Red Hat warns of problem in Apache

By Michael S. Mimoso, Senior News Editor 15 Jan 2004 | SearchOpenSource.com

Digg This!     StumbleUpon     Del.icio.us

SuSE warns of tcpdump flaw Not to be outdone by Red Hat, SuSE Linux AG, the second-leading Linux distributor behind Red Hat Inc., released a security alert for SuSE Linux 8.0, 8.1, 8.2 and 9.0. A remote denial-of-service vulnerability was discovered in tcpdump, a tool that analyzes network traffic. The flaw occurs in the way tcpdump handles ISAKMP messages. An attacker could crash a tcpdump session with a malformed ISAKMP message, causing it to enter an endless loop, SuSE said. Administrators are advised to upgrade their systems.

Red Hat Inc. on Wednesday issued four security alerts that include fixes for problems in Apache, elm, cvs and the KDE desktop environment.

These components are bundled with several Red Hat products, including Red Hat Enterprise Linux 3, Red Hat Linux Advanced Server and Workstation software.

None of the alerts were labeled critical by the Raleigh, N.C.-based Linux distributor, but administrators are advised to apply the appropriate updates.

Apache

Red Hat released updated httpd packages that plug a security hole for the Apache Web server in Red Hat Enterprise Linux 3, Advanced Server, Enterprise Server and Workstation.

The vulnerability was found in the way the Apache HTTP Server (versions prior to 2.0.48) handle regular expressions from configuration files. Attackers writing Apache configuration files like .htaccess or httpd.conf could cause a buffer overflow that would allow for the execution of code.

elm

Red Hat is also reporting a buffer overflow in the elm terminal mode e-mail user agent in Red Hat Enterprise Linux AS 2.1 for i386 and Itanium, and in Red Hat Linux Advanced Workstation 2.1 for Itanium.

The overflow occurs in the frm command, which gives administrators a summary of the sender and subject lines in a mailbox or folder. An attacker could use a long subject line so that when the frm command is run, code is executed.

cvs

Concurrent versions systems (cvs) contains a security hole that could allow the creation of files and directories in the root file system in Red Hat Enterprise Linux AS 2.1; Red Hat Linux Advanced WS 2.1; Red Hat Enterprise Linux ES 2.1; Red Hat Enterprise Linux WS 2.1; and Red Hat Enterprise Linux version 3 AS, ES and WS.

Cvs manages source code repositories. The problem was found in versions prior to 1.11.10. Attackers using a malformed module request could create files and directories in the root file system.

Red Hat notes that the cvs fix also takes care of an off-by-one overflow in cvs PreservePermissions code in Red Hat Enterprise Linux 2.1. This feature is not turned on by default and can only be used for local cvs.

KDE

A local buffer overflow vulnerability was found in KDE Personal Information Management suite in Red Hat Enterprise Linux 3 AS, ES and WS.

KDEpim organizes mail, tasks, appointments and contacts. A buffer overflow exists in the file information reader of the VCF files. An attacker could manipulate a VCF file so that when it is opened, code will be executed.

Tags: Security,  Networking,  The Apache center,  Linux Web and application servers,  Apache development,  Performance management,  Web servers (except Apache),  Updates and patches,  Tips and tricks,  Apache basics,  Apache,  Administration and management,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us