issue as CVE-2010-2068, but for a different OS and set of affected versions.
Family: unix Class: patch
Reference(s): RHSA-2010:0659-01
CESA-2010:0659
CVE-2010-1452
CVE-2010-2791
 Version: 29
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
 Product(s): httpd
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22935
 
Oval ID: oval:org.mitre.oval:def:22935
Title: ELSA-2010:0659: httpd security and bug fix update (Moderate)
Description: mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request. NOTE: this is the same issue as CVE-2010-2068, but for a different OS and set of affected versions.
Family: unix Class: patch
Reference(s): ELSA-2010:0659-01
CVE-2010-1452
CVE-2010-2791
 Version: 13
Platform(s): Oracle Linux 5
 Product(s): httpd
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27980
 
Oval ID: oval:org.mitre.oval:def:27980
Title: DEPRECATED: ELSA-2010-0659 -- httpd security and bug fix update (moderate)
Description: [2.2.3-43.0.1.el5_5.3 ] - replace index.html with Oracle's index page oracle_index.html - update vstring and distro in specfile [2.2.3-43.3] - mod_ssl: improved fix for SSLRequire's OID() function (#625452) [2.2.3-43.2] - add security fixes for CVE-2010-1452, CVE-2010-2791 (#623210) - mod_deflate: rebase to 2.2.15 (#625435) - stop multiple invocations of filter init functions (#625451)
Family: unix Class: patch
Reference(s): ELSA-2010-0659
CVE-2010-1452
CVE-2010-2791
 Version: 4
Platform(s): Oracle Linux 5
 Product(s): httpd
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 181

OpenVAS Exploits

Date Description
2012-08-10 Name : Gentoo Security Advisory GLSA 201206-25 (apache)
File : nvt/glsa_201206_25.nasl
2011-09-21 Name : Debian Security Advisory DSA 2298-1 (apache2)
File : nvt/deb_2298_1.nasl
2011-09-21 Name : Debian Security Advisory DSA 2298-2 (apache2)
File : nvt/deb_2298_2.nasl
2011-08-26 Name : Mac OS X v10.6.6 Multiple Vulnerabilities (2011-001)
File : nvt/secpod_macosx_su11-001.nasl
2011-01-04 Name : HP-UX Update for Apache-based Web Server HPSBUX02612
File : nvt/gb_hp_ux_HPSBUX02612.nasl
2010-12-02 Name : Ubuntu Update for apache2 vulnerabilities USN-1021-1
File : nvt/gb_ubuntu_USN_1021_1.nasl
2010-10-19 Name : Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosur...
File : nvt/gb_apache_42102.nasl
2010-09-07 Name : RedHat Update for httpd RHSA-2010:0659-01
File : nvt/gb_RHSA-2010_0659-01_httpd.nasl
2010-08-21 Name : FreeBSD Ports: apache
File : nvt/freebsd_apache17.nasl
2010-08-20 Name : Mandriva Update for apache MDVSA-2010:152 (apache)
File : nvt/gb_mandriva_MDVSA_2010_152.nasl
2010-08-20 Name : Mandriva Update for apache MDVSA-2010:153 (apache)
File : nvt/gb_mandriva_MDVSA_2010_153.nasl
2010-08-16 Name : Fedora Update for httpd FEDORA-2010-12478
File : nvt/gb_fedora_2010_12478_httpd_fc13.nasl
2010-07-27 Name : Apache HTTP Server Multiple Remote Denial of Service Vulnerabilities
File : nvt/gb_apache_41963.nasl
0000-00-00 Name : Slackware Advisory SSA:2010-240-02 httpd
File : nvt/esoft_slk_ssa_2010_240_02.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
66745 Apache HTTP Server Multiple Modules Pathless Request Remote DoS
65654 Apache HTTP Server mod_proxy_http mod_proxy_http.c Timeout Detection Weakness...

Nessus® Vulnerability Scanner

Date Description
2015-12-30 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL23332326.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0659.nasl - Type : ACT_GATHER_INFO
2013-06-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0659.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100830_httpd_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-06-25 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201206-25.nasl - Type : ACT_GATHER_INFO
2012-04-20 Name : The remote web server is affected by multiple vulnerabilities.
File : hpsmh_7_0_0_24.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_apache2-110831.nasl - Type : ACT_GATHER_INFO
2011-08-30 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2298.nasl - Type : ACT_GATHER_INFO
2011-03-22 Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_10_6_7.nasl - Type : ACT_GATHER_INFO
2011-03-22 Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_SecUpd2011-001.nasl - Type : ACT_GATHER_INFO
2010-11-28 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1021-1.nasl - Type : ACT_GATHER_INFO
2010-10-20 Name : The remote web server is affected by multiple vulnerabilities.
File : apache_2_0_64.nasl - Type : ACT_GATHER_INFO
2010-08-31 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0659.nasl - Type : ACT_GATHER_INFO
2010-08-29 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2010-240-02.nasl - Type : ACT_GATHER_INFO
2010-08-17 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-152.nasl - Type : ACT_GATHER_INFO
2010-08-17 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-153.nasl - Type : ACT_GATHER_INFO
2010-08-14 Name : The remote Fedora host is missing a security update.
File : fedora_2010-12478.nasl - Type : ACT_GATHER_INFO
2010-07-30 Name : The remote web server is affected by multiple vulnerabilities.
File : apache_2_2_16.nasl - Type : ACT_GATHER_INFO
2010-07-26 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_28a7310f985511df8d36001aa0166822.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
Date Informations
2017-08-17 09:25:25
  • Multiple Updates
2016-08-23 09:26:29
  • Multiple Updates
2016-08-20 12:08:30
  • Multiple Updates
2016-04-26 23:26:30
  • Multiple Updates
2014-02-17 11:53:47
  • Multiple Updates
2013-10-11 13:30:54
  • Multiple Updates
2013-05-11 00:51:42
  • Multiple Updates