Skip to navigation

Security Advisory Moderate: httpd security update

Advisory: RHSA-2009:1579-1
Type: Security Advisory
Severity: Moderate
Issued on: 2009-11-11
Last updated on: 2009-11-11
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Desktop (v. 3)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux EUS (v. 5.4.z server)
Red Hat Enterprise Linux WS (v. 3)
CVEs (cve.mitre.org): CVE-2009-3094
CVE-2009-3095
CVE-2009-3555

Details

Updated httpd packages that fix multiple security issues are now available
for Red Hat Enterprise Linux 3 and 5.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

The Apache HTTP Server is a popular Web server.

A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure
Sockets Layer) protocols handle session renegotiation. A man-in-the-middle
attacker could use this flaw to prefix arbitrary plain text to a client's
session (for example, an HTTPS connection to a website). This could force
the server to process an attacker's request as if authenticated using the
victim's credentials. This update partially mitigates this flaw for SSL
sessions to HTTP servers using mod_ssl by rejecting client-requested
renegotiation. (CVE-2009-3555)

Note: This update does not fully resolve the issue for HTTPS servers. An
attack is still possible in configurations that require a server-initiated
renegotiation. Refer to the following Knowledgebase article for further
information: http://kbase.redhat.com/faq/docs/DOC-20491

A NULL pointer dereference flaw was found in the Apache mod_proxy_ftp
module. A malicious FTP server to which requests are being proxied could
use this flaw to crash an httpd child process via a malformed reply to the
EPSV or PASV commands, resulting in a limited denial of service.
(CVE-2009-3094)

A second flaw was found in the Apache mod_proxy_ftp module. In a reverse
proxy configuration, a remote attacker could use this flaw to bypass
intended access restrictions by creating a carefully-crafted HTTP
Authorization header, allowing the attacker to send arbitrary commands to
the FTP server. (CVE-2009-3095)

All httpd users should upgrade to these updated packages, which contain
backported patches to correct these issues. After installing the updated
packages, the httpd daemon must be restarted for the update to take effect.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

RHEL Desktop Workstation (v. 5 client)

SRPMS:
httpd-2.2.3-31.el5_4.2.src.rpm
File outdated by:  RHSA-2014:0369
    MD5: 1bb2a9d5d85f2c9ba69223b422dbff62
 
IA-32:
httpd-devel-2.2.3-31.el5_4.2.i386.rpm
File outdated by:  RHSA-2014:0369
    MD5: d147a48d0d74b309b22637dee20ed14d
httpd-manual-2.2.3-31.el5_4.2.i386.rpm
File outdated by:  RHSA-2014:0369
    MD5: 23fb82e4181a2006cc79e5e0d6f36903
 
x86_64:
httpd-devel-2.2.3-31.el5_4.2.i386.rpm
File outdated by:  RHSA-2014:0369
    MD5: d147a48d0d74b309b22637dee20ed14d
httpd-devel-2.2.3-31.el5_4.2.x86_64.rpm
File outdated by:  RHSA-2014:0369
    MD5: 5db2065547c073f5022bb79718fe7e35
httpd-manual-2.2.3-31.el5_4.2.x86_64.rpm
File outdated by:  RHSA-2014:0369
    MD5: 048f7cb4cb681ae234f08cc52ed433f8
 
Red Hat Desktop (v. 3)

IA-32:
httpd-2.0.46-77.ent.i386.rpm     MD5: 9279b63ddb5f44958f8ae1899faf1961
httpd-devel-2.0.46-77.ent.i386.rpm     MD5: eecab520055cabaa5c2b0871f4d2e742
mod_ssl-2.0.46-77.ent.i386.rpm     MD5: 7cb2712f5c931fa9f8c28fd821809a63
 
x86_64:
httpd-2.0.46-77.ent.x86_64.rpm     MD5: 75380b52330f6ab5ad0901fcbd0e9f25
httpd-devel-2.0.46-77.ent.x86_64.rpm     MD5: a33f7fb4f57a09e65d7222ca6b6ff2b9
mod_ssl-2.0.46-77.ent.x86_64.rpm     MD5: 4578f98488e8af72a29a8b1d98f39553
 
Red Hat Enterprise Linux (v. 5 server)

SRPMS:
httpd-2.2.3-31.el5_4.2.src.rpm
File outdated by:  RHSA-2014:0369
    MD5: 1bb2a9d5d85f2c9ba69223b422dbff62
 
IA-32:
httpd-2.2.3-31.el5_4.2.i386.rpm
File outdated by:  RHSA-2014:0369
    MD5: 826e5ae56841a25821ce9c3091ae10fa
httpd-devel-2.2.3-31.el5_4.2.i386.rpm
File outdated by:  RHSA-2014:0369
    MD5: d147a48d0d74b309b22637dee20ed14d
httpd-manual-2.2.3-31.el5_4.2.i386.rpm
File outdated by:  RHSA-2014:0369
    MD5: 23fb82e4181a2006cc79e5e0d6f36903
mod_ssl-2.2.3-31.el5_4.2.i386.rpm
File outdated by:  RHSA-2014:0369
    MD5: 37ecbfdd18e9cf7a9da9c6285e1a5a9f
 
IA-64:
httpd-2.2.3-31.el5_4.2.ia64.rpm
File outdated by:  RHSA-2014:0369
    MD5: f619e17756dd123668b8a75048593732
httpd-devel-2.2.3-31.el5_4.2.ia64.rpm
File outdated by:  RHSA-2014:0369
    MD5: ab70a4b9727a27127a124910a8243967
httpd-manual-2.2.3-31.el5_4.2.ia64.rpm
File outdated by:  RHSA-2014:0369
    MD5: cf524fedf1e1a98529f22f0903b916ee
mod_ssl-2.2.3-31.el5_4.2.ia64.rpm
File outdated by:  RHSA-2014:0369
    MD5: 75bf8050a6a9522b8dd630871e671344
 
PPC:
httpd-2.2.3-31.el5_4.2.ppc.rpm
File outdated by:  RHSA-2014:0369
    MD5: 05c05ca87d1512bd738997b82ccd42e5
httpd-devel-2.2.3-31.el5_4.2.ppc.rpm
File outdated by:  RHSA-2014:0369
    MD5: 012cfb2d463a61a5049173fbdb041a7f
httpd-devel-2.2.3-31.el5_4.2.ppc64.rpm
File outdated by:  RHSA-2014:0369
    MD5: 39636dfa7bad1c6ea4cc766a5f3c7906
httpd-manual-2.2.3-31.el5_4.2.ppc.rpm
File outdated by:  RHSA-2014:0369
    MD5: 2b58c9e8a3797675030edab5866a8f6b
mod_ssl-2.2.3-31.el5_4.2.ppc.rpm
File outdated by:  RHSA-2014:0369
    MD5: d4e293c77b7f4b5048cdb658987f6a45
 
s390x:
httpd-2.2.3-31.el5_4.2.s390x.rpm
File outdated by:  RHSA-2014:0369
    MD5: d06aba5a3fd23962686527ad0e3a5932
httpd-devel-2.2.3-31.el5_4.2.s390.rpm
File outdated by:  RHSA-2014:0369
    MD5: 78dcfb13d87a14f5ef6f221fe6a6a23b
httpd-devel-2.2.3-31.el5_4.2.s390x.rpm
File outdated by:  RHSA-2014:0369
    MD5: 2f81a31f334cf765f9f64366931f94ec
httpd-manual-2.2.3-31.el5_4.2.s390x.rpm
File outdated by:  RHSA-2014:0369
    MD5: fb624bd0da23ef6ff64a888a7eb7465d
mod_ssl-2.2.3-31.el5_4.2.s390x.rpm
File outdated by:  RHSA-2014:0369
    MD5: 8d83c17f02b17125f0d27a6b05776626
 
x86_64:
httpd-2.2.3-31.el5_4.2.x86_64.rpm
File outdated by:  RHSA-2014:0369
    MD5: b9fc28155d9d7848db7c8b8b2c9b64dd
httpd-devel-2.2.3-31.el5_4.2.i386.rpm
File outdated by:  RHSA-2014:0369
    MD5: d147a48d0d74b309b22637dee20ed14d
httpd-devel-2.2.3-31.el5_4.2.x86_64.rpm
File outdated by:  RHSA-2014:0369
    MD5: 5db2065547c073f5022bb79718fe7e35
httpd-manual-2.2.3-31.el5_4.2.x86_64.rpm
File outdated by:  RHSA-2014:0369
    MD5: 048f7cb4cb681ae234f08cc52ed433f8
mod_ssl-2.2.3-31.el5_4.2.x86_64.rpm
File outdated by:  RHSA-2014:0369
    MD5: d58a4634d92bc2eaf82ada99a5865573
 
Red Hat Enterprise Linux AS (v. 3)

IA-32:
httpd-2.0.46-77.ent.i386.rpm     MD5: 9279b63ddb5f44958f8ae1899faf1961
httpd-devel-2.0.46-77.ent.i386.rpm     MD5: eecab520055cabaa5c2b0871f4d2e742
mod_ssl-2.0.46-77.ent.i386.rpm     MD5: 7cb2712f5c931fa9f8c28fd821809a63
 
IA-64:
httpd-2.0.46-77.ent.ia64.rpm     MD5: 8c8dc1b1b925e6a0cd63e2df53926bc3
httpd-devel-2.0.46-77.ent.ia64.rpm     MD5: 114c94b809fb706b84f5ed987a0c6ba2
mod_ssl-2.0.46-77.ent.ia64.rpm     MD5: 43aa9447714587db8a453939e08968f9
 
PPC:
httpd-2.0.46-77.ent.ppc.rpm     MD5: b8d83598cf71f0e0eacb26c0c48ca99d
httpd-devel-2.0.46-77.ent.ppc.rpm     MD5: f04037aca12ec61155d906f2c2f786b0
mod_ssl-2.0.46-77.ent.ppc.rpm     MD5: fe86421d7f84a8efa48499605c065340
 
s390:
httpd-2.0.46-77.ent.s390.rpm     MD5: a40bad1679cda12103fd4626bc3394ca
httpd-devel-2.0.46-77.ent.s390.rpm     MD5: e65b11a5118a84f9611c503eade0cb7d
mod_ssl-2.0.46-77.ent.s390.rpm     MD5: 60fa200a0cec35d50bebe8704feae80b
 
s390x:
httpd-2.0.46-77.ent.s390x.rpm     MD5: ced3250b01b17f5abda73f690942937f
httpd-devel-2.0.46-77.ent.s390x.rpm     MD5: 015e54c1afdbf8917bf26f24db834bc9
mod_ssl-2.0.46-77.ent.s390x.rpm     MD5: a94a8a0ecd090eee1bad5fe396110260
 
x86_64:
httpd-2.0.46-77.ent.x86_64.rpm     MD5: 75380b52330f6ab5ad0901fcbd0e9f25
httpd-devel-2.0.46-77.ent.x86_64.rpm     MD5: a33f7fb4f57a09e65d7222ca6b6ff2b9
mod_ssl-2.0.46-77.ent.x86_64.rpm     MD5: 4578f98488e8af72a29a8b1d98f39553
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
httpd-2.2.3-31.el5_4.2.src.rpm
File outdated by:  RHSA-2014:0369
    MD5: 1bb2a9d5d85f2c9ba69223b422dbff62
 
IA-32:
httpd-2.2.3-31.el5_4.2.i386.rpm
File outdated by:  RHSA-2014:0369
    MD5: 826e5ae56841a25821ce9c3091ae10fa
mod_ssl-2.2.3-31.el5_4.2.i386.rpm
File outdated by:  RHSA-2014:0369
    MD5: 37ecbfdd18e9cf7a9da9c6285e1a5a9f
 
x86_64:
httpd-2.2.3-31.el5_4.2.x86_64.rpm
File outdated by:  RHSA-2014:0369
    MD5: b9fc28155d9d7848db7c8b8b2c9b64dd
mod_ssl-2.2.3-31.el5_4.2.x86_64.rpm
File outdated by:  RHSA-2014:0369
    MD5: d58a4634d92bc2eaf82ada99a5865573
 
Red Hat Enterprise Linux ES (v. 3)

IA-32:
httpd-2.0.46-77.ent.i386.rpm     MD5: 9279b63ddb5f44958f8ae1899faf1961
httpd-devel-2.0.46-77.ent.i386.rpm     MD5: eecab520055cabaa5c2b0871f4d2e742
mod_ssl-2.0.46-77.ent.i386.rpm     MD5: 7cb2712f5c931fa9f8c28fd821809a63
 
IA-64:
httpd-2.0.46-77.ent.ia64.rpm     MD5: 8c8dc1b1b925e6a0cd63e2df53926bc3
httpd-devel-2.0.46-77.ent.ia64.rpm     MD5: 114c94b809fb706b84f5ed987a0c6ba2
mod_ssl-2.0.46-77.ent.ia64.rpm     MD5: 43aa9447714587db8a453939e08968f9
 
x86_64:
httpd-2.0.46-77.ent.x86_64.rpm     MD5: 75380b52330f6ab5ad0901fcbd0e9f25
httpd-devel-2.0.46-77.ent.x86_64.rpm     MD5: a33f7fb4f57a09e65d7222ca6b6ff2b9
mod_ssl-2.0.46-77.ent.x86_64.rpm     MD5: 4578f98488e8af72a29a8b1d98f39553
 
Red Hat Enterprise Linux EUS (v. 5.4.z server)

SRPMS:
httpd-2.2.3-31.el5_4.2.src.rpm
File outdated by:  RHSA-2014:0369
    MD5: 1bb2a9d5d85f2c9ba69223b422dbff62
 
IA-32:
httpd-2.2.3-31.el5_4.2.i386.rpm
File outdated by:  RHSA-2010:0168
    MD5: 826e5ae56841a25821ce9c3091ae10fa
httpd-devel-2.2.3-31.el5_4.2.i386.rpm
File outdated by:  RHSA-2010:0168
    MD5: d147a48d0d74b309b22637dee20ed14d
httpd-manual-2.2.3-31.el5_4.2.i386.rpm
File outdated by:  RHSA-2010:0168
    MD5: 23fb82e4181a2006cc79e5e0d6f36903
mod_ssl-2.2.3-31.el5_4.2.i386.rpm
File outdated by:  RHSA-2010:0168
    MD5: 37ecbfdd18e9cf7a9da9c6285e1a5a9f
 
IA-64:
httpd-2.2.3-31.el5_4.2.ia64.rpm
File outdated by:  RHSA-2010:0168
    MD5: f619e17756dd123668b8a75048593732
httpd-devel-2.2.3-31.el5_4.2.ia64.rpm
File outdated by:  RHSA-2010:0168
    MD5: ab70a4b9727a27127a124910a8243967
httpd-manual-2.2.3-31.el5_4.2.ia64.rpm
File outdated by:  RHSA-2010:0168
    MD5: cf524fedf1e1a98529f22f0903b916ee
mod_ssl-2.2.3-31.el5_4.2.ia64.rpm
File outdated by:  RHSA-2010:0168
    MD5: 75bf8050a6a9522b8dd630871e671344
 
PPC:
httpd-2.2.3-31.el5_4.2.ppc.rpm
File outdated by:  RHSA-2010:0168
    MD5: 05c05ca87d1512bd738997b82ccd42e5
httpd-devel-2.2.3-31.el5_4.2.ppc.rpm
File outdated by:  RHSA-2010:0168
    MD5: 012cfb2d463a61a5049173fbdb041a7f
httpd-devel-2.2.3-31.el5_4.2.ppc64.rpm
File outdated by:  RHSA-2010:0168
    MD5: 39636dfa7bad1c6ea4cc766a5f3c7906
httpd-manual-2.2.3-31.el5_4.2.ppc.rpm
File outdated by:  RHSA-2010:0168
    MD5: 2b58c9e8a3797675030edab5866a8f6b
mod_ssl-2.2.3-31.el5_4.2.ppc.rpm
File outdated by:  RHSA-2010:0168
    MD5: d4e293c77b7f4b5048cdb658987f6a45
 
s390x:
httpd-2.2.3-31.el5_4.2.s390x.rpm
File outdated by:  RHSA-2010:0168
    MD5: d06aba5a3fd23962686527ad0e3a5932
httpd-devel-2.2.3-31.el5_4.2.s390.rpm
File outdated by:  RHSA-2010:0168
    MD5: 78dcfb13d87a14f5ef6f221fe6a6a23b
httpd-devel-2.2.3-31.el5_4.2.s390x.rpm
File outdated by:  RHSA-2010:0168
    MD5: 2f81a31f334cf765f9f64366931f94ec
httpd-manual-2.2.3-31.el5_4.2.s390x.rpm
File outdated by:  RHSA-2010:0168
    MD5: fb624bd0da23ef6ff64a888a7eb7465d
mod_ssl-2.2.3-31.el5_4.2.s390x.rpm
File outdated by:  RHSA-2010:0168
    MD5: 8d83c17f02b17125f0d27a6b05776626
 
x86_64:
httpd-2.2.3-31.el5_4.2.x86_64.rpm
File outdated by:  RHSA-2010:0168
    MD5: b9fc28155d9d7848db7c8b8b2c9b64dd
httpd-devel-2.2.3-31.el5_4.2.i386.rpm
File outdated by:  RHSA-2010:0168
    MD5: d147a48d0d74b309b22637dee20ed14d
httpd-devel-2.2.3-31.el5_4.2.x86_64.rpm
File outdated by:  RHSA-2010:0168
    MD5: 5db2065547c073f5022bb79718fe7e35
httpd-manual-2.2.3-31.el5_4.2.x86_64.rpm
File outdated by:  RHSA-2010:0168
    MD5: 048f7cb4cb681ae234f08cc52ed433f8
mod_ssl-2.2.3-31.el5_4.2.x86_64.rpm
File outdated by:  RHSA-2010:0168
    MD5: d58a4634d92bc2eaf82ada99a5865573
 
Red Hat Enterprise Linux WS (v. 3)

IA-32:
httpd-2.0.46-77.ent.i386.rpm     MD5: 9279b63ddb5f44958f8ae1899faf1961
httpd-devel-2.0.46-77.ent.i386.rpm     MD5: eecab520055cabaa5c2b0871f4d2e742
mod_ssl-2.0.46-77.ent.i386.rpm     MD5: 7cb2712f5c931fa9f8c28fd821809a63
 
IA-64:
httpd-2.0.46-77.ent.ia64.rpm     MD5: 8c8dc1b1b925e6a0cd63e2df53926bc3
httpd-devel-2.0.46-77.ent.ia64.rpm     MD5: 114c94b809fb706b84f5ed987a0c6ba2
mod_ssl-2.0.46-77.ent.ia64.rpm     MD5: 43aa9447714587db8a453939e08968f9
 
x86_64:
httpd-2.0.46-77.ent.x86_64.rpm     MD5: 75380b52330f6ab5ad0901fcbd0e9f25
httpd-devel-2.0.46-77.ent.x86_64.rpm     MD5: a33f7fb4f57a09e65d7222ca6b6ff2b9
mod_ssl-2.0.46-77.ent.x86_64.rpm     MD5: 4578f98488e8af72a29a8b1d98f39553
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

521619 - CVE-2009-3094 httpd: NULL pointer defer in mod_proxy_ftp caused by crafted EPSV and PASV reply
522209 - CVE-2009-3095 httpd: mod_proxy_ftp FTP command injection via Authorization HTTP header
533125 - CVE-2009-3555 TLS: MITM attacks via session renegotiation


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/