httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From m..@apache.org
Subject svn commit: r792908 - in /httpd/site/trunk: docs/security/vulnerabilities-oval.xml docs/security/vulnerabilities_22.html xdocs/security/vulnerabilities-httpd.xml
Date Fri, 10 Jul 2009 12:16:51 GMT
Author: mjc
Date: Fri Jul 10 12:16:51 2009
New Revision: 792908

URL: http://svn.apache.org/viewvc?rev=792908&view=rev
Log:
Update vulnerability document and pages with things fixed in 2.2.12, except for the apr things
which i'll add in later.

Modified:
    httpd/site/trunk/docs/security/vulnerabilities-oval.xml
    httpd/site/trunk/docs/security/vulnerabilities_22.html
    httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml

Modified: httpd/site/trunk/docs/security/vulnerabilities-oval.xml
URL: http://svn.apache.org/viewvc/httpd/site/trunk/docs/security/vulnerabilities-oval.xml?rev=792908&r1=792907&r2=792908&view=diff
==============================================================================
--- httpd/site/trunk/docs/security/vulnerabilities-oval.xml (original)
+++ httpd/site/trunk/docs/security/vulnerabilities-oval.xml Fri Jul 10 12:16:51 2009
@@ -5,6 +5,122 @@
 <oval:timestamp>2005-10-12T18:13:45</oval:timestamp>
 </generator>
 <definitions>
+<definition id="oval:org.apache.httpd:def:20091891" version="1" class="vulnerability">
+<metadata>
+<title>mod_deflate DoS</title>
+<reference source="CVE" ref_id="CVE-2009-1891" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891"/>
+<description>
+A denial of service flaw was found in the mod_deflate module. This
+module continued to compress large files until compression was
+complete, even if the network connection that requested the content
+was closed before compression completed. This would cause mod_deflate
+to consume large amounts of CPU if mod_deflate was enabled for a large
+file.</description>
+<apache_httpd_repository>
+<public>20090626</public>
+<reported>20090626</reported>
+<released/>
+<severity level="4">low</severity>
+</apache_httpd_repository>
+</metadata>
+<criteria operator="OR">
+<criteria operator="OR">
+<criterion test_ref="oval:org.apache.httpd:tst:2211" comment="the version of httpd is
2.2.11"/>
+<criterion test_ref="oval:org.apache.httpd:tst:229" comment="the version of httpd is 2.2.9"/>
+<criterion test_ref="oval:org.apache.httpd:tst:228" comment="the version of httpd is 2.2.8"/>
+<criterion test_ref="oval:org.apache.httpd:tst:226" comment="the version of httpd is 2.2.6"/>
+<criterion test_ref="oval:org.apache.httpd:tst:225" comment="the version of httpd is 2.2.5"/>
+<criterion test_ref="oval:org.apache.httpd:tst:224" comment="the version of httpd is 2.2.4"/>
+<criterion test_ref="oval:org.apache.httpd:tst:223" comment="the version of httpd is 2.2.3"/>
+<criterion test_ref="oval:org.apache.httpd:tst:222" comment="the version of httpd is 2.2.2"/>
+<criterion test_ref="oval:org.apache.httpd:tst:220" comment="the version of httpd is 2.2.0"/>
+</criteria>
+</criteria>
+</definition>
+<definition id="oval:org.apache.httpd:def:20091890" version="1" class="vulnerability">
+<metadata>
+<title>mod_proxy reverse proxy DoS</title>
+<reference source="CVE" ref_id="CVE-2009-1890" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890"/>
+<description>
+A denial of service flaw was found in the mod_proxy module when it was
+used as a reverse proxy. A remote attacker could use this flaw to
+force a proxy process to consume large amounts of CPU time.
+</description>
+<apache_httpd_repository>
+<public>20090702</public>
+<reported>20090630</reported>
+<released/>
+<severity level="2">important</severity>
+</apache_httpd_repository>
+</metadata>
+<criteria operator="OR">
+<criteria operator="OR">
+<criterion test_ref="oval:org.apache.httpd:tst:2211" comment="the version of httpd is
2.2.11"/>
+<criterion test_ref="oval:org.apache.httpd:tst:229" comment="the version of httpd is 2.2.9"/>
+<criterion test_ref="oval:org.apache.httpd:tst:228" comment="the version of httpd is 2.2.8"/>
+<criterion test_ref="oval:org.apache.httpd:tst:226" comment="the version of httpd is 2.2.6"/>
+<criterion test_ref="oval:org.apache.httpd:tst:225" comment="the version of httpd is 2.2.5"/>
+<criterion test_ref="oval:org.apache.httpd:tst:224" comment="the version of httpd is 2.2.4"/>
+<criterion test_ref="oval:org.apache.httpd:tst:223" comment="the version of httpd is 2.2.3"/>
+<criterion test_ref="oval:org.apache.httpd:tst:222" comment="the version of httpd is 2.2.2"/>
+<criterion test_ref="oval:org.apache.httpd:tst:220" comment="the version of httpd is 2.2.0"/>
+</criteria>
+</criteria>
+</definition>
+<definition id="oval:org.apache.httpd:def:20091195" version="1" class="vulnerability">
+<metadata>
+<title>AllowOverride Options handling bypass</title>
+<reference source="CVE" ref_id="CVE-2009-1195" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195"/>
+<description>
+A flaw was found in the handling of the "Options" and "AllowOverride"
+directives.  In configurations using the "AllowOverride" directive
+with certain "Options=" arguments, local users were not restricted
+from executing commands from a Server-Side-Include script as intended.
+</description>
+<apache_httpd_repository>
+<public>20090422</public>
+<reported>20090309</reported>
+<released/>
+<severity level="4">low</severity>
+</apache_httpd_repository>
+</metadata>
+<criteria operator="OR">
+<criteria operator="OR">
+<criterion test_ref="oval:org.apache.httpd:tst:2211" comment="the version of httpd is
2.2.11"/>
+<criterion test_ref="oval:org.apache.httpd:tst:229" comment="the version of httpd is 2.2.9"/>
+<criterion test_ref="oval:org.apache.httpd:tst:228" comment="the version of httpd is 2.2.8"/>
+<criterion test_ref="oval:org.apache.httpd:tst:226" comment="the version of httpd is 2.2.6"/>
+<criterion test_ref="oval:org.apache.httpd:tst:225" comment="the version of httpd is 2.2.5"/>
+<criterion test_ref="oval:org.apache.httpd:tst:224" comment="the version of httpd is 2.2.4"/>
+<criterion test_ref="oval:org.apache.httpd:tst:223" comment="the version of httpd is 2.2.3"/>
+<criterion test_ref="oval:org.apache.httpd:tst:222" comment="the version of httpd is 2.2.2"/>
+<criterion test_ref="oval:org.apache.httpd:tst:220" comment="the version of httpd is 2.2.0"/>
+</criteria>
+</criteria>
+</definition>
+<definition id="oval:org.apache.httpd:def:20091191" version="1" class="vulnerability">
+<metadata>
+<title>mod_proxy_ajp information disclosure</title>
+<reference source="CVE" ref_id="CVE-2009-1191" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191"/>
+<description>
+An information disclosure flaw was found in mod_proxy_ajp in version
+2.2.11 only. In certain
+situations, if a user sent a carefully crafted HTTP request, the server
+could return a response intended for another user.
+</description>
+<apache_httpd_repository>
+<public>20090421</public>
+<reported>20090305</reported>
+<released/>
+<severity level="2">important</severity>
+</apache_httpd_repository>
+</metadata>
+<criteria operator="OR">
+<criteria operator="OR">
+<criterion test_ref="oval:org.apache.httpd:tst:2211" comment="the version of httpd is
2.2.11"/>
+</criteria>
+</criteria>
+</definition>
 <definition id="oval:org.apache.httpd:def:20082939" version="1" class="vulnerability">
 <metadata>
 <title>mod_proxy_ftp globbing XSS</title>
@@ -17,7 +133,7 @@
 <apache_httpd_repository>
 <public>20080805</public>
 <reported>20080728</reported>
-<released/>
+<released>20081031</released>
 <severity level="4">low</severity>
 </apache_httpd_repository>
 </metadata>
@@ -2883,6 +2999,10 @@
 </definition>
 </definitions>
 <tests>
+<httpd_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#apache" id="oval:org.apache.httpd:tst:2211"
version="1" comment="the version of httpd is 2.2.11" check="at least one">
+<object object_ref="oval:org.apache.httpd:obj:1"/>
+<state state_ref="oval:org.apache.httpd:ste:2211"/>
+</httpd_test>
 <httpd_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#apache" id="oval:org.apache.httpd:tst:229"
version="1" comment="the version of httpd is 2.2.9" check="at least one">
 <object object_ref="oval:org.apache.httpd:obj:1"/>
 <state state_ref="oval:org.apache.httpd:ste:229"/>
@@ -3124,6 +3244,9 @@
 </httpd_object>
 </objects>
 <states>
+<httpd_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#apache" id="oval:org.apache.httpd:ste:2211"
version="1" comment="the version of httpd is 2.2.11">
+<version operation="equals" datatype="version">2.2.11</version>
+</httpd_state>
 <httpd_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#apache" id="oval:org.apache.httpd:ste:229"
version="1" comment="the version of httpd is 2.2.9">
 <version operation="equals" datatype="version">2.2.9</version>
 </httpd_state>

Modified: httpd/site/trunk/docs/security/vulnerabilities_22.html
URL: http://svn.apache.org/viewvc/httpd/site/trunk/docs/security/vulnerabilities_22.html?rev=792908&r1=792907&r2=792908&view=diff
==============================================================================
--- httpd/site/trunk/docs/security/vulnerabilities_22.html [utf-8] (original)
+++ httpd/site/trunk/docs/security/vulnerabilities_22.html [utf-8] Fri Jul 10 12:16:51 2009
@@ -87,6 +87,93 @@
  <tr>
  <td bgcolor="#525D76">
   <font color="#ffffff" face="arial,helvetica,sanserif">
+   <a name="2.2.12-dev"><strong>Fixed in Apache httpd 2.2.12-dev</strong></a>
+  </font>
+ </td>
+ </tr>
+ <tr><td>
+  <blockquote>
+<dl>
+<dd>
+<b>important: </b>
+<b>
+<name name="CVE-2009-1890">mod_proxy reverse proxy DoS</name>
+</b>
+<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890">CVE-2009-1890</a>
+<p>
+A denial of service flaw was found in the mod_proxy module when it was
+used as a reverse proxy. A remote attacker could use this flaw to
+force a proxy process to consume large amounts of CPU time.
+</p>
+</dd>
+<dd />
+<dd>
+      Affects: 
+    2.2.11, 2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0<p />
+</dd>
+<dd>
+<b>important: </b>
+<b>
+<name name="CVE-2009-1191">mod_proxy_ajp information disclosure</name>
+</b>
+<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191">CVE-2009-1191</a>
+<p>
+An information disclosure flaw was found in mod_proxy_ajp in version
+2.2.11 only. In certain
+situations, if a user sent a carefully crafted HTTP request, the server
+could return a response intended for another user.
+</p>
+</dd>
+<dd />
+<dd>
+      Affects: 
+    2.2.11<p />
+</dd>
+<dd>
+<b>low: </b>
+<b>
+<name name="CVE-2009-1891">mod_deflate DoS</name>
+</b>
+<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891">CVE-2009-1891</a>
+<p>
+A denial of service flaw was found in the mod_deflate module. This
+module continued to compress large files until compression was
+complete, even if the network connection that requested the content
+was closed before compression completed. This would cause mod_deflate
+to consume large amounts of CPU if mod_deflate was enabled for a large
+file.</p>
+</dd>
+<dd />
+<dd>
+      Affects: 
+    2.2.11, 2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0<p />
+</dd>
+<dd>
+<b>low: </b>
+<b>
+<name name="CVE-2009-1195">AllowOverride Options handling bypass</name>
+</b>
+<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195">CVE-2009-1195</a>
+<p>
+A flaw was found in the handling of the "Options" and "AllowOverride"
+directives.  In configurations using the "AllowOverride" directive
+with certain "Options=" arguments, local users were not restricted
+from executing commands from a Server-Side-Include script as intended.
+</p>
+</dd>
+<dd />
+<dd>
+      Affects: 
+    2.2.11, 2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0<p />
+</dd>
+</dl>
+  </blockquote>
+ </td></tr>
+</table>
+           <table border="0" cellspacing="0" cellpadding="2" width="100%">
+ <tr>
+ <td bgcolor="#525D76">
+  <font color="#ffffff" face="arial,helvetica,sanserif">
    <a name="2.2.10"><strong>Fixed in Apache httpd 2.2.10</strong></a>
   </font>
  </td>
@@ -106,7 +193,9 @@
 FTP-over-HTTP, requests containing globbing characters could lead
 to cross-site scripting (XSS) attacks.</p>
 </dd>
-<dd />
+<dd>
+  Update Released: 31st October 2008<br />
+</dd>
 <dd>
       Affects: 
     2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0<p />

Modified: httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml
URL: http://svn.apache.org/viewvc/httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml?rev=792908&r1=792907&r2=792908&view=diff
==============================================================================
--- httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml [utf-8] (original)
+++ httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml [utf-8] Fri Jul 10 12:16:51
2009
@@ -1,6 +1,86 @@
-<security updated="20080806">
+<security updated="20090709">
 
-<issue fixed="2.2.10" public="20080805" reported="20080728" released="">
+<issue fixed="2.2.12-dev" public="20090626" reported="20090626" released="">
+<cve name="CVE-2009-1891"/>
+<severity level="4">low</severity>
+<cvss>2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P</cvss>
+<title>mod_deflate DoS</title>
+<description><p>
+A denial of service flaw was found in the mod_deflate module. This
+module continued to compress large files until compression was
+complete, even if the network connection that requested the content
+was closed before compression completed. This would cause mod_deflate
+to consume large amounts of CPU if mod_deflate was enabled for a large
+file.</p></description>
+<affects prod="httpd" version="2.2.11"/>
+<affects prod="httpd" version="2.2.9"/>
+<affects prod="httpd" version="2.2.8"/>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.2.12-dev" public="20090702" reported="20090630" released="">
+<cve name="CVE-2009-1890"/>
+<severity level="2">important</severity>
+<cvss>7.8/AV:N/AC:L/Au:N/C:N/I:N/A:C</cvss>
+<title>mod_proxy reverse proxy DoS</title>
+<description><p>
+A denial of service flaw was found in the mod_proxy module when it was
+used as a reverse proxy. A remote attacker could use this flaw to
+force a proxy process to consume large amounts of CPU time.
+</p></description>
+<affects prod="httpd" version="2.2.11"/>
+<affects prod="httpd" version="2.2.9"/>
+<affects prod="httpd" version="2.2.8"/>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.2.12-dev" public="20090422" reported="20090309" released="">
+<cve name="CVE-2009-1195"/>
+<severity level="4">low</severity>
+<cvss>4.4/AV:L/AC:M/Au:N/C:P/I:P/A:P</cvss>
+<title>AllowOverride Options handling bypass</title>
+<description><p>
+A flaw was found in the handling of the "Options" and "AllowOverride"
+directives.  In configurations using the "AllowOverride" directive
+with certain "Options=" arguments, local users were not restricted
+from executing commands from a Server-Side-Include script as intended.
+</p></description>
+<affects prod="httpd" version="2.2.11"/>
+<affects prod="httpd" version="2.2.9"/>
+<affects prod="httpd" version="2.2.8"/>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.2.12-dev" public="20090421" reported="20090305" released="">
+<cve name="CVE-2009-1191"/>
+<severity level="2">important</severity>
+<cvss>5/AV:N/AC:L/Au:N/C:P/I:N/A:N</cvss>
+<title>mod_proxy_ajp information disclosure</title>
+<description><p>
+An information disclosure flaw was found in mod_proxy_ajp in version
+2.2.11 only. In certain
+situations, if a user sent a carefully crafted HTTP request, the server
+could return a response intended for another user.
+</p></description>
+<affects prod="httpd" version="2.2.11"/>
+</issue>
+
+<issue fixed="2.2.10" public="20080805" reported="20080728" released="20081031">
 <cve name="CVE-2008-2939"/>
 <severity level="4">low</severity>
 <title>mod_proxy_ftp globbing XSS</title>



Mime
View raw message