Login
Newsletter
Werbung

Sicherheit: Zwei Probleme in httpd
Aktuelle Meldungen Distributionen
Name: Zwei Probleme in httpd
ID: TLSA-2007-41
Distribution: TurboLinux
Plattformen: Turbolinux FUJI, Turbolinux 10 Server, Turbolinux 10 Server x64 Edition, Turbolinux Appliance Server 2.0
Datum: Mi, 8. August 2007, 03:50
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863
Applikationen: Apache

Originalnachricht

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

--------------------------------------------------------------------------
Turbolinux Security Advisory TLSA-2007-41
http://www.turbolinux.co.jp/security/
security-team@turbolinux.co.jp
--------------------------------------------------------------------------

Original released date: 07 Aug 2007
Last revised: 07 Aug 2007

Package: httpd

Summary: Two vulnerabilities discovered in httpd

More information:
Apache is a powerful, full-featured, efficient, and freely-available
Web server. Apache is also the most popular Web server on the Internet.

Remote attackers to cause a denial of service
Cross-site scripting (XSS) vulnerability.

Impact:
This vulnerability allows allows remote attackers to inject arbitrary
web script or HTML and child processing handler crash.


Affected Products:
- Turbolinux Appliance Server 2.0
- Turbolinux FUJI
- Turbolinux 10 Server x64 Edition
- Turbolinux 10 Server


<Turbolinux Appliance Server 2.0>

Source Packages
Size: MD5

httpd-2.0.51-30.src.rpm
6854014 4b4cb201e4d71b84b9f1f0f82518e5f9

Binary Packages
Size: MD5

httpd-2.0.51-30.i586.rpm
1032164 110764687502bb75c2e95e0df186ba6e
httpd-devel-2.0.51-30.i586.rpm
224972 2b90b44857ebe37b16d6197ffb529d63
httpd-manual-2.0.51-30.i586.rpm
1132620 a304f692b4143b5440fd3acccdd45bc4
mod_ssl-2.0.51-30.i586.rpm
89176 8b0c7a75a1b0b5e0e7d36de70496f17d
mod_bwshare-2.0.51-30.i586.rpm
41207 a8da235064c933641e85338c6667a1ff

<Turbolinux FUJI>

Source Packages
Size: MD5

httpd-2.0.54-17.src.rpm
7620033 1374e44156ce4b0b5064689ba1bda9ae

Binary Packages
Size: MD5

httpd-2.0.54-17.i686.rpm
1265575 eb061c31484d53f2803eacedbd4d7767
httpd-devel-2.0.54-17.i686.rpm
277077 d17f066857cf0ead09502197a26ddc8c

<Turbolinux 10 Server x64 Edition>

Source Packages
Size: MD5

httpd-2.0.51-30.src.rpm
6854014 68ac7689a65fb2f6e4a96ec52dff2b8f

Binary Packages
Size: MD5

httpd-2.0.51-30.x86_64.rpm
1143226 7e7b4f13c90ef56a8bd72bd02bb445aa
httpd-debug-2.0.51-30.x86_64.rpm
3533816 595a4398fff37ea2c405f712374efafb
httpd-devel-2.0.51-30.x86_64.rpm
225087 637868220f5d8063856d007d6f26c5ec
httpd-manual-2.0.51-30.x86_64.rpm
1132302 960e4b49f20aa8ed360eef7211116e1c
mod_ssl-2.0.51-30.x86_64.rpm
96783 ad928a276238e665b8830c9d30c3443c
mod_bwshare-2.0.51-30.x86_64.rpm
41966 6c23f3e10e7ef0994a9cde7403b9dfdc

<Turbolinux 10 Server>

Source Packages
Size: MD5

httpd-2.0.51-30.src.rpm
6854014 4b4cb201e4d71b84b9f1f0f82518e5f9

Binary Packages
Size: MD5

httpd-2.0.51-30.i586.rpm
1032164 110764687502bb75c2e95e0df186ba6e
httpd-debug-2.0.51-30.i586.rpm
3541681 ccc1de6b41e8a74716f98544c630020b
httpd-devel-2.0.51-30.i586.rpm
224972 2b90b44857ebe37b16d6197ffb529d63
httpd-manual-2.0.51-30.i586.rpm
1132620 a304f692b4143b5440fd3acccdd45bc4
mod_ssl-2.0.51-30.i586.rpm
89176 8b0c7a75a1b0b5e0e7d36de70496f17d
mod_bwshare-2.0.51-30.i586.rpm
41207 a8da235064c933641e85338c6667a1ff


References:

CVE
[CVE-2007-1863]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863
[CVE-2006-5752]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752

--------------------------------------------------------------------------
Revision History
07 Aug 2007 Initial release
--------------------------------------------------------------------------

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFGuBOsK0LzjOqIJMwRAnujAKCCO7GfVvWCYHc59uQQUVP+4mssZACgoRIa
tPGLVm0egU2+x5t1oA2dZxA=
=tQFy
-----END PGP SIGNATURE-----
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung