RHSA-2009:1580: httpd security update
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | September 07, 2009 | November 11, 2009 | July 03, 2017 |
Description
The Apache HTTP Server is a popular Web server.A flaw was found in the way the TLS/SSL (Transport Layer Security/SecureSockets Layer) protocols handle session renegotiation. A man-in-the-middleattacker could use this flaw to prefix arbitrary plain text to a client'ssession (for example, an HTTPS connection to a website). This could forcethe server to process an attacker's request as if authenticated using thevictim's credentials. This update partially mitigates this flaw for SSLsessions to HTTP servers using mod_ssl by rejecting client-requestedrenegotiation. (CVE-2009-3555)Note: This update does not fully resolve the issue for HTTPS servers. Anattack is still possible in configurations that require a server-initiatedrenegotiation. Refer to the following Knowledgebase article for furtherinformation: http://kbase.redhat.com/faq/docs/DOC-20491A denial of service flaw was found in the Apache mod_deflate module. Thismodule continued to compress large files until compression was complete,even if the network connection that requested the content was closed beforecompression completed. This would cause mod_deflate to consume largeamounts of CPU if mod_deflate was enabled for a large file. (CVE-2009-1891)A NULL pointer dereference flaw was found in the Apache mod_proxy_ftpmodule. A malicious FTP server to which requests are being proxied coulduse this flaw to crash an httpd child process via a malformed reply to theEPSV or PASV commands, resulting in a limited denial of service.(CVE-2009-3094)A second flaw was found in the Apache mod_proxy_ftp module. In a reverseproxy configuration, a remote attacker could use this flaw to bypassintended access restrictions by creating a carefully-crafted HTTPAuthorization header, allowing the attacker to send arbitrary commands tothe FTP server. (CVE-2009-3095)All httpd users should upgrade to these updated packages, which containbackported patches to correct these issues. After installing the updatedpackages, the httpd daemon must be restarted for the update to take effect.
Free Nexpose Download
Discover, prioritize, and remediate security risks today!
References
- APPLE-APPLE-SA-2009-11-09-1
- APPLE-APPLE-SA-2010-01-19-1
- APPLE-APPLE-SA-2010-03-29-1
- APPLE-APPLE-SA-2010-05-18-1
- APPLE-APPLE-SA-2010-05-18-2
- BID-36935
- CERT-TA10-222A
- CERT-TA10-287A
- CERT-VN-120541
- CVE-2009-1891
- CVE-2009-3094
- CVE-2009-3095
- CVE-2009-3555
- DEBIAN-DSA-1834
- DEBIAN-DSA-1934
- DEBIAN-DSA-2141
- DEBIAN-DSA-3253
- DISA_SEVERITY-Category I
- DISA_VMSKEY-V0027158
- IAVM-2011-A-0066
- MS-MS10-049
- OSVDB-55782
- OSVDB-60521
- OSVDB-60972
- OSVDB-62210
- OSVDB-65202
- OVAL-OVAL10088
- OVAL-OVAL10981
- OVAL-OVAL11578
- OVAL-OVAL11617
- OVAL-OVAL12361
- OVAL-OVAL7315
- OVAL-OVAL7478
- OVAL-OVAL7973
- OVAL-OVAL8087
- OVAL-OVAL8366
- OVAL-OVAL8535
- OVAL-OVAL8632
- OVAL-OVAL8662
- OVAL-OVAL9248
- OVAL-OVAL9363
- REDHAT-RHSA-2009:1148
- REDHAT-RHSA-2009:1156
- REDHAT-RHSA-2009:1580
- REDHAT-RHSA-2010:0119
- REDHAT-RHSA-2010:0130
- REDHAT-RHSA-2010:0155
- REDHAT-RHSA-2010:0165
- REDHAT-RHSA-2010:0167
- REDHAT-RHSA-2010:0337
- REDHAT-RHSA-2010:0338
- REDHAT-RHSA-2010:0339
- REDHAT-RHSA-2010:0768
- REDHAT-RHSA-2010:0770
- REDHAT-RHSA-2010:0786
- REDHAT-RHSA-2010:0807
- REDHAT-RHSA-2010:0865
- REDHAT-RHSA-2010:0986
- REDHAT-RHSA-2010:0987
- REDHAT-RHSA-2011:0880
- SUSE-SUSE-SA:2009:050
- SUSE-SUSE-SA:2009:057
- SUSE-SUSE-SA:2010:061
- XF-54158
Solution
redhat-upgrade-httpdRelated Vulnerabilities
- SUSE Linux Security Advisory: SUSE-SU-2014:1100-1
- USN-860-1: Apache vulnerabilities
- Sun Patch: NSS_NSPR_JSS 3.21: NSPR 4.11 / NSS 3.21 / JSS 4.3.2
- AIX 6.1 - ssl_advisory : AIX_OpenSSL_session_renegotiation_vulnerability (APAR N/A)
- Sun Patch: NSS_NSPR_JSS 3.21 Solaris_x86: NSPR 4.11 / NSS 3.21 / JSS 4.3.2 Ma
- SUSE Linux Security Advisory: SUSE-SR:2010:019
- USN-927-4: nss vulnerability
- ELSA-2012-0518 Important: Oracle Linux openssl security update
- RHSA-2010:0770: java-1.6.0-sun security update
- ELSA-2010-0165 Moderate: Enterprise Linux nss security update
- JRE Java TLS Renegotiation Vulnerability
- Apache HTTPD: mod_deflate DoS (CVE-2009-1891)
- AIX 5.1 - ssl_advisory : AIX_OpenSSL_session_renegotiation_vulnerability (APAR N/A)
- AIX OpenSSL session renegotiation vulnerability -AIX 5.1
- RHSA-2010:0602: Red Hat Certificate System 7.3 security update
- SUSE Linux Security Advisory: SUSE-SR:2010:011
- RHSA-2009:1160: httpd22 security update
- AIX OpenSSL session renegotiation vulnerability -AIX 5.2
- RHSA-2010:0807: java-1.5.0-ibm security update
- Sun Patch: NSS_NSPR_JSS 3.21_x86: NSPR 4.11 / NSS 3.21 / JSS 4.3.2
- ELSA-2009-1148 Important: Enterprise Linux httpd security update
- F5 Networks: K10737 (CVE-2009-3555): SSL Renegotiation vulnerability - CVE-2009-3555 / VU#120541
- Sun Patch: Sun GlassFish Enterprise Server 2.1.1 Patch16 (v2.1 patch22) (9.1_
- Sun Patch: StarOffice 8 (Solaris): Update 18
- RHSA-2010:0865: java-1.6.0-openjdk security and bug fix update
- Sun Patch: StarSuite 8 (Solaris): Update 18
- Sun Patch: StarSuite 8 (Solaris_x86): Update 18
- MFSA2010-22 SeaMonkey: Update NSS to support TLS renegotiation indication (CVE-2009-3555)
- RHSA-2010:0130: java-1.5.0-ibm security update
- ELSA-2010-0163 Moderate: Enterprise Linux openssl security update
- USN-1010-1: OpenJDK vulnerabilities
- OpenSSL RFC5746 SSL/TLS renegotiation (CVE-2009-3555)
- SUSE Linux Security Advisory: SUSE-SR:2011:008
- VMSA-2011-0003: vCenter Server and ESX, Oracle (Sun) JRE is updated to version 1.6.0_21, vCenter Update Manager Oracle (Sun) JRE is updated to version 1.5.0_26 (CVE-2009-3555)
- Java CPU October 2010 JSSE vulnerability (CVE-2009-3555)
- AIX 5.3 - ssl_advisory : AIX_OpenSSL_session_renegotiation_vulnerability (APAR N/A)
- USN-990-1: OpenSSL vulnerability
- Sun Patch: SunOS 5.10: Solaris kernel patch
- RHSA-2010:0440: rhev-hypervisor security and bug fix update
- RHSA-2009:1155: httpd security update
- VMSA-2010-0015.1: Service Console update (CVE-2009-3555)
- RHSA-2010:0165: nss security update
- RHSA-2009:1156: httpd security update
- SUSE Linux Security Vulnerability: CVE-2009-1891
- FreeBSD: apache22 -- several vulnerabilities (Multiple CVEs)
- RHSA-2010:0338: java-1.5.0-sun security update
- Sun Patch: NSS_NSPR_JSS 3.21 Solaris: NSPR 4.11 / NSS 3.21 / JSS 4.3.2 Mainte
- Sun Patch: Web Server 6.1: Sun ONE Web Server 6.1 Patch WS61SP13
- ELSA-2010-0166 Moderate: Enterprise Linux gnutls security update
- Sun Patch: SunOS 5.10: Apache 2 Patch
- ELSA-2010-0164 Moderate: Enterprise Linux openssl097a security update
- Sun Patch: SunOS 5.10: ssh scp patch
- Sun Patch: Sun Java System Web Proxy Server 4.0.17, Solaris (SVR4 patch): Mai
- RHSA-2010:0163: openssl security update
- RHSA-2010:0339: java-1.6.0-openjdk security update
- Sun Patch: Sun GlassFish Enterprise Server v2.1.1 Security Patch01, Solaris:
- Sun Patch: Oracle iPlanet Web Server 7.0.12 Solaris: Update Release patch
- RHSA-2010:0166: gnutls security update
- SUSE Linux Security Advisory: SUSE-SR:2010:013
- SUSE Linux Security Advisory: SUSE-SR:2009:019
- AIX 5.2 - ssl_advisory : AIX_OpenSSL_session_renegotiation_vulnerability (APAR N/A)
- Apache HTTPD: mod_proxy_ftp DoS (CVE-2009-3094)
- USN-927-1: NSS vulnerability
- Oracle Database: Critical Patch Update - April 2011 (CVE-2009-3555)
- RHSA-2010:0768: java-1.6.0-openjdk security and bug fix update
- RHSA-2011:0880: Red Hat Network Satellite server IBM Java Runtime security update
- Sun Patch: SunOS 5.10_x86: kernel patch
- MFSA2010-22 Firefox: Update NSS to support TLS renegotiation indication (CVE-2009-3555)
- Apache HTTPD: mod_proxy_ftp FTP command injection (CVE-2009-3095)
- DSA-2626-1 lighttpd -- several issues
- TLS Session Renegotiation Vulnerability
- Sun Patch: Application Server Enterprise Edition 8.2, Solaris, Patch18 :
- Cent OS: CVE-2009-3555: CESA-2010:0768 (java-1.6.0-openjdk)
- RHSA-2009:1694: java-1.6.0-ibm security update
- SUSE Linux Security Advisory: SUSE-SA:2009:050
- OS X security update 2010-001 for OpenSSL (CVE-2009-3555)
- SUSE Linux Security Vulnerability: CVE-2009-3094
- Oracle Linux: CVE-2009-3555: ELSA-2016-3558 - openssl security update
- SUSE Linux Security Advisory: SUSE-SR:2010:012
- HP System Management Homepage - HPSBMA02568 (Multiple Advisories) (CVE-2009-3555): Linux and Windows, Remote Cross Site Scripting (XSS), HTTP Response Splitting, and Other Vulnerabilities
- ELSA-2010-0162 Important: Enterprise Linux openssl security update
- SUSE Linux Security Advisory: SUSE-SA:2011:006
- Sun Patch: Sun Java System App Server Enterprise Ed 8.1 2005Q1, _x86 Patch32
- Sun Patch: Oracle iPlanet Web Server 7.0.12 Solaris_x86: Update Release patch
- SUSE Linux Security Advisory: SUSE-SR:2010:008
- Cisco NX-OS: Transport Layer Security Renegotiation Vulnerability (CVE-2009-3555)
- Nginx: The renegotiation vulnerability in SSL protocol (CVE-2009-3555)
- RHSA-2010:0164: openssl097a security update
- RHSA-2010:0119: JBoss Enterprise Web Server 1.0.1 update
- Apple Java security update for CVE-2009-3555
- RHSA-2009:1461: Red Hat Application Stack v2.4 security and enhancement update
- RHSA-2010:0337: java-1.6.0-sun security update
- OS X update for Apache (CVE-2009-3095)
- RHSA-2010:0162: openssl security update
- AIX OpenSSL session renegotiation vulnerability -AIX 6.1
- SUSE Linux Security Vulnerability: CVE-2009-3095
- USN-923-1: OpenJDK vulnerabilities
- Sun Patch: SunOS 5.10: kernel patch
- Sun Patch: Application Server Enterprise Edition 8.2, _x86, Patch18 : SVR
- SUSE Linux Security Vulnerability: CVE-2009-3555