Nom du paquet
apache
Date
2004-06-29
Advisory ID
MDKSA-2004:065
Affected versions
9.2 amd64 , CS2.1 x86_64 , 10.0 amd64 , CS2.1 i586 , 10.0 i586 , 9.2 i586 , 9.1 i586 , 9.1 i586

Problem description

A buffer overflow vulnerability was found by George Guninski in Apache's mod_proxy module, which can be exploited by a remote user to potentially execute arbitrary code with the privileges of an httpd child process (user apache). This can only be exploited, however, if mod_proxy is actually in use. It is recommended that you stop Apache prior to updating and then restart it again once the update is complete ("service httpd stop" and "service httpd start" respectively).

Updated packages

9.2 amd64

 dee14b276676f203fceb1ca658876d24  amd64/9.2/RPMS/apache-1.3.28-3.3.92mdk.amd64.rpm
4750abf196f44eb4aff051c4113a07a4  amd64/9.2/RPMS/apache-devel-1.3.28-3.3.92mdk.amd64.rpm
c0eb375d43f0bad4ae8e4d4b121c72af  amd64/9.2/RPMS/apache-modules-1.3.28-3.3.92mdk.amd64.rpm
75307fd56c0260e77399c46730506bd8  amd64/9.2/RPMS/apache-source-1.3.28-3.3.92mdk.amd64.rpm
908ea9a964fec711bc25fbc7b7e9dc0f  amd64/9.2/SRPMS/apache-1.3.28-3.3.92mdk.src.rpm

CS2.1 x86_64

 e08cece5bbc816e7e0e17297bc6feec9  x86_64/corporate/2.1/RPMS/apache-1.3.26-7.2.C21mdk.x86_64.rpm
e15d6518f1a98094232ee91545031d8c  x86_64/corporate/2.1/RPMS/apache-common-1.3.26-7.2.C21mdk.x86_64.rpm
71d81d5fbc9e1e1e7aa1d53c16a427ff  x86_64/corporate/2.1/RPMS/apache-devel-1.3.26-7.2.C21mdk.x86_64.rpm
6208b9d0f0858b92108ec7c05e34fa0d  x86_64/corporate/2.1/RPMS/apache-manual-1.3.26-7.2.C21mdk.x86_64.rpm
4c18d17a03140eb76c5b7159030ca67d  x86_64/corporate/2.1/RPMS/apache-modules-1.3.26-7.2.C21mdk.x86_64.rpm
80bb1c5f6e7a41ccdf77fbc74ec91a9f  x86_64/corporate/2.1/RPMS/apache-source-1.3.26-7.2.C21mdk.x86_64.rpm
c80aef846628f4a4d7baf59722c3ebea  x86_64/corporate/2.1/SRPMS/apache-1.3.26-7.2.C21mdk.src.rpm

10.0 amd64

 3965ed52ddb399405a96d5ef5c1c9b80  amd64/10.0/RPMS/apache-1.3.29-1.2.100mdk.amd64.rpm
0efc45ba61377eb7ad257d7fed8eccf1  amd64/10.0/RPMS/apache-devel-1.3.29-1.2.100mdk.amd64.rpm
7a7e8c0d0c49825e91419cfc43461099  amd64/10.0/RPMS/apache-modules-1.3.29-1.2.100mdk.amd64.rpm
2455fa5f7a3c9c39575d203cb336b527  amd64/10.0/RPMS/apache-source-1.3.29-1.2.100mdk.amd64.rpm
2e659040e210fa92b2ad5458cbd2227f  amd64/10.0/SRPMS/apache-1.3.29-1.2.100mdk.src.rpm

CS2.1 i586

 7ee272946f5933718ed052f2a8ea3a5c  corporate/2.1/RPMS/apache-1.3.26-7.2.C21mdk.i586.rpm
bd1586af647cc0bd29b474c213d0d1d6  corporate/2.1/RPMS/apache-common-1.3.26-7.2.C21mdk.i586.rpm
84c2fce310207060141864a65d6e18ea  corporate/2.1/RPMS/apache-devel-1.3.26-7.2.C21mdk.i586.rpm
ea3badd6c5f97eae2c77497662c3f588  corporate/2.1/RPMS/apache-manual-1.3.26-7.2.C21mdk.i586.rpm
0f7b7fbf3e826250a21e246225e750b9  corporate/2.1/RPMS/apache-modules-1.3.26-7.2.C21mdk.i586.rpm
2e52cbec6e2b6dd60b9792854c1cc323  corporate/2.1/RPMS/apache-source-1.3.26-7.2.C21mdk.i586.rpm
c80aef846628f4a4d7baf59722c3ebea  corporate/2.1/SRPMS/apache-1.3.26-7.2.C21mdk.src.rpm

10.0 i586

 3c7630ddf9e8e8a87fb0a4b16717c86d  10.0/RPMS/apache-1.3.29-1.2.100mdk.i586.rpm
d450542efae157588cf02fcfb7ce18bd  10.0/RPMS/apache-devel-1.3.29-1.2.100mdk.i586.rpm
ebec3b55ec6d2b1db7756a5a71b19fd3  10.0/RPMS/apache-modules-1.3.29-1.2.100mdk.i586.rpm
8a718d665b832ca4a79b0fcd8ab911f0  10.0/RPMS/apache-source-1.3.29-1.2.100mdk.i586.rpm
2e659040e210fa92b2ad5458cbd2227f  10.0/SRPMS/apache-1.3.29-1.2.100mdk.src.rpm

9.2 i586

 9635d7e327fd8bee822a4bbbb3a56da0  9.2/RPMS/apache-1.3.28-3.3.92mdk.i586.rpm
ce3a540397e2c0a77650a47a91c8619a  9.2/RPMS/apache-devel-1.3.28-3.3.92mdk.i586.rpm
5389d198986e1714ebb6a0e687dce0f0  9.2/RPMS/apache-modules-1.3.28-3.3.92mdk.i586.rpm
ce34d1cc91996c84f12189580ae6dafd  9.2/RPMS/apache-source-1.3.28-3.3.92mdk.i586.rpm
908ea9a964fec711bc25fbc7b7e9dc0f  9.2/SRPMS/apache-1.3.28-3.3.92mdk.src.rpm

9.1 i586

 0f24006e8ff29fbaa2e9e48d95e9e493  9.1/RPMS/apache-1.3.27-8.3.91mdk.i586.rpm
b8ee1b7b773b4399ae10f57860180b79  9.1/RPMS/apache-devel-1.3.27-8.3.91mdk.i586.rpm
5ef66d25cfc031c10eab53f2907b15dd  9.1/RPMS/apache-modules-1.3.27-8.3.91mdk.i586.rpm
85528359234a3d5a118893c480f20862  9.1/RPMS/apache-source-1.3.27-8.3.91mdk.i586.rpm
5353af41517365b5007cac19508eee37  9.1/SRPMS/apache-1.3.27-8.3.91mdk.src.rpm

9.1 i586

 38d721f0c30b824e268f54eea437e8a9  ppc/9.1/RPMS/apache-1.3.27-8.3.91mdk.ppc.rpm
fc2349a3a233209c95f85bb9f18da270  ppc/9.1/RPMS/apache-devel-1.3.27-8.3.91mdk.ppc.rpm
9448f73715ffbb2a3a9a0415dfaa2745  ppc/9.1/RPMS/apache-modules-1.3.27-8.3.91mdk.ppc.rpm
2d68de368b93897ba2f2675490ad838e  ppc/9.1/RPMS/apache-source-1.3.27-8.3.91mdk.ppc.rpm
5353af41517365b5007cac19508eee37  ppc/9.1/SRPMS/apache-1.3.27-8.3.91mdk.src.rpm

References