Login

Noch kein Login?
Daten vergessen?

 
Newsletter
Werbung
Sicherheit: Denial of Service in apache
Aktuelle Meldungen Distributionen
Name: Denial of Service in apache
ID: USN-23-1
Distribution: Ubuntu
Plattformen: Ubuntu 4.10
Datum: Fr, 12. November 2004, 12:00
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0942

Originalnachricht

 
===========================================================
Ubuntu Security Notice USN-23-1		  November 11, 2004
apache2 vulnerability
CAN-2004-0942
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The following packages are affected:

apache2-mpm-perchild
apache2-mpm-prefork
apache2-mpm-threadpool
apache2-mpm-worker

The problem can be corrected by upgrading the affected package to
version 2.0.50-12ubuntu4.1.  In general, a standard system upgrade is
sufficient to effect the necessary changes.

Details follow:

Chintan Trivedi discovered a Denial of Service vulnerability in
apache2. The field length limit was not enforced for certain malicious
requests. This could allow a remote attacker who is able to send large
amounts of data to a server to cause HTTP server instances to consume
proportional amounts of memory, which can render the service
unavailable.

  Source archives:

    apache2_2.0.50-12ubuntu4.1.diff.gz
      Size/MD5:    97967 cf0c1c891580db78dcc5446a767ac000
    apache2_2.0.50-12ubuntu4.1.dsc
      Size/MD5:     1151 0a7f762f4626fde4e303c1cc4d9ba78c
    apache2_2.0.50.orig.tar.gz
      Size/MD5:  6321209 9d0767f8a1344229569fcd8272156f8b

  Architecture independent packages:

    apache2-doc_2.0.50-12ubuntu4.1_all.deb
      Size/MD5:  3178054 82b91224019b7e1ebcb04ce6dab1839d
    apache2-prefork-dev_2.0.50-12ubuntu4.1_all.deb
      Size/MD5:   163482 755fa2140e2cbc1242c56525614555a2
    apache2-threaded-dev_2.0.50-12ubuntu4.1_all.deb
      Size/MD5:   164232 e79331594b1b564c3fa7d71ff01a3db7

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    apache2-common_2.0.50-12ubuntu4.1_amd64.deb
      Size/MD5:   864366 b9d51742d0d08c0f1afd96ad2ae691da
    apache2-mpm-perchild_2.0.50-12ubuntu4.1_amd64.deb
      Size/MD5:   230102 d0b900d7e94f54e102492328c58d1893
    apache2-mpm-prefork_2.0.50-12ubuntu4.1_amd64.deb
      Size/MD5:   225242 fd5d08467e04612d7e0094502c9b6565
    apache2-mpm-threadpool_2.0.50-12ubuntu4.1_amd64.deb
      Size/MD5:   228684 c40e8b7c350bc15339404a906a7901a0
    apache2-mpm-worker_2.0.50-12ubuntu4.1_amd64.deb
      Size/MD5:   229262 1cfd8eb69f072c2cfd2b4c2cca68814b
    apache2_2.0.50-12ubuntu4.1_amd64.deb
      Size/MD5:    29710 cfcf4d17b8d836b58abdd6afc85913ec
    libapr0-dev_2.0.50-12ubuntu4.1_amd64.deb
      Size/MD5:   275206 ccaea19446f99022bcd3d8c7006d861e
    libapr0_2.0.50-12ubuntu4.1_amd64.deb
      Size/MD5:   133148 0fa8b4ab41df7319e233ac142e08c938

  i386 architecture (x86 compatible Intel/AMD)

    apache2-common_2.0.50-12ubuntu4.1_i386.deb
      Size/MD5:   825680 823bf43c10f5afb125458c02e06bd422
    apache2-mpm-perchild_2.0.50-12ubuntu4.1_i386.deb
      Size/MD5:   209084 f7114acd490b347bcc175f30b1d496da
    apache2-mpm-prefork_2.0.50-12ubuntu4.1_i386.deb
      Size/MD5:   205306 8815b7c99177c33edfa94ba5c0359416
    apache2-mpm-threadpool_2.0.50-12ubuntu4.1_i386.deb
      Size/MD5:   207946 193b3f6c0710dc80b8acf08b951bc2f6
    apache2-mpm-worker_2.0.50-12ubuntu4.1_i386.deb
      Size/MD5:   208388 7d11333a5ec1876f99030dd958c9a43f
    apache2_2.0.50-12ubuntu4.1_i386.deb
      Size/MD5:    29706 af8f749040fca22310e315d310331ce1
    libapr0-dev_2.0.50-12ubuntu4.1_i386.deb
      Size/MD5:   253176 9c4587c217ba98d6b63b50d18f5a7ba6
    libapr0_2.0.50-12ubuntu4.1_i386.deb
      Size/MD5:   123872 5367a153ef8c66a4307b1250b3321d7f

  powerpc architecture (Apple Macintosh G3/G4/G5)

    apache2-common_2.0.50-12ubuntu4.1_powerpc.deb
      Size/MD5:   903480 12c41213108120eabb9cafd2ab97af79
    apache2-mpm-perchild_2.0.50-12ubuntu4.1_powerpc.deb
      Size/MD5:   222718 5054b3fc46baeea33ccb1c7677c49097
    apache2-mpm-prefork_2.0.50-12ubuntu4.1_powerpc.deb
      Size/MD5:   217722 79d6763364edccb0571a9918e9e7f595
    apache2-mpm-threadpool_2.0.50-12ubuntu4.1_powerpc.deb
      Size/MD5:   220892 01df3447f3668931d3ee7f3a055d1b88
    apache2-mpm-worker_2.0.50-12ubuntu4.1_powerpc.deb
      Size/MD5:   221500 62851f812cba3ee3df558cdcc3ab5d33
    apache2_2.0.50-12ubuntu4.1_powerpc.deb
      Size/MD5:    29716 8148f425dac482351c32fbce31b37e8b
    libapr0-dev_2.0.50-12ubuntu4.1_powerpc.deb
      Size/MD5:   268974 71585a0eee76b026e0623f526da43fc0
    libapr0_2.0.50-12ubuntu4.1_powerpc.deb
      Size/MD5:   130482 16e3a998f505e6a8dc0c8c48909c4886





-- 
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
http://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
Pro-Linux
Gewinnspiel
Neue Nachrichten

0
Zend Framework 2.2.0 ver­spricht mehr Kon­sis­tenz

23
Firefox 22 aktiviert WebRTC

9
10 Jahre Groklaw

17
Kroatiens Prä­si­dent lobt den kreativen Geist der Open-Sour­ce Ge­mein­schaft

2
Sernet bietet Sam­ba4-Kom­plett­pa­ke­te für ver­schie­de­ne Dis­tri­bu­tio­nen

19
Linux: Si­cher­heits­lü­cke erlaubt Roo­t-Zu­griff

1
Ge­winn­spiel: Ein­tritts­kar­ten für den LinuxTag 2013

22
Neue An­dro­id-Ent­wick­lungs­um­ge­bung Android Studio

0
Open-IT Summit am 22. und 23. Mai auf dem LinuxTag

0
OpenAPC 3.0 mit Be­am­Con­struc­t-SDK
 
Werbung