[RHSA-2004:653-01] Stronghold 4: New release fixes Apache and mod_ssl issues
bugzilla at redhat.com
bugzilla at redhat.com
Mon Dec 20 16:41:00 UTC 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ---------------------------------------------------------------------
Red Hat Security Advisory
Synopsis: Stronghold 4: New release fixes Apache and mod_ssl issues
Advisory ID: RHSA-2004:653-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2004-653.html
Issue date: 2004-12-20
Updated on: 2004-12-20
Product: Stronghold Cross Platform
CVE Names: CAN-2004-0940 CAN-2003-0987 CAN-2004-0885
- ---------------------------------------------------------------------
1. Summary:
Updated versions of cross-platform Stronghold that fix security issues in
mod_ssl and the Apache HTTP Server are now available.
2. Problem description:
Stronghold 4 contains a number of open source technologies, including
mod_ssl and the Apache HTTP Server.
A buffer overflow in the get_tag function in mod_include for Apache 1.3.x
to 1.3.32 allows local users who can create SSI documents to execute
arbitrary code as the apache user via SSI (XSSI) documents that trigger a
length calculation error. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-0940 to this issue.
mod_digest does not properly verify the nonce of a client response by using
a AuthNonce secret. This could allow a malicious user who is able to sniff
network traffic to conduct a replay attack against a website using Digest
protection. Note that mod_digest implements an older version of the MD5
Digest Authentication specification which is known not to work with modern
browsers. This issue does not affect mod_auth_digest. (CAN-2003-0987)
The mod_ssl module, when using the "SSLCipherSuite" directive in directory
or location context, allows remote clients to bypass intended restrictions
by using any cipher suite that is allowed by the virtual host
configuration. (CAN-2004-0885)
Users of Stronghold 4 cross-platform are advised to update to these errata
versions, which contain backported security fixes and are not vulnerable to
these issues.
3. Solution:
Updated Stronghold 4 packages are now available via the update agent
service. Run the following command from the Stronghold 4 install root to
upgrade an existing Stronghold 4 installation to the new package versions:
$ bin/agent
The Stronghold 4.0j patch release which contains these updated packages is
also available from the download site.
After upgrading Stronghold, the server must be completely restarted by
running the following commands from the install root:
$ bin/stop-server
$ bin/start-server
For more information on how to upgrade between releases of Stronghold 4,
refer to http://stronghold.redhat.com/support/upgrade-sh4
4. References:
http://stronghold.redhat.com/support/upgrade-sh4
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0940
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0987
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885
5. Contact:
The Red Hat security contact is <secalert at redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/
Copyright 2004 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQFBxwCxXlSAg2UNWIIRApGTAJ9ih1qOay55fDxGh/R7aFx3XjY/wQCeIt6o
sDUaziDvi0X8G8yruw/VGW0=
=EAYD
-----END PGP SIGNATURE-----
More information about the Stronghold-watch-list
mailing list