Vulnerabilities > CVE-2005-3357 - Resource Management Errors vulnerability in Apache Http Server

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer dereference.

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyHP-UX Local Security Checks
    NASL idHPUX_PHSS_35436.NASL
    descriptions700_800 11.04 Virtualvault 4.7 OWS (Apache 2.x) update : The remote HP-UX host is affected by multiple vulnerabilities : - Potential security vulnerabilities have been identified with Apache running on HP-UX VirtualVault. These vulnerabilities could be exploited remotely to allow execution of arbitrary code, Denial of Service (DoS), or unauthorized access. (HPSBUX02172 SSRT061269) - A security vulnerability has been identified in OpenSSL used in HP VirtualVault 4.7, 4.6, 4.5 and HP WebProxy that may allow remote unauthorized access. (HPSBUX02165 SSRT061266)
    last seen2020-06-01
    modified2020-06-02
    plugin id23714
    published2006-11-22
    reporterThis script is Copyright (C) 2006-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/23714
    titleHP-UX PHSS_35436 : s700_800 11.04 Virtualvault 4.7 OWS (Apache 2.x) update
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SA_2006_051.NASL
    descriptionThe remote host is missing the patch for the advisory SUSE-SA:2006:051 (apache2). The web server Apache2 has been updated to fix several security issues: The security fix for CVE-2005-3357 (denial of service) broke the earlier security fix for SSL verification (CVE-2005-2700). This problem has been corrected. Additionally a cross site scripting bug with the
    last seen2019-10-28
    modified2007-02-18
    plugin id24429
    published2007-02-18
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/24429
    titleSUSE-SA:2006:051: apache2
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2006-052.NASL
    descriptionThis update includes fixes for three security issues in the Apache HTTP Server. A memory leak in the worker MPM could allow remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections. The Common Vulnerabilities and Exposures project assigned the name CVE-2005-2970 to this issue. This vulnerability only affects users who are using the non-default worker MPM. A flaw in mod_imap when using the Referer directive with image maps was discovered. With certain site configurations, a remote attacker could perform a cross-site scripting attack if a victim can be forced to visit a malicious URL using certain web browsers. (CVE-2005-3352) A NULL pointer dereference flaw in mod_ssl was discovered affecting server configurations where an SSL virtual host is configured with access control and a custom 400 error document. A remote attacker could send a carefully crafted request to trigger this issue which would lead to a crash. This crash would only be a denial of service if using the non-default worker MPM. (CVE-2005-3357) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id20757
    published2006-01-21
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/20757
    titleFedora Core 4 : httpd-2.0.54-10.3 (2006-052)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-241-1.NASL
    descriptionThe
    last seen2020-06-01
    modified2020-06-02
    plugin id20788
    published2006-01-21
    reporterUbuntu Security Notice (C) 2006-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/20788
    titleUbuntu 4.10 / 5.04 / 5.10 : apache2, apache vulnerabilities (USN-241-1)
  • NASL familyHP-UX Local Security Checks
    NASL idHPUX_PHSS_36385.NASL
    descriptions700_800 11.X PA-RISC OV NNM7.51 Intermediate Patch 16 : Potential vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM) running Apache. These vulnerabilities could be exploited remotely resulting in cross site scripting (XSS), Denial of Service (DoS), or execution of arbitrary code.
    last seen2020-06-01
    modified2020-06-02
    plugin id26154
    published2007-09-25
    reporterThis script is Copyright (C) 2007-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/26154
    titleHP-UX PHSS_36385 : HP OpenView Network Node Manager (OV NNM) Running Apache, Remote Cross Site Scripting (XSS), Denial of Service (DoS), Execute Arbitrary Code (HPSBMA02328 SSRT071293 rev.2)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2006-0159.NASL
    descriptionUpdated Apache httpd packages that correct three security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular and freely-available Web server. A memory leak in the worker MPM could allow remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections. The Common Vulnerabilities and Exposures project assigned the name CVE-2005-2970 to this issue. This vulnerability only affects users who are using the non-default worker MPM. A flaw in mod_imap when using the Referer directive with image maps was discovered. With certain site configurations, a remote attacker could perform a cross-site scripting attack if a victim can be forced to visit a malicious URL using certain web browsers. (CVE-2005-3352) A NULL pointer dereference flaw in mod_ssl was discovered affecting server configurations where an SSL virtual host is configured with access control and a custom 400 error document. A remote attacker could send a carefully crafted request to trigger this issue which would lead to a crash. This crash would only be a denial of service if using the non-default worker MPM. (CVE-2005-3357) Users of httpd should update to these erratum packages which contain backported patches to correct these issues along with some additional bugs.
    last seen2020-06-01
    modified2020-06-02
    plugin id20398
    published2006-01-11
    reporterThis script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/20398
    titleRHEL 3 / 4 : httpd (RHSA-2006:0159)
  • NASL familyWeb Servers
    NASL idAPACHE_MOD_SSL_ERROR_DOCUMENT_DOS.NASL
    descriptionThe version of Apache running on the remote host is affected by a denial of service vulnerability due to a flaw in mod_ssl that occurs when it is configured with an SSL vhost with access control and a custom 400 error page. A remote attacker can exploit this, via a non-SSL request to an SSL port, to cause a NULL pointer to be dereferenced, resulting in crashing individual child processes or even the entire server.
    last seen2020-06-01
    modified2020-06-02
    plugin id20386
    published2006-01-10
    reporterThis script is Copyright (C) 2006-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/20386
    titleApache mod_ssl ssl_hook_Access Error Handling DoS
  • NASL familyHP-UX Local Security Checks
    NASL idHPUX_PHSS_35437.NASL
    descriptions700_800 11.04 Webproxy server 2.1 (Apache 2.x) update : The remote HP-UX host is affected by multiple vulnerabilities : - A security vulnerability has been identified in OpenSSL used in HP VirtualVault 4.7, 4.6, 4.5 and HP WebProxy that may allow remote unauthorized access. (HPSBUX02165 SSRT061266) - Potential security vulnerabilities have been identified with Apache running on HP-UX VirtualVault. These vulnerabilities could be exploited remotely to allow execution of arbitrary code, Denial of Service (DoS), or unauthorized access. (HPSBUX02172 SSRT061269)
    last seen2020-06-01
    modified2020-06-02
    plugin id23715
    published2006-11-22
    reporterThis script is Copyright (C) 2006-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/23715
    titleHP-UX PHSS_35437 : s700_800 11.04 Webproxy server 2.1 (Apache 2.x) update
  • NASL familyHP-UX Local Security Checks
    NASL idHPUX_PHSS_36773.NASL
    descriptions700_800 11.X OV NNM7.01 Intermediate Patch 11 : The remote HP-UX host is affected by multiple vulnerabilities : - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). This vulnerability could by exploited remotely to allow cross site scripting (XSS). (HPSBMA02283 SSRT071319) - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). This vulnerability could be exploited remotely by an unauthorized user to execute arbitrary code with the permissions of the NNM server. (HPSBMA02281 SSRT061261) - Potential vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or to execute arbitrary code. References: CVE-2008-3536, CVE-2008-3537, CVE-2008-3544 (Bugtraq ID 28668). (HPSBMA02362 SSRT080044, SSRT080045, SSRT080042) - Potential vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM) running Apache. These vulnerabilities could be exploited remotely resulting in cross site scripting (XSS), Denial of Service (DoS), or execution of arbitrary code. (HPSBMA02328 SSRT071293) - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM) running Shared Trace Service. The vulnerability could be remotely exploited to execute arbitrary code. (HPSBMA02242 SSRT061260) - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). The vulnerability could be exploited remotely to execute arbitrary code or to create a Denial of Service (DoS). (HPSBMA02348 SSRT080033)
    last seen2020-06-01
    modified2020-06-02
    plugin id26896
    published2007-10-03
    reporterThis script is Copyright (C) 2007-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/26896
    titleHP-UX PHSS_36773 : s700_800 11.X OV NNM7.01 Intermediate Patch 11
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_10_5_3.NASL
    descriptionThe remote host is running a version of Mac OS X 10.5.x that is prior to 10.5.3. Mac OS X 10.5.3 contains security fixes for a number of programs.
    last seen2020-06-01
    modified2020-06-02
    plugin id32477
    published2008-05-29
    reporterThis script is Copyright (C) 2008-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/32477
    titleMac OS X 10.5.x < 10.5.3 Multiple Vulnerabilities
  • NASL familyHP-UX Local Security Checks
    NASL idHPUX_PHSS_36386.NASL
    descriptions700_800 11.X IA-64 OV NNM7.51 Intermediate Patch 16 : Potential vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM) running Apache. These vulnerabilities could be exploited remotely resulting in cross site scripting (XSS), Denial of Service (DoS), or execution of arbitrary code.
    last seen2020-06-01
    modified2020-06-02
    plugin id26155
    published2007-09-25
    reporterThis script is Copyright (C) 2007-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/26155
    titleHP-UX PHSS_36386 : HP OpenView Network Node Manager (OV NNM) Running Apache, Remote Cross Site Scripting (XSS), Denial of Service (DoS), Execute Arbitrary Code (HPSBMA02328 SSRT071293 rev.2)
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2019-0118_HTTPD.NASL
    descriptionThe remote NewStart CGSL host, running version MAIN 4.05, has httpd packages installed that are affected by multiple vulnerabilities: - Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte. (CVE-2005-1268) - The Apache HTTP server before 1.3.34, and 2.0.x before 2.0.55, when acting as an HTTP proxy, allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a Transfer-Encoding: chunked header and a Content-Length header, which causes Apache to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka HTTP Request Smuggling. (CVE-2005-2088) - ssl_engine_kernel.c in mod_ssl before 2.8.24, when using SSLVerifyClient optional in the global virtual host configuration, does not properly enforce SSLVerifyClient require in a per-location context, which allows remote attackers to bypass intended access restrictions. (CVE-2005-2700) - The byte-range filter in Apache 2.0 before 2.0.54 allows remote attackers to cause a denial of service (memory consumption) via an HTTP header with a large Range field. (CVE-2005-2728) - Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps. (CVE-2005-3352) - mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer dereference. (CVE-2005-3357) - The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post- renegotiation context, related to a plaintext injection attack, aka the Project Mogul issue. (CVE-2009-3555) - The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service (process crash) via a request that lacks a path. (CVE-2010-1452) - fs/ext4/extents.c in the Linux kernel before 3.0 does not mark a modified extent as dirty in certain cases of extent splitting, which allows local users to cause a denial of service (system crash) via vectors involving ext4 umount and mount operations. (CVE-2011-3638) - It was discovered that the HTTP parser in httpd incorrectly allowed certain characters not permitted by the HTTP protocol specification to appear unencoded in HTTP request headers. If httpd was used in conjunction with a proxy or backend server that interpreted those characters differently, a remote attacker could possibly use this flaw to inject data into HTTP responses, resulting in proxy cache poisoning. (CVE-2016-8743) - It was discovered that the use of httpd
    last seen2020-06-01
    modified2020-06-02
    plugin id127360
    published2019-08-12
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127360
    titleNewStart CGSL MAIN 4.05 : httpd Multiple Vulnerabilities (NS-SA-2019-0118)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_SECUPD2008-003.NASL
    descriptionThe remote host is running a version of Mac OS X 10.4 that does not have the security update 2008-003 applied. This update contains security fixes for a number of programs.
    last seen2020-06-01
    modified2020-06-02
    plugin id32478
    published2008-05-29
    reporterThis script is Copyright (C) 2008-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/32478
    titleMac OS X Multiple Vulnerabilities (Security Update 2008-003)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2006-007.NASL
    descriptionA flaw was discovered in mod_imap when using the Referer directive with image maps that could be used by a remote attacker to perform a cross- site scripting attack, in certain site configurations, if a victim could be forced to visit a malicious URL using certain web browsers (CVE-2005-3352). Also, a NULL pointer dereference flaw was found in mod_ssl that affects server configurations where an SSL virtual host was configured with access controls and a custom 400 error document. This could allow a remote attacker to send a carefully crafted request to trigger the issue and cause a crash, but only with the non-default worker MPM (CVE-2005-3357). The provided packages have been patched to prevent these problems.
    last seen2020-06-01
    modified2020-06-02
    plugin id20473
    published2006-01-15
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/20473
    titleMandrake Linux Security Advisory : apache2 (MDKSA-2006:007)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2006-0159.NASL
    descriptionUpdated Apache httpd packages that correct three security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular and freely-available Web server. A memory leak in the worker MPM could allow remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections. The Common Vulnerabilities and Exposures project assigned the name CVE-2005-2970 to this issue. This vulnerability only affects users who are using the non-default worker MPM. A flaw in mod_imap when using the Referer directive with image maps was discovered. With certain site configurations, a remote attacker could perform a cross-site scripting attack if a victim can be forced to visit a malicious URL using certain web browsers. (CVE-2005-3352) A NULL pointer dereference flaw in mod_ssl was discovered affecting server configurations where an SSL virtual host is configured with access control and a custom 400 error document. A remote attacker could send a carefully crafted request to trigger this issue which would lead to a crash. This crash would only be a denial of service if using the non-default worker MPM. (CVE-2005-3357) Users of httpd should update to these erratum packages which contain backported patches to correct these issues along with some additional bugs.
    last seen2020-06-01
    modified2020-06-02
    plugin id21884
    published2006-07-03
    reporterThis script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/21884
    titleCentOS 3 / 4 : httpd (CESA-2006:0159)
  • NASL familyHP-UX Local Security Checks
    NASL idHPUX_PHSS_37141.NASL
    descriptions700_800 11.X OV NNM6.4x/ET2.0x Intermediate Patch 17 : The remote HP-UX host is affected by multiple vulnerabilities : - Potential vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM) running Apache. These vulnerabilities could be exploited remotely resulting in cross site scripting (XSS), Denial of Service (DoS), or execution of arbitrary code. (HPSBMA02328 SSRT071293) - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). This vulnerability could be exploited remotely by an unauthorized user to execute arbitrary code with the permissions of the NNM server. (HPSBMA02281 SSRT061261) - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM) running Shared Trace Service. The vulnerability could be remotely exploited to execute arbitrary code. (HPSBMA02242 SSRT061260) - A potential security vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). The vulnerability could be exploited remotely to create a Denial of Service (DoS). (HPSBMA02307 SSRT071420) - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). This vulnerability could by exploited remotely to allow cross site scripting (XSS). (HPSBMA02283 SSRT071319)
    last seen2020-06-01
    modified2020-06-02
    plugin id29200
    published2007-12-04
    reporterThis script is Copyright (C) 2007-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/29200
    titleHP-UX PHSS_37141 : s700_800 11.X OV NNM6.4x/ET2.0x Intermediate Patch 17
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200602-03.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200602-03 (Apache: Multiple vulnerabilities) Apache
    last seen2020-06-01
    modified2020-06-02
    plugin id20874
    published2006-02-10
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/20874
    titleGLSA-200602-03 : Apache: Multiple vulnerabilities

Oval

accepted2013-04-29T04:14:15.535-04:00
classvulnerability
contributors
  • nameAharon Chernin
    organizationSCAP.com, LLC
  • nameDragos Prisaca
    organizationG2, Inc.
definition_extensions
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 3
    ovaloval:org.mitre.oval:def:11782
  • commentCentOS Linux 3.x
    ovaloval:org.mitre.oval:def:16651
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 4
    ovaloval:org.mitre.oval:def:11831
  • commentCentOS Linux 4.x
    ovaloval:org.mitre.oval:def:16636
  • commentOracle Linux 4.x
    ovaloval:org.mitre.oval:def:15990
descriptionmod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer dereference.
familyunix
idoval:org.mitre.oval:def:11467
statusaccepted
submitted2010-07-09T03:56:16-04:00
titlemod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer dereference.
version26

Redhat

advisories
bugzilla
id175720
titleCVE-2005-3357 mod_ssl crash
oval
OR
  • commentRed Hat Enterprise Linux must be installed
    ovaloval:com.redhat.rhba:tst:20070304026
  • AND
    • commentRed Hat Enterprise Linux 4 is installed
      ovaloval:com.redhat.rhba:tst:20070304025
    • OR
      • AND
        • commenthttpd-suexec is earlier than 0:2.0.52-22.ent
          ovaloval:com.redhat.rhsa:tst:20060159001
        • commenthttpd-suexec is signed with Red Hat master key
          ovaloval:com.redhat.rhsa:tst:20060159002
      • AND
        • commenthttpd-manual is earlier than 0:2.0.52-22.ent
          ovaloval:com.redhat.rhsa:tst:20060159003
        • commenthttpd-manual is signed with Red Hat master key
          ovaloval:com.redhat.rhsa:tst:20060159004
      • AND
        • commenthttpd is earlier than 0:2.0.52-22.ent
          ovaloval:com.redhat.rhsa:tst:20060159005
        • commenthttpd is signed with Red Hat master key
          ovaloval:com.redhat.rhsa:tst:20060159006
      • AND
        • commenthttpd-devel is earlier than 0:2.0.52-22.ent
          ovaloval:com.redhat.rhsa:tst:20060159007
        • commenthttpd-devel is signed with Red Hat master key
          ovaloval:com.redhat.rhsa:tst:20060159008
      • AND
        • commentmod_ssl is earlier than 1:2.0.52-22.ent
          ovaloval:com.redhat.rhsa:tst:20060159009
        • commentmod_ssl is signed with Red Hat master key
          ovaloval:com.redhat.rhsa:tst:20060159010
rhsa
idRHSA-2006:0159
released2006-01-05
severityModerate
titleRHSA-2006:0159: httpd security update (Moderate)
rpms
  • httpd-0:2.0.46-56.ent
  • httpd-0:2.0.52-22.ent
  • httpd-debuginfo-0:2.0.46-56.ent
  • httpd-debuginfo-0:2.0.52-22.ent
  • httpd-devel-0:2.0.46-56.ent
  • httpd-devel-0:2.0.52-22.ent
  • httpd-manual-0:2.0.52-22.ent
  • httpd-suexec-0:2.0.52-22.ent
  • mod_ssl-1:2.0.46-56.ent
  • mod_ssl-1:2.0.52-22.ent

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 16152 CVE(CAN) ID: CVE-2005-3357 Mod_SSL是Apache服务器上的SSL实现,用来为Apache Web服务器提供加密支持。 在某些配置情况下Apache的Mod_SSL存在拒绝服务器,远程攻击者可能利用此漏洞导致Apache服务器的拒绝服务。 此拒绝服务漏洞是一个可能的空指针废弃问题引起的,当Apache被配置成支持对代码400错误可定制ErrorDocument时可触发此漏洞,远程攻击者可导致Apache进程或线程崩溃,持继性的攻击可以使Apache失去响应。 Apache Group Apache 2.x 临时解决方法: 如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁: * 不要为Apache配置成对代码400错误可定制ErrorDocument。 厂商补丁: RedHat ------ RedHat已经为此发布了一个安全公告(RHSA-2006:0159-01)以及相应补丁: RHSA-2006:0159-01:Moderate: httpd security update 链接:<a href=http://lwn.net/Alerts/166549/?format=printable target=_blank>http://lwn.net/Alerts/166549/?format=printable</a> 补丁下载: Red Hat Enterprise Linux AS version 3: SRPMS: <a href=ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/httpd... target=_blank>ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/httpd...</a> 5fb40d08b35daf0b9dca84bae2d807ad httpd-2.0.46-56.ent.src.rpm i386: 58472c7851877c10d75fc11acc987690 httpd-2.0.46-56.ent.i386.rpm 7c5a357dc808d626e84f0b811d875087 httpd-devel-2.0.46-56.ent.i386.rpm fd69217826949e34854440914919115d mod_ssl-2.0.46-56.ent.i386.rpm ia64: 9ba4fcecc7a987e0095cab3f3097573e httpd-2.0.46-56.ent.ia64.rpm eaaa9f395d525f97d864fa8fb7abf0b3 httpd-devel-2.0.46-56.ent.ia64.rpm 5c1958e1b3abe828ccc70ef6aed3bb64 mod_ssl-2.0.46-56.ent.ia64.rpm ppc: 463c75e6ea66006c222c769c133bc4a0 httpd-2.0.46-56.ent.ppc.rpm fbfa43b0915f7593b0b53b060ccaa5f8 httpd-devel-2.0.46-56.ent.ppc.rpm a9c64df8a73025eca98e931dd074b69a mod_ssl-2.0.46-56.ent.ppc.rpm s390: fe25eb28019d8d9a3a75b87eb60dbfe9 httpd-2.0.46-56.ent.s390.rpm 21a7aab2c525ea1f61528823f440c1ab httpd-devel-2.0.46-56.ent.s390.rpm 4bec0fb1ba74b43121cba95fcbc54430 mod_ssl-2.0.46-56.ent.s390.rpm s390x: 1f0093a5d44fa75ad8d5dff12f6a8f81 httpd-2.0.46-56.ent.s390x.rpm e005b654914be004d22d456c3f7cd9f1 httpd-devel-2.0.46-56.ent.s390x.rpm ed206f46043e55028a3a1ec63f516042 mod_ssl-2.0.46-56.ent.s390x.rpm x86_64: 19e480d4aaf0e54cd1e8beb741081e1c httpd-2.0.46-56.ent.x86_64.rpm 204c07d7e05a9d4b3292a5072d9c6f2a httpd-devel-2.0.46-56.ent.x86_64.rpm 770cc4db896225d99e1df93a589a02b4 mod_ssl-2.0.46-56.ent.x86_64.rpm Red Hat Desktop version 3: SRPMS: <a href=ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/... target=_blank>ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/...</a> 5fb40d08b35daf0b9dca84bae2d807ad httpd-2.0.46-56.ent.src.rpm i386: 58472c7851877c10d75fc11acc987690 httpd-2.0.46-56.ent.i386.rpm 7c5a357dc808d626e84f0b811d875087 httpd-devel-2.0.46-56.ent.i386.rpm fd69217826949e34854440914919115d mod_ssl-2.0.46-56.ent.i386.rpm x86_64: 19e480d4aaf0e54cd1e8beb741081e1c httpd-2.0.46-56.ent.x86_64.rpm 204c07d7e05a9d4b3292a5072d9c6f2a httpd-devel-2.0.46-56.ent.x86_64.rpm 770cc4db896225d99e1df93a589a02b4 mod_ssl-2.0.46-56.ent.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: <a href=ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/httpd... target=_blank>ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/httpd...</a> 5fb40d08b35daf0b9dca84bae2d807ad httpd-2.0.46-56.ent.src.rpm i386: 58472c7851877c10d75fc11acc987690 httpd-2.0.46-56.ent.i386.rpm 7c5a357dc808d626e84f0b811d875087 httpd-devel-2.0.46-56.ent.i386.rpm fd69217826949e34854440914919115d mod_ssl-2.0.46-56.ent.i386.rpm ia64: 9ba4fcecc7a987e0095cab3f3097573e httpd-2.0.46-56.ent.ia64.rpm eaaa9f395d525f97d864fa8fb7abf0b3 httpd-devel-2.0.46-56.ent.ia64.rpm 5c1958e1b3abe828ccc70ef6aed3bb64 mod_ssl-2.0.46-56.ent.ia64.rpm x86_64: 19e480d4aaf0e54cd1e8beb741081e1c httpd-2.0.46-56.ent.x86_64.rpm 204c07d7e05a9d4b3292a5072d9c6f2a httpd-devel-2.0.46-56.ent.x86_64.rpm 770cc4db896225d99e1df93a589a02b4 mod_ssl-2.0.46-56.ent.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: <a href=ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/httpd... target=_blank>ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/httpd...</a> 5fb40d08b35daf0b9dca84bae2d807ad httpd-2.0.46-56.ent.src.rpm i386: 58472c7851877c10d75fc11acc987690 httpd-2.0.46-56.ent.i386.rpm 7c5a357dc808d626e84f0b811d875087 httpd-devel-2.0.46-56.ent.i386.rpm fd69217826949e34854440914919115d mod_ssl-2.0.46-56.ent.i386.rpm ia64: 9ba4fcecc7a987e0095cab3f3097573e httpd-2.0.46-56.ent.ia64.rpm eaaa9f395d525f97d864fa8fb7abf0b3 httpd-devel-2.0.46-56.ent.ia64.rpm 5c1958e1b3abe828ccc70ef6aed3bb64 mod_ssl-2.0.46-56.ent.ia64.rpm x86_64: 19e480d4aaf0e54cd1e8beb741081e1c httpd-2.0.46-56.ent.x86_64.rpm 204c07d7e05a9d4b3292a5072d9c6f2a httpd-devel-2.0.46-56.ent.x86_64.rpm 770cc4db896225d99e1df93a589a02b4 mod_ssl-2.0.46-56.ent.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: <a href=ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/httpd... target=_blank>ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/httpd...</a> 1758c0d1f6326b2f8d77885a351872a1 httpd-2.0.52-22.ent.src.rpm i386: 64b2b544496645ed16ce4e7415b358b0 httpd-2.0.52-22.ent.i386.rpm 7191377bec8fdd54c327830b05f74e7e httpd-devel-2.0.52-22.ent.i386.rpm 5b69c82ad64cee1b4c46e9f814e88286 httpd-manual-2.0.52-22.ent.i386.rpm 4cde89fc87b21feff51d54098fe4ed83 httpd-suexec-2.0.52-22.ent.i386.rpm 97f4a87d758c4b84def3abf53e6293cc mod_ssl-2.0.52-22.ent.i386.rpm ia64: c7522babbf9b3a24f8c3bfaff8e2e10f httpd-2.0.52-22.ent.ia64.rpm 10a317c00ae0e59b4f3071870f6d939a httpd-devel-2.0.52-22.ent.ia64.rpm adaf0ba8b49ee0ceb3469e1b5f67c339 httpd-manual-2.0.52-22.ent.ia64.rpm 38dec291e729a7e69bdc9ba25cfca5be httpd-suexec-2.0.52-22.ent.ia64.rpm fa92eddcfe59311085ed2c0c7675380b mod_ssl-2.0.52-22.ent.ia64.rpm ppc: 1fef1c2e4c3e8796c8d29f1a8b4288f2 httpd-2.0.52-22.ent.ppc.rpm 756f217a147ae442b5b60612c42a6e80 httpd-devel-2.0.52-22.ent.ppc.rpm d8f0dd7e832cad4efa48333ed1d649af httpd-manual-2.0.52-22.ent.ppc.rpm 3a466a4bceadf2fcc1994206481062a6 httpd-suexec-2.0.52-22.ent.ppc.rpm a293bf05ecae2c4b192d5ec3dfcbb98d mod_ssl-2.0.52-22.ent.ppc.rpm s390: c9aee197a528745c6c8590f7605b1643 httpd-2.0.52-22.ent.s390.rpm 9f8f303a60b8b52a5a1c4be911df9212 httpd-devel-2.0.52-22.ent.s390.rpm f3107dc3d74f773f21854fc94e2eca2d httpd-manual-2.0.52-22.ent.s390.rpm 4f3d8737a2656298e7b2b867b0f35d2a httpd-suexec-2.0.52-22.ent.s390.rpm e78eb4e3946b778fcd3a8fd650c1cc02 mod_ssl-2.0.52-22.ent.s390.rpm s390x: c175a4c5c89597afd57932e6e08f5755 httpd-2.0.52-22.ent.s390x.rpm f894f7f71f4ab719d09812bb794f37df httpd-devel-2.0.52-22.ent.s390x.rpm da94d5e68605db9f5c4c801e853e60ad httpd-manual-2.0.52-22.ent.s390x.rpm 350bbc702110c42e1cf95787168d63b1 httpd-suexec-2.0.52-22.ent.s390x.rpm 321b95391c4d73b76fb632db96fec976 mod_ssl-2.0.52-22.ent.s390x.rpm x86_64: e0c7651c64d7ba3c4c1e6e5b0296295c httpd-2.0.52-22.ent.x86_64.rpm 95f9a419ba8d943c5a99fc750fc82176 httpd-devel-2.0.52-22.ent.x86_64.rpm f72c3a86cae6f4a2716e27d1e315797c httpd-manual-2.0.52-22.ent.x86_64.rpm dbbd0863f64a60bba95c0bd2164e4d17 httpd-suexec-2.0.52-22.ent.x86_64.rpm 8ee3ac6dff631ffc1d2b645582b35cfb mod_ssl-2.0.52-22.ent.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: <a href=ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/... target=_blank>ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/...</a> 1758c0d1f6326b2f8d77885a351872a1 httpd-2.0.52-22.ent.src.rpm i386: 64b2b544496645ed16ce4e7415b358b0 httpd-2.0.52-22.ent.i386.rpm 7191377bec8fdd54c327830b05f74e7e httpd-devel-2.0.52-22.ent.i386.rpm 5b69c82ad64cee1b4c46e9f814e88286 httpd-manual-2.0.52-22.ent.i386.rpm 4cde89fc87b21feff51d54098fe4ed83 httpd-suexec-2.0.52-22.ent.i386.rpm 97f4a87d758c4b84def3abf53e6293cc mod_ssl-2.0.52-22.ent.i386.rpm x86_64: e0c7651c64d7ba3c4c1e6e5b0296295c httpd-2.0.52-22.ent.x86_64.rpm 95f9a419ba8d943c5a99fc750fc82176 httpd-devel-2.0.52-22.ent.x86_64.rpm f72c3a86cae6f4a2716e27d1e315797c httpd-manual-2.0.52-22.ent.x86_64.rpm dbbd0863f64a60bba95c0bd2164e4d17 httpd-suexec-2.0.52-22.ent.x86_64.rpm 8ee3ac6dff631ffc1d2b645582b35cfb mod_ssl-2.0.52-22. 可使用下列命令安装补丁: rpm -Fvh [文件名]
idSSV:4227
last seen2017-11-19
modified2006-08-17
published2006-08-17
reporterRoot
titleApache Mod_SSL可定制错误文档拒绝服务漏洞

Statements

contributorMark J Cox
lastmodified2008-07-02
organizationApache
statementFixed in Apache HTTP Server 2.2.2 and 2.0.58 http://httpd.apache.org/security/vulnerabilities_22.html http://httpd.apache.org/security/vulnerabilities_20.html

References