` 

---------------------------------------------------------------------
                   Red Hat, Inc. Red Hat Security Advisory

Synopsis:          Updated secureweb packages available
Advisory ID:       RHSA-2002:042-12
Issue date:        2002-03-04
Updated on:        2002-03-13
Product:           Red Hat Secure Web Server
Keywords:          mod_ssl buffer overflow session cache
Cross references:  RHSA-2002:041
Obsoletes:         
---------------------------------------------------------------------

1. Topic:

Updated secureweb packages are now available for Red Hat Secure Web Server
3.2 (U.S.).  These updates close a buffer overflow in mod_ssl.

2. Relevant releases/architectures:

Red Hat Secure Web Server 3.2 - i386

3. Problem description:

When session caching is enabled, mod_ssl will serialize SSL session
variables to store them for later use. Unpatched versions of mod_ssl prior
to version 2.8.7 using the 'shm' or 'dbm' session caches would do so using
a buffer with a fixed size, making it vulnerable to overflow.

To exploit the overflow, the server must be configured to require client
certificates, and an attacker must obtain a carefully crafted client
certificate that has been signed by a Certificate Authority which is
trusted by the server. If these conditions are met, it is possible for
an attacker to execute arbitrary code on the server.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2002-0082 to this issue.

Pay special attention to the installation instructions in the "Solution"
section below as they differ from standarad upgrade instructions.

4. Solution:

Some of these files are distributed in rhmask format and may only be used
by individuals who have purchased Red Hat Linux 6.2 Professional.

To produce installable RPM files from the rhmask files, retrieve the rhmask
files via ftp and type the following command:

rhmask secureweb-3.2-12.i386.rpm secureweb-3.2.5-1.i386.rpm.rhmask

The original RPM is located only on your Secure Web Server CD, and cannot
be obtained via the Internet. Note: if you do not have the original RPM
located in the same directory as the rhmask file, you will need to prefix
the name of the RPM with the full path name to its location (for example on
your installation CD).

For each RPM for your particular architecture, run:

rpm -Fvh [filename]

where [filename] is the name of the RPM package.

To restart your Secure Web Server, type the following command in a shell
prompt as root:

/etc/rc.d/init.d/httpsd restart

5. Bug IDs fixed  (  for more info):



6. RPMs required:

Red Hat Secure Web Server 3.2:

SRPMS: 
 

i386: 
  
  
 



7. Verification:

MD5 sum                          Package Name
--------------------------------------------------------------------------
df95f1339f71af47d70ca965a9fe11cc 3.2/other_prod/secureweb/SRPMS/secureweb-3.2.5-3.nosrc.rpm
de9d5943625415a7492a2f5ad1165f37 3.2/other_prod/secureweb/i386/secureweb-3.2.5-3.i386.rpm.rhmask
1b39d3833a18b2c2b4b30f8d5ed88283 3.2/other_prod/secureweb/i386/secureweb-devel-3.2.5-3.i386.rpm
3ce2a02339fe3caf436a9eb2e1154f70 3.2/other_prod/secureweb/i386/secureweb-manual-3.2.5-3.i386.rpm
 

These packages are GPG signed by Red Hat, Inc. for security.  Our key
is available at:
     About

You can verify each package with the following command:
    rpm --checksig  

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
    rpm --checksig --nogpg 

8. References:
 
CVE -CVE-2002-0082 
http://marc.theaimsgroup.com/?l=apache-modssl&m=101449247201254 
 


Copyright(c) 2000, 2001, 2002 Red Hat, Inc.
`

RedHat: 'secureweb' mod_ssl Buffer overflow

Updated secureweb packages are now available for Red Hat Secure Web Server3.2 (U.S.)

Summary



Summary

When session caching is enabled, mod_ssl will serialize SSL sessionvariables to store them for later use. Unpatched versions of mod_ssl priorto version 2.8.7 using the 'shm' or 'dbm' session caches would do so usinga buffer with a fixed size, making it vulnerable to overflow.To exploit the overflow, the server must be configured to require clientcertificates, and an attacker must obtain a carefully crafted clientcertificate that has been signed by a Certificate Authority which istrusted by the server. If these conditions are met, it is possible foran attacker to execute arbitrary code on the server.The Common Vulnerabilities and Exposures project (cve.mitre.org) hasassigned the name CAN-2002-0082 to this issue.Pay special attention to the installation instructions in the "Solution"section below as they differ from standarad upgrade instructions.


Solution

Some of these files are distributed in rhmask format and may only be used by individuals who have purchased Red Hat Linux 6.2 Professional.
To produce installable RPM files from the rhmask files, retrieve the rhmask files via ftp and type the following command:
rhmask secureweb-3.2-12.i386.rpm secureweb-3.2.5-1.i386.rpm.rhmask
The original RPM is located only on your Secure Web Server CD, and cannot be obtained via the Internet. Note: if you do not have the original RPM located in the same directory as the rhmask file, you will need to prefix the name of the RPM with the full path name to its location (for example on your installation CD).
For each RPM for your particular architecture, run:
rpm -Fvh [filename]
where [filename] is the name of the RPM package.
To restart your Secure Web Server, type the following command in a shell prompt as root:
/etc/rc.d/init.d/httpsd restart
5. Bug IDs fixed ( for more info):


6. RPMs required:
Red Hat Secure Web Server 3.2:
SRPMS:

i386:





7. Verification:
MD5 sum Package Name df95f1339f71af47d70ca965a9fe11cc 3.2/other_prod/secureweb/SRPMS/secureweb-3.2.5-3.nosrc.rpm de9d5943625415a7492a2f5ad1165f37 3.2/other_prod/secureweb/i386/secureweb-3.2.5-3.i386.rpm.rhmask 1b39d3833a18b2c2b4b30f8d5ed88283 3.2/other_prod/secureweb/i386/secureweb-devel-3.2.5-3.i386.rpm 3ce2a02339fe3caf436a9eb2e1154f70 3.2/other_prod/secureweb/i386/secureweb-manual-3.2.5-3.i386.rpm

These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: About
You can verify each package with the following command: rpm --checksig
If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg

References

CVE -CVE-2002-0082 http://marc.theaimsgroup.com/?l=apache-modssl&m=101449247201254 Copyright(c) 2000, 2001, 2002 Red Hat, Inc. `

Package List


Severity
Advisory ID: RHSA-2002:042-12
Issued Date: : 2002-03-04
Updated on: 2002-03-13
Product: Red Hat Secure Web Server
Keywords: mod_ssl buffer overflow session cache
Cross references: RHSA-2002:041
Obsoletes:

Topic


Topic

Updated secureweb packages are now available for Red Hat Secure Web Server

3.2 (U.S.). These updates close a buffer overflow in mod_ssl.


 

Relevant Releases Architectures

Red Hat Secure Web Server 3.2 - i386


Bugs Fixed


Related News

The End of the Road for Linux 6.11: A Call to Upgrade to Kernel 6.12
3 - 5 min read
The Linux kernel community recently issued an EOL announcement regarding the 6.11 kernel series, urging sysadmins to upgrade quickly to 6.12 . This
A Linux Admin
3 - 6 min read
As 2025 approaches, we Linux admins are facing new and often unseen cloud-native security obstacles. While skilled at mitigating known risks,
Leveraging Insights from the Linux Foundation
3 - 5 min read
The Linux Foundation's recent Census III report provides critical insights for Linux administrators, information security professionals, and anyone
Chrome 131 Released: Emergency Security Update Fixes Over a Dozen Significant Vulns
3 - 6 min read
Google recently unveiled a critical security update to their popular web browser, Google Chrome, addressing over a dozen significant security
From Wayland Fixes to Security Boosts: Examining Qt 6.8.1
3 - 6 min read
The recent Qt 6.8.1 release brings significant updates and improvements, strengthening its reputation as a secure and reliable application
Exploring Arch Linux 2024.12.01: Security Implications & Notable Enhancements for Linux Admins
3 - 6 min read
The Arch Linux 2024.12.01 ISO release marks an impressive milestone, offering cutting-edge updates that enhance functionality, streamline
Deck the Halls with Enhanced Security: Linux Kernel 6.13
3 - 5 min read
As Linux admins and infosec professionals prepare for the holiday season, there's much cause for celebration this year! Linus Torvalds recently made
Lessons from Bootkitty: Securing Linux Systems Against UEFI Intrusions
3 - 5 min read
New Linux security threats mark critical junctures that challenge existing policies and test security protocols to their limit. One such milestone

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved