lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
From: security at sco.com (security@....com)
Subject: OpenServer 5.0.7 OpenServer 5.0.6 OpenServer 5.0.5 : Various Apache security fixes

To: announce@...ts.caldera.com bugtraq@...urityfocus.com full-disclosure@...ts.netsys.com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


______________________________________________________________________________

			SCO Security Advisory

Subject:		OpenServer 5.0.7 OpenServer 5.0.6 OpenServer 5.0.5 : Various Apache security fixes
Advisory number: 	CSSA-2003-SCO.28
Issue date: 		2003 November 06
Cross reference: 	sr875660 fz527514 erg712258 sr886043 fz528422 erg712464 sr886994 fz528484 erg712486 sr886997 fz528487 erg712489 sr879164 fz527929 erg712354 CAN-2003-0192 CAN-2003-0542 CAN-2002-1396 CAN-2003-0166 CAN-2003-0442
______________________________________________________________________________


1. Problem Description

The issues are:

	CAN-2003-0192 Apache 2 before 2.0.47, and certain versions of mod_ssl 
	for  Apache 1.3, do not properly handle "certain sequences of per-
	directory renegotiations and the SSLCipherSuite directive being used to 
	upgrade from a  weak ciphersuite to a strong one," which could cause 
	Apache to use the weak ciphersuite.

	CAN-2003-0542 Apache 2.0.48 addresses two security vulnerabilities, one
	of which is a buffer overflow in mod_alias and mod_rewrite.  A buffer 
	overflow could occur in mod_alias and mod_rewrite when a regular 
	expression with more than 9 captures is configured. 

	CAN-2002-1396 Heap-based buffer overflow in the wordwrap function in PHP
	after 4.1.2 and before 4.3.0 may allow attackers to cause a denial of 
	service or execute arbitrary code.

	CAN-2003-0166 Integer signedness error in emalloc() function for PHP 
	before 4.3.2 allow remote attackers to cause a denial of service (memory
	consumption) and possibly execute arbitrary code via negative arguments
	to functions such as (1) socket_recv, (2) socket_recvfrom, and possibly 
	other functions. 

	CAN-2003-0442 Cross-site scripting(XSS) vulnerability in the transparent
	SID support capability for PHP before 4.3.2 (session.use_trans_sid) 
	allows remote attackers to insert arbitrary script via the PHPSESSID 
	parameter. 


2. Vulnerable Supported Versions

	System				Binaries
	----------------------------------------------------------------------
	OpenServer 5.0.7 		Apache distribution
	OpenServer 5.0.6 		Apache distribution
	OpenServer 5.0.5 		Apache distribution

3. Solution

	The proper solution is to install the latest packages.


4. OpenServer 5.0.7

	4.1 First install Maintenance Pack 1	

	ftp://ftp.sco.com/pub/openserver5/507/osr507mp/
	
	4.2 Next install the new gwxlibs-1.3.2Ag

	ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.29

	4.3 Next install the new perl-5.8.1Ab

	ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.30

	4.4 Location of Fixed Binaries

	ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.28


	4.5 Verification

	MD5 (VOL.000.000) = 7f1991a2e20b51f0482a88a3d9cfd199
	MD5 (VOL.000.001) = 046230a639d155e8e977d68d3aa9bfd7
	MD5 (VOL.000.002) = 4813b72228a7796608a27835eafefbf7
	MD5 (VOL.000.003) = 2fd98496393cdae1ad726d9534b5ff4e
	MD5 (VOL.000.004) = c5043af48ab75e70bdf2b836ef0a8195
	MD5 (VOL.000.005) = d1f627721494b2dcf50f4b90acb7d52a
	MD5 (VOL.000.006) = 57ee69d863d14a93b1afa7c3bc81f901
	MD5 (VOL.000.007) = 2066d39463d5d085706e1d1e6388a76a
	MD5 (VOL.000.008) = 77549fb84fac4040d113867f4ee9725b

	md5 is available for download from
		ftp://ftp.sco.com/pub/security/tools


	4.6 Installing Fixed Binaries

	Upgrade the affected binaries with the following sequence:

	1) Download the VOL* files to the /tmp directory

	2) Run the custom command, specify an install from media
	images, and specify the /tmp directory as the location of
	the images.


5. OpenServer 5.0.6 / OpenServer 5.0.5

	5.1 First install OSS646B - Execution Environment Supplement

	ftp://ftp.sco.com/pub/openserver5/oss646b

	5.2 Next install the new gwxlibs-1.3.2Ag

	ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.29

	5.3 Next install the new perl-5.8.1Ab
	
	ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.30

	5.4 Location of Fixed Binaries

	ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.28

	5.5 Verification

	MD5 (VOL.000.000) = 7f1991a2e20b51f0482a88a3d9cfd199
	MD5 (VOL.000.001) = 046230a639d155e8e977d68d3aa9bfd7
	MD5 (VOL.000.002) = 4813b72228a7796608a27835eafefbf7
	MD5 (VOL.000.003) = 2fd98496393cdae1ad726d9534b5ff4e
	MD5 (VOL.000.004) = c5043af48ab75e70bdf2b836ef0a8195
	MD5 (VOL.000.005) = d1f627721494b2dcf50f4b90acb7d52a
	MD5 (VOL.000.006) = 57ee69d863d14a93b1afa7c3bc81f901
	MD5 (VOL.000.007) = 2066d39463d5d085706e1d1e6388a76a
	MD5 (VOL.000.008) = 77549fb84fac4040d113867f4ee9725b

	md5 is available for download from
		ftp://ftp.sco.com/pub/security/tools


	5.6 Installing Fixed Binaries

	Upgrade the affected binaries with the following sequence:

	1) Download the VOL* files to the /tmp directory

	2) Run the custom command, specify an install from media
	images, and specify the /tmp directory as the location of
	the images.

6. References

	Specific references for this advisory:
		http://www.apache.org/dist/httpd/Announcement2.html 
		http://www.securityfocus.com/archive/1/342674
		http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0192
		http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0542
		http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396
		http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0166
		http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0442

	SCO security resources:
		http://www.sco.com/support/security/index.html

	This security fix closes SCO incidents sr875660 fz527514 erg712258 sr886043 fz528422 erg712464 sr886994 fz528484 erg712486 sr886997 fz528487 erg712489 sr879164 fz527929 erg712354.


7. Disclaimer

	SCO is not responsible for the misuse of any of the information
	we provide on this website and/or through our security
	advisories. Our advisories are a service to our customers
	intended to promote secure installation and use of SCO
	products.

______________________________________________________________________________

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (SCO/UNIX_SVR5)

iD8DBQE/qv/AaqoBO7ipriERAoMjAJ0eve/LJKnOKjek9TsS/OZQ4BJwyACcDN9V
v18c+3vKdYBaOb9Xe9/WgjA=
=MgSi
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists