cvelistv5 - CVE-2002-1157

CVE-2002-1157

Vulnerability from cvelistv5

Published

2004-09-01 04:00

Modified

2024-08-08 03:19

Severity ?

Summary

Cross-site scripting vulnerability in the mod_ssl Apache module 2.8.9 and earlier, when UseCanonicalName is off and wildcard DNS is enabled, allows remote attackers to execute script as other web site visitors, via the server name in an HTTPS response on the SSL port, which is used in a self-referencing URL, a different vulnerability than CAN-2002-0840.

References

URL	Tags
cve@mitre.org	http://archives.neohapsis.com/archives/bugtraq/2002-10/0374.html
cve@mitre.org	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000541
cve@mitre.org	http://online.securityfocus.com/archive/1/296753
cve@mitre.org	http://www.debian.org/security/2002/dsa-181	Patch, Vendor Advisory
cve@mitre.org	http://www.iss.net/security_center/static/10457.php	Vendor Advisory
cve@mitre.org	http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-072.php
cve@mitre.org	http://www.linuxsecurity.com/advisories/other_advisory-2512.html
cve@mitre.org	http://www.osvdb.org/2107
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2002-222.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2002-243.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2002-244.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2002-248.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2002-251.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2003-106.html
cve@mitre.org	http://www.securityfocus.com/bid/6029
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/bugtraq/2002-10/0374.html
af854a3a-2127-422b-91ae-364da2661108	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000541
af854a3a-2127-422b-91ae-364da2661108	http://online.securityfocus.com/archive/1/296753
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2002/dsa-181	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.iss.net/security_center/static/10457.php	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-072.php
af854a3a-2127-422b-91ae-364da2661108	http://www.linuxsecurity.com/advisories/other_advisory-2512.html
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/2107
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2002-222.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2002-243.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2002-244.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2002-248.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2002-251.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2003-106.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/6029

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T03:19:27.695Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20021026 GLSA: mod_ssl",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0374.html"
          },
          {
            "name": "RHSA-2002:243",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2002-243.html"
          },
          {
            "name": "6029",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/6029"
          },
          {
            "name": "RHSA-2002:222",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2002-222.html"
          },
          {
            "name": "RHSA-2003:106",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2003-106.html"
          },
          {
            "name": "RHSA-2002:251",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2002-251.html"
          },
          {
            "name": "DSA-181",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2002/dsa-181"
          },
          {
            "name": "2107",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/2107"
          },
          {
            "name": "ESA-20021029-027",
            "tags": [
              "vendor-advisory",
              "x_refsource_ENGARDE",
              "x_transferred"
            ],
            "url": "http://www.linuxsecurity.com/advisories/other_advisory-2512.html"
          },
          {
            "name": "apache-modssl-host-xss(10457)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "http://www.iss.net/security_center/static/10457.php"
          },
          {
            "name": "MDKSA-2002:072",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-072.php"
          },
          {
            "name": "20021023 [OpenPKG-SA-2002.010] OpenPKG Security Advisory (apache)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://online.securityfocus.com/archive/1/296753"
          },
          {
            "name": "CLA-2002:541",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000541"
          },
          {
            "name": "RHSA-2002:248",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2002-248.html"
          },
          {
            "name": "RHSA-2002:244",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2002-244.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2002-10-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting vulnerability in the mod_ssl Apache module 2.8.9 and earlier, when UseCanonicalName is off and wildcard DNS is enabled, allows remote attackers to execute script as other web site visitors, via the server name in an HTTPS response on the SSL port, which is used in a self-referencing URL, a different vulnerability than CAN-2002-0840."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2004-08-18T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20021026 GLSA: mod_ssl",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0374.html"
        },
        {
          "name": "RHSA-2002:243",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2002-243.html"
        },
        {
          "name": "6029",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/6029"
        },
        {
          "name": "RHSA-2002:222",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2002-222.html"
        },
        {
          "name": "RHSA-2003:106",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2003-106.html"
        },
        {
          "name": "RHSA-2002:251",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2002-251.html"
        },
        {
          "name": "DSA-181",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2002/dsa-181"
        },
        {
          "name": "2107",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/2107"
        },
        {
          "name": "ESA-20021029-027",
          "tags": [
            "vendor-advisory",
            "x_refsource_ENGARDE"
          ],
          "url": "http://www.linuxsecurity.com/advisories/other_advisory-2512.html"
        },
        {
          "name": "apache-modssl-host-xss(10457)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "http://www.iss.net/security_center/static/10457.php"
        },
        {
          "name": "MDKSA-2002:072",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-072.php"
        },
        {
          "name": "20021023 [OpenPKG-SA-2002.010] OpenPKG Security Advisory (apache)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://online.securityfocus.com/archive/1/296753"
        },
        {
          "name": "CLA-2002:541",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000541"
        },
        {
          "name": "RHSA-2002:248",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2002-248.html"
        },
        {
          "name": "RHSA-2002:244",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2002-244.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-1157",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting vulnerability in the mod_ssl Apache module 2.8.9 and earlier, when UseCanonicalName is off and wildcard DNS is enabled, allows remote attackers to execute script as other web site visitors, via the server name in an HTTPS response on the SSL port, which is used in a self-referencing URL, a different vulnerability than CAN-2002-0840."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20021026 GLSA: mod_ssl",
              "refsource": "BUGTRAQ",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0374.html"
            },
            {
              "name": "RHSA-2002:243",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2002-243.html"
            },
            {
              "name": "6029",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/6029"
            },
            {
              "name": "RHSA-2002:222",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2002-222.html"
            },
            {
              "name": "RHSA-2003:106",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2003-106.html"
            },
            {
              "name": "RHSA-2002:251",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2002-251.html"
            },
            {
              "name": "DSA-181",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2002/dsa-181"
            },
            {
              "name": "2107",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/2107"
            },
            {
              "name": "ESA-20021029-027",
              "refsource": "ENGARDE",
              "url": "http://www.linuxsecurity.com/advisories/other_advisory-2512.html"
            },
            {
              "name": "apache-modssl-host-xss(10457)",
              "refsource": "XF",
              "url": "http://www.iss.net/security_center/static/10457.php"
            },
            {
              "name": "MDKSA-2002:072",
              "refsource": "MANDRAKE",
              "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-072.php"
            },
            {
              "name": "20021023 [OpenPKG-SA-2002.010] OpenPKG Security Advisory (apache)",
              "refsource": "BUGTRAQ",
              "url": "http://online.securityfocus.com/archive/1/296753"
            },
            {
              "name": "CLA-2002:541",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000541"
            },
            {
              "name": "RHSA-2002:248",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2002-248.html"
            },
            {
              "name": "RHSA-2002:244",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2002-244.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2002-1157",
    "datePublished": "2004-09-01T04:00:00",
    "dateReserved": "2002-09-26T00:00:00",
    "dateUpdated": "2024-08-08T03:19:27.695Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2002-1157\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2002-11-04T05:00:00.000\",\"lastModified\":\"2024-11-20T23:40:43.400\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cross-site scripting vulnerability in the mod_ssl Apache module 2.8.9 and earlier, when UseCanonicalName is off and wildcard DNS is enabled, allows remote attackers to execute script as other web site visitors, via the server name in an HTTPS response on the SSL port, which is used in a self-referencing URL, a different vulnerability than CAN-2002-0840.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de scripts en sitios cruzados en el m\u00f3dulo de Apache mod_ssl 2.8.9 y anteriores, cuando UseCanonicalName est\u00e1 desactivado y DNS comod\u00edn est\u00e1 activado, permite a atacantes remotos ejecutar scripts como otros visitantes del sitio web, mediante el nombre del servidor en una respuesta HTTPS en el puerto SSL, usado en una URL que se referencia a s\u00ed misma. Es una vulnerabilidad distinta de CAN-2002-0840.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":true,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mod_ssl:mod_ssl:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.8.9\",\"matchCriteriaId\":\"60B71520-78FD-4935-BC0B-D1F299DD2B11\"}]}]}],\"references\":[{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2002-10/0374.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000541\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://online.securityfocus.com/archive/1/296753\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2002/dsa-181\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.iss.net/security_center/static/10457.php\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-072.php\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.linuxsecurity.com/advisories/other_advisory-2512.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.osvdb.org/2107\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2002-222.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2002-243.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2002-244.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2002-248.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2002-251.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2003-106.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/6029\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2002-10/0374.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000541\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://online.securityfocus.com/archive/1/296753\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2002/dsa-181\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.iss.net/security_center/static/10457.php\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-072.php\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.linuxsecurity.com/advisories/other_advisory-2512.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.osvdb.org/2107\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2002-222.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2002-243.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2002-244.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2002-248.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2002-251.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2003-106.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/6029\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

gsd-2002-1157

Vulnerability from gsd

Modified

2023-12-13 01:24

Details

Aliases

CVE-2002-1157

Aliases

CVE-2002-1157

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2002-1157",
    "description": "Cross-site scripting vulnerability in the mod_ssl Apache module 2.8.9 and earlier, when UseCanonicalName is off and wildcard DNS is enabled, allows remote attackers to execute script as other web site visitors, via the server name in an HTTPS response on the SSL port, which is used in a self-referencing URL, a different vulnerability than CAN-2002-0840.",
    "id": "GSD-2002-1157",
    "references": [
      "https://www.debian.org/security/2002/dsa-181",
      "https://access.redhat.com/errata/RHSA-2003:106",
      "https://access.redhat.com/errata/RHSA-2002:251",
      "https://access.redhat.com/errata/RHSA-2002:248",
      "https://access.redhat.com/errata/RHSA-2002:244",
      "https://access.redhat.com/errata/RHSA-2002:243",
      "https://access.redhat.com/errata/RHSA-2002:222"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2002-1157"
      ],
      "details": "Cross-site scripting vulnerability in the mod_ssl Apache module 2.8.9 and earlier, when UseCanonicalName is off and wildcard DNS is enabled, allows remote attackers to execute script as other web site visitors, via the server name in an HTTPS response on the SSL port, which is used in a self-referencing URL, a different vulnerability than CAN-2002-0840.",
      "id": "GSD-2002-1157",
      "modified": "2023-12-13T01:24:09.824585Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2002-1157",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cross-site scripting vulnerability in the mod_ssl Apache module 2.8.9 and earlier, when UseCanonicalName is off and wildcard DNS is enabled, allows remote attackers to execute script as other web site visitors, via the server name in an HTTPS response on the SSL port, which is used in a self-referencing URL, a different vulnerability than CAN-2002-0840."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20021026 GLSA: mod_ssl",
            "refsource": "BUGTRAQ",
            "url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0374.html"
          },
          {
            "name": "RHSA-2002:243",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2002-243.html"
          },
          {
            "name": "6029",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/6029"
          },
          {
            "name": "RHSA-2002:222",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2002-222.html"
          },
          {
            "name": "RHSA-2003:106",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2003-106.html"
          },
          {
            "name": "RHSA-2002:251",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2002-251.html"
          },
          {
            "name": "DSA-181",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2002/dsa-181"
          },
          {
            "name": "2107",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/2107"
          },
          {
            "name": "ESA-20021029-027",
            "refsource": "ENGARDE",
            "url": "http://www.linuxsecurity.com/advisories/other_advisory-2512.html"
          },
          {
            "name": "apache-modssl-host-xss(10457)",
            "refsource": "XF",
            "url": "http://www.iss.net/security_center/static/10457.php"
          },
          {
            "name": "MDKSA-2002:072",
            "refsource": "MANDRAKE",
            "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-072.php"
          },
          {
            "name": "20021023 [OpenPKG-SA-2002.010] OpenPKG Security Advisory (apache)",
            "refsource": "BUGTRAQ",
            "url": "http://online.securityfocus.com/archive/1/296753"
          },
          {
            "name": "CLA-2002:541",
            "refsource": "CONECTIVA",
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000541"
          },
          {
            "name": "RHSA-2002:248",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2002-248.html"
          },
          {
            "name": "RHSA-2002:244",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2002-244.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:mod_ssl:mod_ssl:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.8.9",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-1157"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cross-site scripting vulnerability in the mod_ssl Apache module 2.8.9 and earlier, when UseCanonicalName is off and wildcard DNS is enabled, allows remote attackers to execute script as other web site visitors, via the server name in an HTTPS response on the SSL port, which is used in a self-referencing URL, a different vulnerability than CAN-2002-0840."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-181",
              "refsource": "DEBIAN",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.debian.org/security/2002/dsa-181"
            },
            {
              "name": "apache-modssl-host-xss(10457)",
              "refsource": "XF",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.iss.net/security_center/static/10457.php"
            },
            {
              "name": "CLA-2002:541",
              "refsource": "CONECTIVA",
              "tags": [],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000541"
            },
            {
              "name": "ESA-20021029-027",
              "refsource": "ENGARDE",
              "tags": [],
              "url": "http://www.linuxsecurity.com/advisories/other_advisory-2512.html"
            },
            {
              "name": "MDKSA-2002:072",
              "refsource": "MANDRAKE",
              "tags": [],
              "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-072.php"
            },
            {
              "name": "RHSA-2002:222",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2002-222.html"
            },
            {
              "name": "RHSA-2002:243",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2002-243.html"
            },
            {
              "name": "RHSA-2002:244",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2002-244.html"
            },
            {
              "name": "RHSA-2002:248",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2002-248.html"
            },
            {
              "name": "RHSA-2002:251",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2002-251.html"
            },
            {
              "name": "RHSA-2003:106",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2003-106.html"
            },
            {
              "name": "20021023 [OpenPKG-SA-2002.010] OpenPKG Security Advisory (apache)",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://online.securityfocus.com/archive/1/296753"
            },
            {
              "name": "20021026 GLSA: mod_ssl",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0374.html"
            },
            {
              "name": "6029",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/6029"
            },
            {
              "name": "2107",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/2107"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": true,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2008-09-05T20:29Z",
      "publishedDate": "2002-11-04T05:00Z"
    }
  }
}

rhsa-2002_243

Vulnerability from csaf_redhat

Published

2002-11-08 11:15

Modified

2024-11-21 22:31

Summary

Red Hat Security Advisory: apache, mod_ssl, php security update for Stronghold

Notes

Topic

Updated versions of the Apache HTTP server, PHP, and mod_ssl are now available which close possible buffer overflows in the Apache HTTP server benchmarking tool, fixes two cross-site scripting vulnerabilities in the error pages, and fix possible local privilege escalation. These updates also fix vulnerabilities in the PHP mail() function that allows script authors to bypass safe mode restrictions, and possibly allow remote attackers to insert arbitrary mail headers and content into messages.

Details

The Apache HTTP server is a powerful, full-featured, efficient, and freely-available Web server. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP server. Buffer overflows in the ApacheBench support program (ab.c) in Apache versions prior to 1.3.27, allow a malicious Web server to cause a denial of service and possibly execute arbitrary code via a long response. The Common Vulnerabilities and Exposures project has assigned the name CAN-2002-0843 to this issue. Two cross-site scripting vulnerabilities are present in the error pages for the default "404 Not Found" error, and for the error response when a plain HTTP request is received on an SSL port. Both of these issues are only exploitable if the "UseCanonicalName" setting has been changed to "Off", and wildcard DNS is in use, and would allow remote attackers to execute scripts as other Web page visitors, for instance, to steal cookies. These issues affect Apache versions 1.3 to 1.3.26, and mod_ssl versions before 2.8.12. The Common Vulnerabilities and Exposures project has assigned the names CAN-2002-0840 and CAN-2002-1157 to these issues. The shared memory scoreboard in the HTTP daemon for Apache 1.3.x, prior to version 1.3.27, allowed a user running as the web server user to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or other such behavior that would not normally be allowed. The Common Vulnerabilities and Exposures project has assigned the name CAN-2002-839 to this issue. The mail function in PHP 4.x to 4.2.2 may allow local script authors to bypass safe mode restrictions and modify command line arguments to the MTA (such as Sendmail) in the fifth argument to mail(), altering MTA behavior and possibly executing arbitrary local commands. The Common Vulnerabilities and Exposures project has assigned the name CAN-2002-0985 to this issue. The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy". The Common Vulnerabilities and Exposures project has assigned the name CAN-2002-0986 to this issue. Stronghold contains Apache 1.3.22, mod_ssl 2.8.7, and PHP 4.1.2, and is therefore vulnerable to these issues. Users of Stronghold are advised to patch or upgrade their servers.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated versions of the Apache HTTP server, PHP, and mod_ssl are now\navailable which close possible buffer overflows in the Apache HTTP server\nbenchmarking tool, fixes two cross-site scripting vulnerabilities in the\nerror pages, and fix possible local privilege escalation.  These updates\nalso fix vulnerabilities in the PHP mail() function that allows script\nauthors to bypass safe mode restrictions, and possibly allow remote\nattackers to insert arbitrary mail headers and content into messages.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The Apache HTTP server is a powerful, full-featured, efficient, and\nfreely-available Web server.  PHP is an HTML-embedded scripting language\ncommonly used with the Apache HTTP server.\n\nBuffer overflows in the ApacheBench support program (ab.c) in Apache\nversions prior to 1.3.27, allow a malicious Web server to cause a denial of\nservice and possibly execute arbitrary code via a long response.  The\nCommon Vulnerabilities and Exposures project has assigned the name\nCAN-2002-0843 to this issue.\n\nTwo cross-site scripting vulnerabilities are present in the error pages\nfor the default \"404 Not Found\" error, and for the error response when a\nplain HTTP request is received on an SSL port.  Both of these issues are\nonly exploitable if the \"UseCanonicalName\" setting has been changed to\n\"Off\", and wildcard DNS is in use, and would allow remote attackers\nto execute scripts as other Web page visitors, for instance, to steal\ncookies.  These issues affect Apache versions 1.3 to 1.3.26,\nand mod_ssl versions before 2.8.12.  The Common Vulnerabilities and\nExposures project has assigned the names CAN-2002-0840 and\nCAN-2002-1157 to these issues.\n\nThe shared memory scoreboard in the HTTP daemon for Apache 1.3.x, prior to\nversion 1.3.27, allowed a user running as the web server user to send a\nSIGUSR1 signal to any process as root, resulting in a denial of service\n(process kill) or other such behavior that would not normally be allowed. \nThe Common Vulnerabilities and Exposures project has assigned the name\nCAN-2002-839 to this issue.\n\nThe mail function in PHP 4.x to 4.2.2 may allow local script authors to\nbypass safe mode restrictions and modify command line arguments to the\nMTA (such as Sendmail) in the fifth argument to mail(), altering MTA\nbehavior and possibly executing arbitrary local commands. The Common\nVulnerabilities and Exposures project has assigned the name CAN-2002-0985\nto this issue.\n\nThe mail function in PHP 4.x to 4.2.2 does not filter ASCII control\ncharacters from its arguments, which could allow remote attackers to\nmodify mail message content, including mail headers, and possibly use\nPHP as a \"spam proxy\". The Common Vulnerabilities and Exposures project has\nassigned the name CAN-2002-0986 to this issue.\n\nStronghold contains Apache 1.3.22, mod_ssl 2.8.7, and PHP 4.1.2, and\nis therefore vulnerable to these issues. Users of Stronghold are advised to\npatch or upgrade their servers.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2002:243",
        "url": "https://access.redhat.com/errata/RHSA-2002:243"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "http://www.apacheweek.com/issues/02-10-04",
        "url": "http://www.apacheweek.com/issues/02-10-04"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2002/rhsa-2002_243.json"
      }
    ],
    "title": "Red Hat Security Advisory: apache, mod_ssl, php security update for Stronghold",
    "tracking": {
      "current_release_date": "2024-11-21T22:31:21+00:00",
      "generator": {
        "date": "2024-11-21T22:31:21+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2002:243",
      "initial_release_date": "2002-11-08T11:15:00+00:00",
      "revision_history": [
        {
          "date": "2002-11-08T11:15:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2002-10-07T00:00:00+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-21T22:31:21+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Stronghold 3",
                "product": {
                  "name": "Red Hat Stronghold 3",
                  "product_id": "Red Hat Stronghold 3",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:stronghold:3"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Stronghold Cross Platform"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2002-0839",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616822"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent[].pid and parent[].last_rtime segments in the scoreboard.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Stronghold 3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0839"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616822",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616822"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0839",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0839"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0839",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0839"
        }
      ],
      "release_date": "2002-10-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2002-11-08T11:15:00+00:00",
          "details": "Backported fixes are available for the versions of Apache, mod_ssl, and PHP\nincluded in Stronghold 3.  Stronghold 3 build code 3020 is now available\nwhich includes this fix, and can be downloaded from the following URL:\n\nhttp://stronghold.redhat.com/sh3/\n\nFor information on how to upgrade between releases of Stronghold 3, refer\nto the following URL:\n\nhttp://stronghold.redhat.com/support/upgrade-sh3.xml",
          "product_ids": [
            "Red Hat Stronghold 3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2002:243"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2002-0840",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616823"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is \"Off\" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header, a different vulnerability than CAN-2002-1157.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Stronghold 3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0840"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616823",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616823"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0840",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0840"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0840",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0840"
        }
      ],
      "release_date": "2002-10-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2002-11-08T11:15:00+00:00",
          "details": "Backported fixes are available for the versions of Apache, mod_ssl, and PHP\nincluded in Stronghold 3.  Stronghold 3 build code 3020 is now available\nwhich includes this fix, and can be downloaded from the following URL:\n\nhttp://stronghold.redhat.com/sh3/\n\nFor information on how to upgrade between releases of Stronghold 3, refer\nto the following URL:\n\nhttp://stronghold.redhat.com/support/upgrade-sh3.xml",
          "product_ids": [
            "Red Hat Stronghold 3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2002:243"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2002-0843",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616824"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Buffer overflows in the ApacheBench benchmark support program (ab.c) in Apache before 1.3.27, and Apache 2.x before 2.0.43, allow a malicious web server to cause a denial of service and possibly execute arbitrary code via a long response.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Stronghold 3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0843"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616824",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616824"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0843",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0843"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0843",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0843"
        }
      ],
      "release_date": "2002-10-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2002-11-08T11:15:00+00:00",
          "details": "Backported fixes are available for the versions of Apache, mod_ssl, and PHP\nincluded in Stronghold 3.  Stronghold 3 build code 3020 is now available\nwhich includes this fix, and can be downloaded from the following URL:\n\nhttp://stronghold.redhat.com/sh3/\n\nFor information on how to upgrade between releases of Stronghold 3, refer\nto the following URL:\n\nhttp://stronghold.redhat.com/support/upgrade-sh3.xml",
          "product_ids": [
            "Red Hat Stronghold 3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2002:243"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2002-0985",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616833"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail(), altering MTA behavior and possibly executing commands.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Stronghold 3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0985"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616833",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616833"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0985",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0985"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0985",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0985"
        }
      ],
      "release_date": "2002-08-23T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2002-11-08T11:15:00+00:00",
          "details": "Backported fixes are available for the versions of Apache, mod_ssl, and PHP\nincluded in Stronghold 3.  Stronghold 3 build code 3020 is now available\nwhich includes this fix, and can be downloaded from the following URL:\n\nhttp://stronghold.redhat.com/sh3/\n\nFor information on how to upgrade between releases of Stronghold 3, refer\nto the following URL:\n\nhttp://stronghold.redhat.com/support/upgrade-sh3.xml",
          "product_ids": [
            "Red Hat Stronghold 3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2002:243"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2002-0986",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616834"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a \"spam proxy.\"",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Stronghold 3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0986"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616834",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616834"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0986",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0986"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0986",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0986"
        }
      ],
      "release_date": "2002-08-23T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2002-11-08T11:15:00+00:00",
          "details": "Backported fixes are available for the versions of Apache, mod_ssl, and PHP\nincluded in Stronghold 3.  Stronghold 3 build code 3020 is now available\nwhich includes this fix, and can be downloaded from the following URL:\n\nhttp://stronghold.redhat.com/sh3/\n\nFor information on how to upgrade between releases of Stronghold 3, refer\nto the following URL:\n\nhttp://stronghold.redhat.com/support/upgrade-sh3.xml",
          "product_ids": [
            "Red Hat Stronghold 3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2002:243"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2002-1157",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616849"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Cross-site scripting vulnerability in the mod_ssl Apache module 2.8.9 and earlier, when UseCanonicalName is off and wildcard DNS is enabled, allows remote attackers to execute script as other web site visitors, via the server name in an HTTPS response on the SSL port, which is used in a self-referencing URL, a different vulnerability than CAN-2002-0840.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Stronghold 3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-1157"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616849",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616849"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-1157",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-1157"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-1157",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-1157"
        }
      ],
      "release_date": "2002-10-22T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2002-11-08T11:15:00+00:00",
          "details": "Backported fixes are available for the versions of Apache, mod_ssl, and PHP\nincluded in Stronghold 3.  Stronghold 3 build code 3020 is now available\nwhich includes this fix, and can be downloaded from the following URL:\n\nhttp://stronghold.redhat.com/sh3/\n\nFor information on how to upgrade between releases of Stronghold 3, refer\nto the following URL:\n\nhttp://stronghold.redhat.com/support/upgrade-sh3.xml",
          "product_ids": [
            "Red Hat Stronghold 3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2002:243"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "security flaw"
    }
  ]
}

rhsa-2002_248

Vulnerability from csaf_redhat

Published

2002-11-07 17:42

Modified

2024-11-21 22:31

Summary

Red Hat Security Advisory: apache, mod_ssl, php security update for Stronghold

Notes

Topic

Details

The Apache HTTP server is a powerful, full-featured, efficient, and freely-available Web server. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP server. Buffer overflows in the ApacheBench support program (ab.c) in Apache versions prior to 1.3.27, allow a malicious Web server to cause a denial of service and possibly execute arbitrary code via a long response. The Common Vulnerabilities and Exposures project has assigned the name CAN-2002-0843 to this issue. Two cross-site scripting vulnerabilities are present in the error pages for the default "404 Not Found" error, and for the error response when a plain HTTP request is received on an SSL port. Both of these issues are only exploitable if the "UseCanonicalName" setting has been changed to "Off", and wildcard DNS is in use, and would allow remote attackers to execute scripts as other Web page visitors, for instance, to steal cookies. These issues affect Apache versions 1.3 to 1.3.26, and mod_ssl versions before 2.8.12. The Common Vulnerabilities and Exposures project has assigned the names CAN-2002-0840 and CAN-2002-1157 to these issues. The shared memory scoreboard in the HTTP daemon for Apache 1.3.x, prior to version 1.3.27, allowed a user running as the web server user to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or other such behavior that would not normally be allowed. The Common Vulnerabilities and Exposures project has assigned the name CAN-2002-839 to this issue. The mail function in PHP 4.x to 4.2.2 may allow local script authors to bypass safe mode restrictions and modify command line arguments to the MTA (such as Sendmail) in the fifth argument to mail(), altering MTA behavior and possibly executing arbitrary local commands. The Common Vulnerabilities and Exposures project has assigned the name CAN-2002-0985 to this issue. The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy". The Common Vulnerabilities and Exposures project has assigned the name CAN-2002-0986 to this issue. Stronghold 4 contains Apache 1.3.22, mod_ssl 2.8.7, and PHP 4.1.2, and is therefore vulnerable to these issues. Users of Stronghold are advised to patch or upgrade their servers.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated versions of the Apache HTTP server, PHP, and mod_ssl are now\navailable which close possible buffer overflows in the Apache HTTP server\nbenchmarking tool, fixes two cross-site scripting vulnerabilities in the\nerror pages, and fix possible local privilege escalation.  These updates\nalso fix vulnerabilities in the PHP mail() function that allows script\nauthors to bypass safe mode restrictions, and possibly allow remote\nattackers to insert arbitrary mail headers and content into messages.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The Apache HTTP server is a powerful, full-featured, efficient, and\nfreely-available Web server.  PHP is an HTML-embedded scripting language\ncommonly used with the Apache HTTP server.\n\nBuffer overflows in the ApacheBench support program (ab.c) in Apache\nversions prior to 1.3.27, allow a malicious Web server to cause a denial of\nservice and possibly execute arbitrary code via a long response.  The\nCommon Vulnerabilities and Exposures project has assigned the name\nCAN-2002-0843 to this issue.\n\nTwo cross-site scripting vulnerabilities are present in the error pages\nfor the default \"404 Not Found\" error, and for the error response when a\nplain HTTP request is received on an SSL port.  Both of these issues are\nonly exploitable if the \"UseCanonicalName\" setting has been changed to\n\"Off\", and wildcard DNS is in use, and would allow remote attackers\nto execute scripts as other Web page visitors, for instance, to steal\ncookies.  These issues affect Apache versions 1.3 to 1.3.26,\nand mod_ssl versions before 2.8.12.  The Common Vulnerabilities and\nExposures project has assigned the names CAN-2002-0840 and\nCAN-2002-1157 to these issues.\n\nThe shared memory scoreboard in the HTTP daemon for Apache 1.3.x, prior to\nversion 1.3.27, allowed a user running as the web server user to send a\nSIGUSR1 signal to any process as root, resulting in a denial of service\n(process kill) or other such behavior that would not normally be allowed. \nThe Common Vulnerabilities and Exposures project has assigned the name\nCAN-2002-839 to this issue.\n\nThe mail function in PHP 4.x to 4.2.2 may allow local script authors to\nbypass safe mode restrictions and modify command line arguments to the\nMTA (such as Sendmail) in the fifth argument to mail(), altering MTA\nbehavior and possibly executing arbitrary local commands. The Common\nVulnerabilities and Exposures project has assigned the name CAN-2002-0985\nto this issue.\n\nThe mail function in PHP 4.x to 4.2.2 does not filter ASCII control\ncharacters from its arguments, which could allow remote attackers to\nmodify mail message content, including mail headers, and possibly use\nPHP as a \"spam proxy\". The Common Vulnerabilities and Exposures project has\nassigned the name CAN-2002-0986 to this issue.\n\nStronghold 4 contains Apache 1.3.22, mod_ssl 2.8.7, and PHP 4.1.2, and\nis therefore vulnerable to these issues. Users of Stronghold are advised to\npatch or upgrade their servers.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2002:248",
        "url": "https://access.redhat.com/errata/RHSA-2002:248"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "http://www.apacheweek.com/issues/02-10-04",
        "url": "http://www.apacheweek.com/issues/02-10-04"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2002/rhsa-2002_248.json"
      }
    ],
    "title": "Red Hat Security Advisory: apache, mod_ssl, php security update for Stronghold",
    "tracking": {
      "current_release_date": "2024-11-21T22:31:28+00:00",
      "generator": {
        "date": "2024-11-21T22:31:28+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2002:248",
      "initial_release_date": "2002-11-07T17:42:00+00:00",
      "revision_history": [
        {
          "date": "2002-11-07T17:42:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2002-10-07T00:00:00+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-21T22:31:28+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Stronghold 4 for Red Hat Enterprise Linux",
                "product": {
                  "name": "Stronghold 4 for Red Hat Enterprise Linux",
                  "product_id": "Stronghold 4 for Red Hat Enterprise Linux",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_stronghold:4"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Stronghold 4.0 for Red Hat Advanced Server"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2002-0839",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616822"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent[].pid and parent[].last_rtime segments in the scoreboard.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Stronghold 4 for Red Hat Enterprise Linux"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0839"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616822",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616822"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0839",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0839"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0839",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0839"
        }
      ],
      "release_date": "2002-10-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2002-11-07T17:42:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade.  Only those\nRPMs which are currently installed will be updated.  Those RPMs which are\nnot installed but included in the list will not be updated.  Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network.  Many\npeople find this an easier way to apply updates.  To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
          "product_ids": [
            "Stronghold 4 for Red Hat Enterprise Linux"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2002:248"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2002-0840",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616823"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is \"Off\" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header, a different vulnerability than CAN-2002-1157.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Stronghold 4 for Red Hat Enterprise Linux"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0840"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616823",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616823"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0840",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0840"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0840",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0840"
        }
      ],
      "release_date": "2002-10-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2002-11-07T17:42:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade.  Only those\nRPMs which are currently installed will be updated.  Those RPMs which are\nnot installed but included in the list will not be updated.  Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network.  Many\npeople find this an easier way to apply updates.  To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
          "product_ids": [
            "Stronghold 4 for Red Hat Enterprise Linux"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2002:248"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2002-0843",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616824"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Buffer overflows in the ApacheBench benchmark support program (ab.c) in Apache before 1.3.27, and Apache 2.x before 2.0.43, allow a malicious web server to cause a denial of service and possibly execute arbitrary code via a long response.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Stronghold 4 for Red Hat Enterprise Linux"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0843"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616824",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616824"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0843",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0843"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0843",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0843"
        }
      ],
      "release_date": "2002-10-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2002-11-07T17:42:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade.  Only those\nRPMs which are currently installed will be updated.  Those RPMs which are\nnot installed but included in the list will not be updated.  Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network.  Many\npeople find this an easier way to apply updates.  To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
          "product_ids": [
            "Stronghold 4 for Red Hat Enterprise Linux"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2002:248"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2002-0985",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616833"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail(), altering MTA behavior and possibly executing commands.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Stronghold 4 for Red Hat Enterprise Linux"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0985"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616833",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616833"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0985",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0985"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0985",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0985"
        }
      ],
      "release_date": "2002-08-23T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2002-11-07T17:42:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade.  Only those\nRPMs which are currently installed will be updated.  Those RPMs which are\nnot installed but included in the list will not be updated.  Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network.  Many\npeople find this an easier way to apply updates.  To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
          "product_ids": [
            "Stronghold 4 for Red Hat Enterprise Linux"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2002:248"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2002-0986",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616834"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a \"spam proxy.\"",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Stronghold 4 for Red Hat Enterprise Linux"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0986"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616834",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616834"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0986",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0986"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0986",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0986"
        }
      ],
      "release_date": "2002-08-23T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2002-11-07T17:42:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade.  Only those\nRPMs which are currently installed will be updated.  Those RPMs which are\nnot installed but included in the list will not be updated.  Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network.  Many\npeople find this an easier way to apply updates.  To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
          "product_ids": [
            "Stronghold 4 for Red Hat Enterprise Linux"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2002:248"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2002-1157",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616849"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Cross-site scripting vulnerability in the mod_ssl Apache module 2.8.9 and earlier, when UseCanonicalName is off and wildcard DNS is enabled, allows remote attackers to execute script as other web site visitors, via the server name in an HTTPS response on the SSL port, which is used in a self-referencing URL, a different vulnerability than CAN-2002-0840.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Stronghold 4 for Red Hat Enterprise Linux"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-1157"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616849",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616849"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-1157",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-1157"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-1157",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-1157"
        }
      ],
      "release_date": "2002-10-22T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2002-11-07T17:42:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade.  Only those\nRPMs which are currently installed will be updated.  Those RPMs which are\nnot installed but included in the list will not be updated.  Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network.  Many\npeople find this an easier way to apply updates.  To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
          "product_ids": [
            "Stronghold 4 for Red Hat Enterprise Linux"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2002:248"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "security flaw"
    }
  ]
}

rhsa-2002_251

Vulnerability from csaf_redhat

Published

2003-01-09 20:10

Modified

2024-11-21 22:31

Summary

Red Hat Security Advisory: apache security update

Notes

Topic

Updated apache and httpd packages are available which fix a number of security issues for Red Hat Linux Advanced Server 2.1. [Updated 06 Feb 2003] Added fixed packages for Advanced Workstation 2.1

Details

The Apache HTTP server is a powerful, full-featured, efficient, and freely-available Web server. Buffer overflows in the ApacheBench support program (ab.c) in Apache versions prior to 1.3.27 allow a malicious Web server to cause a denial of service and possibly execute arbitrary code via a long response. The Common Vulnerabilities and Exposures project has assigned the name CAN-2002-0843 to this issue. Two cross-site scripting vulnerabilities are present in the error pages for the default "404 Not Found" error, and for the error response when a plain HTTP request is received on an SSL port. Both of these issues are only exploitable if the "UseCanonicalName" setting has been changed to "Off", and wildcard DNS is in use. These issues would allow remote attackers to execute scripts as other Web page visitors, for instance, to steal cookies. These issues affect versions of Apache 1.3 before 1.3.26, and versions of mod_ssl before 2.8.12. The Common Vulnerabilities and Exposures project has assigned the names CAN-2002-0840 and CAN-2002-1157 to these issues. The shared memory scoreboard in the HTTP daemon for Apache 1.3, prior to version 1.3.27, allowed a user running as the "apache" UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or other such behavior that would not normally be allowed. The Common Vulnerabilities and Exposures project has assigned the name CAN-2002-0839 to this issue. All users of the Apache HTTP server are advised to upgrade to the applicable errata packages. For Red Hat Linux Advanced Server 2.1 these packages include Apache version 1.3.27 which is not vulnerable to these issues. Note that the instructions in the "Solution" section of this errata contain additional steps required to complete the upgrade process.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated apache and httpd packages are available which fix a number of\nsecurity issues for Red Hat Linux Advanced Server 2.1.\n\n[Updated 06 Feb 2003]\nAdded fixed packages for Advanced Workstation 2.1",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The Apache HTTP server is a powerful, full-featured, efficient, and\nfreely-available Web server.\n\nBuffer overflows in the ApacheBench support program (ab.c) in Apache\nversions prior to 1.3.27 allow a malicious Web server to cause a denial of\nservice and possibly execute arbitrary code via a long response.  The\nCommon Vulnerabilities and Exposures project has assigned the name\nCAN-2002-0843 to this issue.\n\nTwo cross-site scripting vulnerabilities are present in the error pages\nfor the default \"404 Not Found\" error, and for the error response when a\nplain HTTP request is received on an SSL port. Both of these issues are\nonly exploitable if the \"UseCanonicalName\" setting has been changed to\n\"Off\", and wildcard DNS is in use.  These issues would allow remote\nattackers to execute scripts as other Web page visitors, for instance, to\nsteal cookies. These issues affect versions of Apache 1.3 before 1.3.26,\nand versions of mod_ssl before 2.8.12. The Common Vulnerabilities and\nExposures project has assigned the names CAN-2002-0840 and CAN-2002-1157 to\nthese issues.\n\nThe shared memory scoreboard in the HTTP daemon for Apache 1.3, prior to\nversion 1.3.27, allowed a user running as the \"apache\" UID to send a\nSIGUSR1 signal to any process as root, resulting in a denial of service\n(process kill) or other such behavior that would not normally be allowed. \nThe Common Vulnerabilities and Exposures project has assigned the name\nCAN-2002-0839 to this issue. \n\nAll users of the Apache HTTP server are advised to upgrade to the\napplicable errata packages.  For Red Hat Linux Advanced Server 2.1 these\npackages include Apache version 1.3.27 which is not vulnerable to\nthese issues.\n\nNote that the instructions in the \"Solution\" section of this errata contain\nadditional steps required to complete the upgrade process.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2002:251",
        "url": "https://access.redhat.com/errata/RHSA-2002:251"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "http://www.apacheweek.com/issues/02-10-04",
        "url": "http://www.apacheweek.com/issues/02-10-04"
      },
      {
        "category": "external",
        "summary": "77317",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=77317"
      },
      {
        "category": "external",
        "summary": "77318",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=77318"
      },
      {
        "category": "external",
        "summary": "77338",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=77338"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2002_251.json"
      }
    ],
    "title": "Red Hat Security Advisory: apache security update",
    "tracking": {
      "current_release_date": "2024-11-21T22:31:31+00:00",
      "generator": {
        "date": "2024-11-21T22:31:31+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2002:251",
      "initial_release_date": "2003-01-09T20:10:00+00:00",
      "revision_history": [
        {
          "date": "2003-01-09T20:10:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2002-10-07T00:00:00+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-21T22:31:31+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
                "product": {
                  "name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
                  "product_id": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:2.1::as"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Linux Advanced Workstation 2.1",
                "product": {
                  "name": "Red Hat Linux Advanced Workstation 2.1",
                  "product_id": "Red Hat Linux Advanced Workstation 2.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:2.1::aw"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Advanced Products"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2002-0839",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616822"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent[].pid and parent[].last_rtime segments in the scoreboard.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
          "Red Hat Linux Advanced Workstation 2.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0839"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616822",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616822"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0839",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0839"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0839",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0839"
        }
      ],
      "release_date": "2002-10-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2003-01-09T20:10:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nPlease note that this update is available via Red Hat Network.  To use Red\nHat Network, launch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.\n\nAfter the errata packages are installed, restart the Web service by running\nthe following command:\n\n/sbin/service httpd restart",
          "product_ids": [
            "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
            "Red Hat Linux Advanced Workstation 2.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2002:251"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2002-0840",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616823"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is \"Off\" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header, a different vulnerability than CAN-2002-1157.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
          "Red Hat Linux Advanced Workstation 2.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0840"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616823",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616823"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0840",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0840"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0840",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0840"
        }
      ],
      "release_date": "2002-10-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2003-01-09T20:10:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nPlease note that this update is available via Red Hat Network.  To use Red\nHat Network, launch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.\n\nAfter the errata packages are installed, restart the Web service by running\nthe following command:\n\n/sbin/service httpd restart",
          "product_ids": [
            "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
            "Red Hat Linux Advanced Workstation 2.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2002:251"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2002-0843",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616824"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Buffer overflows in the ApacheBench benchmark support program (ab.c) in Apache before 1.3.27, and Apache 2.x before 2.0.43, allow a malicious web server to cause a denial of service and possibly execute arbitrary code via a long response.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
          "Red Hat Linux Advanced Workstation 2.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0843"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616824",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616824"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0843",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0843"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0843",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0843"
        }
      ],
      "release_date": "2002-10-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2003-01-09T20:10:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nPlease note that this update is available via Red Hat Network.  To use Red\nHat Network, launch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.\n\nAfter the errata packages are installed, restart the Web service by running\nthe following command:\n\n/sbin/service httpd restart",
          "product_ids": [
            "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
            "Red Hat Linux Advanced Workstation 2.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2002:251"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2002-1157",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616849"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Cross-site scripting vulnerability in the mod_ssl Apache module 2.8.9 and earlier, when UseCanonicalName is off and wildcard DNS is enabled, allows remote attackers to execute script as other web site visitors, via the server name in an HTTPS response on the SSL port, which is used in a self-referencing URL, a different vulnerability than CAN-2002-0840.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
          "Red Hat Linux Advanced Workstation 2.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-1157"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616849",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616849"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-1157",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-1157"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-1157",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-1157"
        }
      ],
      "release_date": "2002-10-22T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2003-01-09T20:10:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nPlease note that this update is available via Red Hat Network.  To use Red\nHat Network, launch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.\n\nAfter the errata packages are installed, restart the Web service by running\nthe following command:\n\n/sbin/service httpd restart",
          "product_ids": [
            "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
            "Red Hat Linux Advanced Workstation 2.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2002:251"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "security flaw"
    }
  ]
}

rhsa-2003_106

Vulnerability from csaf_redhat

Published

2003-04-22 15:13

Modified

2024-11-21 22:31

Summary

Red Hat Security Advisory: : : : Updated apache and mod_ssl packages available

Notes

Topic

Updated Apache and mod_ssl packages which fix a number of security issues are now available for iSeries and pSeries systems.

Details

The Apache HTTP Web Server is a secure, efficient, and extensible web server. This erratum provides updated Apache and mod_ssl packages for iSeries and pSeries that correct a number of security issues: Versions of the Apache Web server up to and including 1.3.24 contain a bug in the routines which deal with requests using "chunked" encoding. A carefully crafted invalid request can cause an Apache child process to call the memcpy() function in a way that will write past the end of its buffer, corrupting the stack. On some platforms this can be remotely exploited -- allowing arbitrary code to be run on the server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2002-0392 to this issue. Buffer overflows in the ApacheBench support program (ab.c) in Apache versions prior to 1.3.27, and Apache versions 2.x prior to 2.0.43, allow a malicious Web server to cause a denial of service (DoS) and possibly execute arbitrary code via a long response. (CAN-2002-0843) Two cross-site scripting (XSS) vulnerabilities are present in the error pages for the default "404 Not Found" error and for the error response when a plain HTTP request is received on an SSL port. Both of these issues are only exploitable if the "UseCanonicalName" setting has been changed to "Off" and wildcard DNS is in use. These issues could allow remote attackers to execute scripts as other webpage visitors, for instance, to steal cookies. These issues affect versions of Apache 1.3 before 1.3.26, versions of Apache 2.0 before 2.0.43, and versions of mod_ssl before 2.8.12. (CAN-2002-0840, CAN-2002-1157) The mod_ssl module provides strong cryptography for the Apache Web server via the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. Versions of mod_ssl prior to 2.8.10 are subject to a single NULL overflow that can cause arbitrary code execution. (CAN-2002-0653) The shared memory scoreboard in the HTTP daemon for Apache 1.3, prior to version 1.3.27, allows a user running as the "apache" UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or other such behavior that would not normally be allowed. (CAN-2002-0839). After the updated packages are installed, restart the httpd service by running the following command: /sbin/service httpd restart

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated Apache and mod_ssl packages which fix a number of security issues\nare now available for iSeries and pSeries systems.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The Apache HTTP Web Server is a secure, efficient, and extensible web\nserver.  This erratum provides updated Apache and mod_ssl packages for\niSeries and pSeries that correct a number of security issues:\n\nVersions of the Apache Web server up to and including 1.3.24 contain a bug\nin the routines which deal with requests using \"chunked\" encoding.\nA carefully crafted invalid request can cause an Apache child process to\ncall the memcpy() function in a way that will write past the end of its\nbuffer, corrupting the stack. On some platforms this can be remotely\nexploited -- allowing arbitrary code to be run on the server. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\nCAN-2002-0392 to this issue.\n\nBuffer overflows in the ApacheBench support program (ab.c) in Apache\nversions prior to 1.3.27, and Apache versions 2.x prior to 2.0.43, allow a\nmalicious Web server to cause a denial of service (DoS) and possibly\nexecute arbitrary code via a long response. (CAN-2002-0843)\n\nTwo cross-site scripting (XSS) vulnerabilities are present in the error\npages for the default \"404 Not Found\" error and for the error response\nwhen a plain HTTP request is received on an SSL port. Both of these issues\nare only exploitable if the \"UseCanonicalName\" setting has been changed to\n\"Off\" and wildcard DNS is in use. These issues could allow remote\nattackers to execute scripts as other webpage visitors, for instance, to\nsteal cookies. These issues affect versions of Apache 1.3 before 1.3.26,\nversions of Apache 2.0 before 2.0.43, and versions of mod_ssl before\n2.8.12. (CAN-2002-0840, CAN-2002-1157)\n\nThe mod_ssl module provides strong cryptography for the Apache Web\nserver via the Secure Sockets Layer (SSL) and Transport Layer Security\n(TLS) protocols. Versions of mod_ssl prior to 2.8.10 are subject to a\nsingle NULL overflow that can cause arbitrary code execution.  (CAN-2002-0653)\n\nThe shared memory scoreboard in the HTTP daemon for Apache 1.3, prior to\nversion 1.3.27, allows a user running as the \"apache\" UID to send a\nSIGUSR1 signal to any process as root, resulting in a denial of service\n(process kill) or other such behavior that would not normally be allowed. \n(CAN-2002-0839). \n\nAfter the updated packages are installed, restart the httpd service by\nrunning the following command:\n\n/sbin/service httpd restart",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2003:106",
        "url": "https://access.redhat.com/errata/RHSA-2003:106"
      },
      {
        "category": "external",
        "summary": "http://httpd.apache.org/info/security_bulletin_20020620.txt",
        "url": "http://httpd.apache.org/info/security_bulletin_20020620.txt"
      },
      {
        "category": "external",
        "summary": "http://www.apacheweek.com/issues/02-06-21#security",
        "url": "http://www.apacheweek.com/issues/02-06-21#security"
      },
      {
        "category": "external",
        "summary": "http://marc.theaimsgroup.com/?l=apache-modssl\u0026m=102491918531562",
        "url": "http://marc.theaimsgroup.com/?l=apache-modssl\u0026m=102491918531562"
      },
      {
        "category": "external",
        "summary": "http://www.apacheweek.com/issues/02-10-04",
        "url": "http://www.apacheweek.com/issues/02-10-04"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_106.json"
      }
    ],
    "title": "Red Hat Security Advisory: : : : Updated apache and mod_ssl packages available",
    "tracking": {
      "current_release_date": "2024-11-21T22:31:34+00:00",
      "generator": {
        "date": "2024-11-21T22:31:34+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2003:106",
      "initial_release_date": "2003-04-22T15:13:00+00:00",
      "revision_history": [
        {
          "date": "2003-04-22T15:13:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2003-04-22T00:00:00+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-21T22:31:34+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Linux 7.1",
                "product": {
                  "name": "Red Hat Linux 7.1",
                  "product_id": "Red Hat Linux 7.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:linux:7.1"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Linux"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2002-0392",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616772"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Linux 7.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0392"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616772",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616772"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0392",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0392"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0392",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0392"
        }
      ],
      "release_date": "2002-06-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2003-04-22T15:13:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade.  Only those\nRPMs which are currently installed will be updated.  Those RPMs which are\nnot installed but included in the list will not be updated.  Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network.  Many\npeople find this an easier way to apply updates.  To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
          "product_ids": [
            "Red Hat Linux 7.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2003:106"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2002-0653",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616786"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Off-by-one buffer overflow in the ssl_compat_directive function, as called by the rewrite_command hook for mod_ssl Apache module 2.8.9 and earlier, allows local users to execute arbitrary code as the Apache server user via .htaccess files with long entries.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Linux 7.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0653"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616786",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616786"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0653",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0653"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0653",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0653"
        }
      ],
      "release_date": "2002-06-24T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2003-04-22T15:13:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade.  Only those\nRPMs which are currently installed will be updated.  Those RPMs which are\nnot installed but included in the list will not be updated.  Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network.  Many\npeople find this an easier way to apply updates.  To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
          "product_ids": [
            "Red Hat Linux 7.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2003:106"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2002-0839",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616822"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent[].pid and parent[].last_rtime segments in the scoreboard.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Linux 7.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0839"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616822",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616822"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0839",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0839"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0839",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0839"
        }
      ],
      "release_date": "2002-10-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2003-04-22T15:13:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade.  Only those\nRPMs which are currently installed will be updated.  Those RPMs which are\nnot installed but included in the list will not be updated.  Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network.  Many\npeople find this an easier way to apply updates.  To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
          "product_ids": [
            "Red Hat Linux 7.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2003:106"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2002-0840",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616823"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is \"Off\" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header, a different vulnerability than CAN-2002-1157.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Linux 7.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0840"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616823",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616823"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0840",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0840"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0840",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0840"
        }
      ],
      "release_date": "2002-10-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2003-04-22T15:13:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade.  Only those\nRPMs which are currently installed will be updated.  Those RPMs which are\nnot installed but included in the list will not be updated.  Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network.  Many\npeople find this an easier way to apply updates.  To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
          "product_ids": [
            "Red Hat Linux 7.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2003:106"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2002-0843",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616824"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Buffer overflows in the ApacheBench benchmark support program (ab.c) in Apache before 1.3.27, and Apache 2.x before 2.0.43, allow a malicious web server to cause a denial of service and possibly execute arbitrary code via a long response.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Linux 7.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0843"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616824",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616824"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0843",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0843"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0843",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0843"
        }
      ],
      "release_date": "2002-10-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2003-04-22T15:13:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade.  Only those\nRPMs which are currently installed will be updated.  Those RPMs which are\nnot installed but included in the list will not be updated.  Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network.  Many\npeople find this an easier way to apply updates.  To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
          "product_ids": [
            "Red Hat Linux 7.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2003:106"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2002-1157",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616849"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Cross-site scripting vulnerability in the mod_ssl Apache module 2.8.9 and earlier, when UseCanonicalName is off and wildcard DNS is enabled, allows remote attackers to execute script as other web site visitors, via the server name in an HTTPS response on the SSL port, which is used in a self-referencing URL, a different vulnerability than CAN-2002-0840.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Linux 7.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-1157"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616849",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616849"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-1157",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-1157"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-1157",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-1157"
        }
      ],
      "release_date": "2002-10-22T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2003-04-22T15:13:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade.  Only those\nRPMs which are currently installed will be updated.  Those RPMs which are\nnot installed but included in the list will not be updated.  Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network.  Many\npeople find this an easier way to apply updates.  To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
          "product_ids": [
            "Red Hat Linux 7.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2003:106"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "security flaw"
    }
  ]
}

rhsa-2002_244

Vulnerability from csaf_redhat

Published

2002-11-08 11:15

Modified

2024-11-21 22:31

Summary

Red Hat Security Advisory: apache, mod_ssl, php security update for Stronghold

Notes

Topic

Updated versions of the Apache HTTP server, PHP, and mod_ssl are now available which close possible buffer overflows in the Apache HTTP server benchmarking tool, fix two cross-site scripting vulnerabilities in the error pages, and fix possible local privilege escalation. These updates also fix vulnerabilities in the PHP mail() function that allows script authors to bypass safe mode restrictions, and possibly allow remote attackers to insert arbitrary mail headers and content into messages.

Details

The Apache HTTP server is a powerful, full-featured, efficient, and freely-available Web server. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP server. Buffer overflows in the ApacheBench support program (ab.c) in Apache versions prior to 1.3.27 allow a malicious Web server to cause a denial of service and possibly execute arbitrary code via a long response. The Common Vulnerabilities and Exposures project has assigned the name CAN-2002-0843 to this issue. Two cross-site scripting vulnerabilities are present in the error pages for the default "404 Not Found" error, and for the error response when a plain HTTP request is received on an SSL port. Both of these issues are only exploitable if the "UseCanonicalName" setting has been changed to "Off", and wildcard DNS is in use. These issues would allow remote attackers to execute scripts as other Web page visitors, for instance, to steal cookies. These issues affect Apache versions 1.3 to 1.3.26, and mod_ssl versions before 2.8.12. The Common Vulnerabilities and Exposures project has assigned the names CAN-2002-0840 and CAN-2002-1157 to these issues. The shared memory scoreboard in the HTTP daemon for Apache 1.3.x, prior to version 1.3.27 allowed a user running as the web server user to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or other such behavior that would not normally be allowed. The Common Vulnerabilities and Exposures project has assigned the name CAN-2002-839 to this issue. The mail function in PHP 4.x to 4.2.2 may allow local script authors to bypass safe mode restrictions and modify command line arguments to the MTA (such as Sendmail) in the fifth argument to mail(), altering MTA behavior and possibly executing arbitrary local commands. The Common Vulnerabilities and Exposures project has assigned the name CAN-2002-0985 to this issue. The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy". The Common Vulnerabilities and Exposures project has assigned the name CAN-2002-0986 to this issue. Stronghold 4 contains Apache 1.3.22, mod_ssl 2.8.7, and PHP 4.1.2, and is therefore vulnerable to these issues. Users of Stronghold are advised to patch or upgrade their servers.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated versions of the Apache HTTP server, PHP, and mod_ssl are now\navailable which close possible buffer overflows in the Apache HTTP server\nbenchmarking tool, fix two cross-site scripting vulnerabilities in the\nerror pages, and fix possible local privilege escalation.  These updates\nalso fix vulnerabilities in the PHP mail() function that allows script\nauthors to bypass safe mode restrictions, and possibly allow remote\nattackers to insert arbitrary mail headers and content into messages.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The Apache HTTP server is a powerful, full-featured, efficient, and\nfreely-available Web server.  PHP is an HTML-embedded scripting language\ncommonly used with the Apache HTTP server.\n\nBuffer overflows in the ApacheBench support program (ab.c) in Apache\nversions prior to 1.3.27 allow a malicious Web server to cause a denial of\nservice and possibly execute arbitrary code via a long response.  The\nCommon Vulnerabilities and Exposures project has assigned the name\nCAN-2002-0843 to this issue.\n\nTwo cross-site scripting vulnerabilities are present in the error pages\nfor the default \"404 Not Found\" error, and for the error response when a\nplain HTTP request is received on an SSL port.  Both of these issues are\nonly exploitable if the \"UseCanonicalName\" setting has been changed to\n\"Off\", and wildcard DNS is in use.  These issues would allow remote\nattackers to execute scripts as other Web page visitors, for instance, to\nsteal cookies.  These issues affect Apache versions 1.3 to 1.3.26,\nand mod_ssl versions before 2.8.12.  The Common Vulnerabilities and\nExposures project has assigned the names CAN-2002-0840 and\nCAN-2002-1157 to these issues.\n\nThe shared memory scoreboard in the HTTP daemon for Apache 1.3.x, prior to\nversion 1.3.27 allowed a user running as the web server user to send a\nSIGUSR1 signal to any process as root, resulting in a denial of service\n(process kill) or other such behavior that would not normally be allowed. \nThe Common Vulnerabilities and Exposures project has assigned the name\nCAN-2002-839 to this issue.\n\nThe mail function in PHP 4.x to 4.2.2 may allow local script authors to\nbypass safe mode restrictions and modify command line arguments to the\nMTA (such as Sendmail) in the fifth argument to mail(), altering MTA\nbehavior and possibly executing arbitrary local commands. The Common\nVulnerabilities and Exposures project has assigned the name CAN-2002-0985\nto this issue.\n\nThe mail function in PHP 4.x to 4.2.2 does not filter ASCII control\ncharacters from its arguments, which could allow remote attackers to\nmodify mail message content, including mail headers, and possibly use\nPHP as a \"spam proxy\". The Common Vulnerabilities and Exposures project has\nassigned the name CAN-2002-0986 to this issue.\n\nStronghold 4 contains Apache 1.3.22, mod_ssl 2.8.7, and PHP 4.1.2, and\nis therefore vulnerable to these issues. Users of Stronghold are advised to\npatch or upgrade their servers.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2002:244",
        "url": "https://access.redhat.com/errata/RHSA-2002:244"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "http://www.apacheweek.com/issues/02-10-04",
        "url": "http://www.apacheweek.com/issues/02-10-04"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2002/rhsa-2002_244.json"
      }
    ],
    "title": "Red Hat Security Advisory: apache, mod_ssl, php security update for Stronghold",
    "tracking": {
      "current_release_date": "2024-11-21T22:31:24+00:00",
      "generator": {
        "date": "2024-11-21T22:31:24+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2002:244",
      "initial_release_date": "2002-11-08T11:15:00+00:00",
      "revision_history": [
        {
          "date": "2002-11-08T11:15:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2002-10-07T00:00:00+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-21T22:31:24+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Stronghold 4",
                "product": {
                  "name": "Red Hat Stronghold 4",
                  "product_id": "Red Hat Stronghold 4",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:stronghold:4"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Stronghold Cross Platform"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2002-0839",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616822"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent[].pid and parent[].last_rtime segments in the scoreboard.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Stronghold 4"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0839"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616822",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616822"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0839",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0839"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0839",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0839"
        }
      ],
      "release_date": "2002-10-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2002-11-08T11:15:00+00:00",
          "details": "We have backported the security fixes for the versions of OpenSSL\nand mm included in Stronghold 4. The fixed packages are now available via\nthe update agent service; run\n\n$ bin/agent\n\nfrom the Stronghold 4 install root to upgrade an existing Stronghold 4\ninstallation to the new package versions. After upgrading Stronghold, the\nserver must be completely restarted by running the following commands from\nthe install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nsee http://stronghold.redhat.com/support/upgrade-sh4",
          "product_ids": [
            "Red Hat Stronghold 4"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2002:244"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2002-0840",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616823"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is \"Off\" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header, a different vulnerability than CAN-2002-1157.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Stronghold 4"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0840"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616823",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616823"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0840",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0840"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0840",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0840"
        }
      ],
      "release_date": "2002-10-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2002-11-08T11:15:00+00:00",
          "details": "We have backported the security fixes for the versions of OpenSSL\nand mm included in Stronghold 4. The fixed packages are now available via\nthe update agent service; run\n\n$ bin/agent\n\nfrom the Stronghold 4 install root to upgrade an existing Stronghold 4\ninstallation to the new package versions. After upgrading Stronghold, the\nserver must be completely restarted by running the following commands from\nthe install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nsee http://stronghold.redhat.com/support/upgrade-sh4",
          "product_ids": [
            "Red Hat Stronghold 4"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2002:244"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2002-0843",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616824"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Buffer overflows in the ApacheBench benchmark support program (ab.c) in Apache before 1.3.27, and Apache 2.x before 2.0.43, allow a malicious web server to cause a denial of service and possibly execute arbitrary code via a long response.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Stronghold 4"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0843"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616824",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616824"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0843",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0843"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0843",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0843"
        }
      ],
      "release_date": "2002-10-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2002-11-08T11:15:00+00:00",
          "details": "We have backported the security fixes for the versions of OpenSSL\nand mm included in Stronghold 4. The fixed packages are now available via\nthe update agent service; run\n\n$ bin/agent\n\nfrom the Stronghold 4 install root to upgrade an existing Stronghold 4\ninstallation to the new package versions. After upgrading Stronghold, the\nserver must be completely restarted by running the following commands from\nthe install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nsee http://stronghold.redhat.com/support/upgrade-sh4",
          "product_ids": [
            "Red Hat Stronghold 4"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2002:244"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2002-0985",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616833"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail(), altering MTA behavior and possibly executing commands.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Stronghold 4"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0985"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616833",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616833"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0985",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0985"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0985",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0985"
        }
      ],
      "release_date": "2002-08-23T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2002-11-08T11:15:00+00:00",
          "details": "We have backported the security fixes for the versions of OpenSSL\nand mm included in Stronghold 4. The fixed packages are now available via\nthe update agent service; run\n\n$ bin/agent\n\nfrom the Stronghold 4 install root to upgrade an existing Stronghold 4\ninstallation to the new package versions. After upgrading Stronghold, the\nserver must be completely restarted by running the following commands from\nthe install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nsee http://stronghold.redhat.com/support/upgrade-sh4",
          "product_ids": [
            "Red Hat Stronghold 4"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2002:244"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2002-0986",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616834"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a \"spam proxy.\"",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Stronghold 4"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0986"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616834",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616834"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0986",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0986"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0986",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0986"
        }
      ],
      "release_date": "2002-08-23T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2002-11-08T11:15:00+00:00",
          "details": "We have backported the security fixes for the versions of OpenSSL\nand mm included in Stronghold 4. The fixed packages are now available via\nthe update agent service; run\n\n$ bin/agent\n\nfrom the Stronghold 4 install root to upgrade an existing Stronghold 4\ninstallation to the new package versions. After upgrading Stronghold, the\nserver must be completely restarted by running the following commands from\nthe install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nsee http://stronghold.redhat.com/support/upgrade-sh4",
          "product_ids": [
            "Red Hat Stronghold 4"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2002:244"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2002-1157",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616849"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Cross-site scripting vulnerability in the mod_ssl Apache module 2.8.9 and earlier, when UseCanonicalName is off and wildcard DNS is enabled, allows remote attackers to execute script as other web site visitors, via the server name in an HTTPS response on the SSL port, which is used in a self-referencing URL, a different vulnerability than CAN-2002-0840.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Stronghold 4"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-1157"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616849",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616849"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-1157",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-1157"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-1157",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-1157"
        }
      ],
      "release_date": "2002-10-22T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2002-11-08T11:15:00+00:00",
          "details": "We have backported the security fixes for the versions of OpenSSL\nand mm included in Stronghold 4. The fixed packages are now available via\nthe update agent service; run\n\n$ bin/agent\n\nfrom the Stronghold 4 install root to upgrade an existing Stronghold 4\ninstallation to the new package versions. After upgrading Stronghold, the\nserver must be completely restarted by running the following commands from\nthe install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nsee http://stronghold.redhat.com/support/upgrade-sh4",
          "product_ids": [
            "Red Hat Stronghold 4"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2002:244"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "security flaw"
    }
  ]
}

ghsa-42vq-2xjj-6g8w

Vulnerability from github

Published

2022-04-30 18:20

Modified

2022-04-30 18:20

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2002-1157"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2002-11-04T05:00:00Z",
    "severity": "HIGH"
  },
  "details": "Cross-site scripting vulnerability in the mod_ssl Apache module 2.8.9 and earlier, when UseCanonicalName is off and wildcard DNS is enabled, allows remote attackers to execute script as other web site visitors, via the server name in an HTTPS response on the SSL port, which is used in a self-referencing URL, a different vulnerability than CAN-2002-0840.",
  "id": "GHSA-42vq-2xjj-6g8w",
  "modified": "2022-04-30T18:20:39Z",
  "published": "2022-04-30T18:20:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-1157"
    },
    {
      "type": "WEB",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0374.html"
    },
    {
      "type": "WEB",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000541"
    },
    {
      "type": "WEB",
      "url": "http://online.securityfocus.com/archive/1/296753"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2002/dsa-181"
    },
    {
      "type": "WEB",
      "url": "http://www.iss.net/security_center/static/10457.php"
    },
    {
      "type": "WEB",
      "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-072.php"
    },
    {
      "type": "WEB",
      "url": "http://www.linuxsecurity.com/advisories/other_advisory-2512.html"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/2107"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2002-222.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2002-243.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2002-244.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2002-248.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2002-251.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2003-106.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/6029"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

Vulnerability from cvelistv5

Vulnerability from gsd

Vulnerability from csaf_redhat

Vulnerability from csaf_redhat

Vulnerability from csaf_redhat

Vulnerability from csaf_redhat

Vulnerability from csaf_redhat

Vulnerability from github

Tags

Sightings

Nomenclature