Back to search

RHSA-2009:1579: httpd security update

Severity CVSS Published Added Modified
8 (AV:N/AC:L/Au:N/C:P/I:P/A:P) September 07, 2009 November 11, 2009 September 06, 2015


The Apache HTTP Server is a popular Web server.A flaw was found in the way the TLS/SSL (Transport Layer Security/SecureSockets Layer) protocols handle session renegotiation. A man-in-the-middleattacker could use this flaw to prefix arbitrary plain text to a client'ssession (for example, an HTTPS connection to a website). This could forcethe server to process an attacker's request as if authenticated using thevictim's credentials. This update partially mitigates this flaw for SSLsessions to HTTP servers using mod_ssl by rejecting client-requestedrenegotiation. (CVE-2009-3555)Note: This update does not fully resolve the issue for HTTPS servers. Anattack is still possible in configurations that require a server-initiatedrenegotiation. Refer to the following Knowledgebase article for furtherinformation: NULL pointer dereference flaw was found in the Apache mod_proxy_ftpmodule. A malicious FTP server to which requests are being proxied coulduse this flaw to crash an httpd child process via a malformed reply to theEPSV or PASV commands, resulting in a limited denial of service.(CVE-2009-3094)A second flaw was found in the Apache mod_proxy_ftp module. In a reverseproxy configuration, a remote attacker could use this flaw to bypassintended access restrictions by creating a carefully-crafted HTTPAuthorization header, allowing the attacker to send arbitrary commands tothe FTP server. (CVE-2009-3095)All httpd users should upgrade to these updated packages, which containbackported patches to correct these issues. After installing the updatedpackages, the httpd daemon must be restarted for the update to take effect.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now




Related Vulnerabilities