English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 148472 CVE descriptions
and 72306 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2004-10
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
 --------------------------------------------------------------------------

 Original released date : 07 Apr 2004
 Last revised           : 07 Apr 2004

 Package : apache

 Summary : Buffer overflows in mod_alias, mod_rewrite

 More information :
    Apache is a powerful, full-featured, efficient, and freely-available Web server.
    Multiple stack-based buffer overflows in mod_alias and mod_rewrite for Apache.

 Impact :
    The vulnerabilities allow remote attackers to cause a denial of service and
    possibly execute arbitrary code.

 Affected Products :
    - Turbolinux Appliance Server 1.0 Hosting Edition
    - Turbolinux Appliance Server 1.0 Workgroup Edition
    - Turbolinux 8 Server
    - Turbolinux 8 Workstation
    - Turbolinux 7 Server
    - Turbolinux 7 Workstation
    - Turbolinux Server 6.5
    - Turbolinux Advanced Server 6
    - Turbolinux Server 6.1
    - Turbolinux Workstation 6.0

 Solution :
    Please use turbopkg(zabom) tool to apply the update.
 ---------------------------------------------
 # turbopkg
 or
 # zabom update apache apache-devel apache-manual mod_ssl
 ---------------------------------------------


 <Turbolinux Appliance Server 1.0 Hosting Edition>

   Source Packages
   Size : MD5

   apache-1.3.27-22.src.rpm
      3095990 d4e2b916623b4d640b5d679497d9e302

   Binary Packages
   Size : MD5

   apache-1.3.27-22.i586.rpm
       499679 6212ae0f1cd0f30e01d95031802428eb
   apache-devel-1.3.27-22.i586.rpm
        93851 263f9ec42f46f0e839e5cca1eb927c1e
   mod_ssl-2.8.14-22.i586.rpm
       180744 041df7d94acedd1ba7fb5f97064c7eea

 <Turbolinux Appliance Server 1.0 Workgroup Edition>

   Source Packages
   Size : MD5

   apache-1.3.27-22.src.rpm
      3095990 3fc9813efe8710c56e0b77b5e05338c3

   Binary Packages
   Size : MD5

   apache-1.3.27-22.i586.rpm
       499724 7bb20cd888d05c0e4cc5f561199894f6
   apache-devel-1.3.27-22.i586.rpm
        93832 cae619a1b8963ad97da1a5aed1564999
   mod_ssl-2.8.14-22.i586.rpm
       180662 9545e160e32aed4032e12b4dfef7df73

 <Turbolinux 8 Server>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/apache-1.3.27-22.src.rpm
      3095990 3839d93452bde8e36b103fb79d3cf458

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/apache-1.3.27-22.i586.rpm
       500553 78238f9e36c649c84a1a5b1756d97578
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/apache-devel-1.3.27-22.i586.rpm
        93949 a3329e03b72782d3d3b95554b7290c9d
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/apache-manual-1.3.27-22.i586.rpm
       850807 6ee1cecbe57b89e3dfc3d5de2e6fdc9a
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/mod_ssl-2.8.14-22.i586.rpm
       180800 1cb72b938751a3a9c5c7fa3ae9c6647c

 <Turbolinux 8 Workstation>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/SRPMS/apache-1.3.27-22.src.rpm
      3095990 b25efd073d90f7454d43c069cd3eeb98

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/apache-1.3.27-22.i586.rpm
       500372 3c9763463cda876b97eaed2f1327fe5e
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/apache-devel-1.3.27-22.i586.rpm
        94018 2470307199ff33d30c642f934667335a
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/apache-manual-1.3.27-22.i586.rpm
       850632 1a64d40efe6de1ff15dcc9a2b220e52f
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/mod_ssl-2.8.14-22.i586.rpm
       180816 cf24eff8c7e7369e3287e41a82432e49

 <Turbolinux 7 Server>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/SRPMS/apache-1.3.27-22.src.rpm
      3095990 ddc39b15d760059c87e182b62d52a33f

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/apache-1.3.27-22.i586.rpm
       486217 1151c6ecf1aa21562d0fc170fd67bf40
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/apache-devel-1.3.27-22.i586.rpm
        93879 933560ed4038a7fcc72541de230d8acb
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/apache-manual-1.3.27-22.i586.rpm
       849973 392beee13024b1444099b1c2f9055f81
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/mod_ssl-2.8.14-22.i586.rpm
       177997 037153aac8248fc21470e52fb190ad8a

 <Turbolinux 7 Workstation>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/SRPMS/apache-1.3.27-22.src.rpm
      3095990 e89f9dda6f70d8c7f52c7cbbf62509dd

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/apache-1.3.27-22.i586.rpm
       486199 82c1725c50d0d48c86828e2b2ef9c9d6
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/apache-devel-1.3.27-22.i586.rpm
        93949 48d9f27d6b4aaa9f2877de70be155dc4
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/apache-manual-1.3.27-22.i586.rpm
       850055 59c90fa2c2377323b8f2d187b8922463
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/mod_ssl-2.8.14-22.i586.rpm
       178382 ae4575db718088d905a5a98de9b437db

 <Turbolinux Server 6.5>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.5/updates/SRPMS/apache-1.3.27-22.src.rpm
      3095990 d3b8c26b4d21f8e15ed3e0fb02f4436c

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.5/updates/RPMS/apache-1.3.27-22.i386.rpm
       572608 d44abe94288e1c3ff15e8d37a67dfce2
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.5/updates/RPMS/apache-devel-1.3.27-22.i386.rpm
       109943 07b769e891277be997735c9c94d050e2
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.5/updates/RPMS/apache-manual-1.3.27-22.i386.rpm
      1088335 680afe2861889d0e8d856db384a6f11c
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.5/updates/RPMS/mod_ssl-2.8.14-22.i386.rpm
       191501 3f0058c21e59084c338fc665630f2231

 <Turbolinux Advanced Server 6>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/AdvancedServer/6/ja/updates/SRPMS/apache-1.3.27-22.src.rpm
      3095990 b87e3782487686f17191c93110107c96

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/AdvancedServer/6/ja/updates/RPMS/apache-1.3.27-22.i386.rpm
       573652 44cf4220883ca5bf3be8a84e33ea9091
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/AdvancedServer/6/ja/updates/RPMS/apache-devel-1.3.27-22.i386.rpm
       109941 5509aca57d903efdc43e2419f5c33e50
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/AdvancedServer/6/ja/updates/RPMS/apache-manual-1.3.27-22.i386.rpm
      1089906 6589583a5d032414e48434b71a9dfa32
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/AdvancedServer/6/ja/updates/RPMS/mod_ssl-2.8.14-22.i386.rpm
       191495 a69883d96bd09dd3fbeb797a29785cd0

 <Turbolinux Server 6.1>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.1/ja/updates/SRPMS/apache-1.3.27-22.src.rpm
      3095990 49d2e7d0e4f93f896586ce60160042a2

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.1/ja/updates/RPMS/apache-1.3.27-22.i386.rpm
       573061 157b27651fb523665ca29b0903e474bf
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.1/ja/updates/RPMS/apache-devel-1.3.27-22.i386.rpm
       109949 0f9b4e1b49e8e2037f65b82c5e5fa7cf
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.1/ja/updates/RPMS/apache-manual-1.3.27-22.i386.rpm
      1088821 62e88f3f55487327fb2c6a04bd690c19
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.1/ja/updates/RPMS/mod_ssl-2.8.14-22.i386.rpm
       191460 aa2b4ceeea10ea5f0fbf6c84fdbef499

 <Turbolinux Workstation 6.0>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/6.0/ja/updates/SRPMS/apache-1.3.27-22.src.rpm
      3095990 c3380e8d06de7db5d47426e61002b398

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/6.0/ja/updates/RPMS/apache-1.3.27-22.i386.rpm
       573837 21e8a2af9561d754a8b38dbceec92a33
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/6.0/ja/updates/RPMS/apache-devel-1.3.27-22.i386.rpm
       110112 92b4c9ff967eb61fdf56792ad167288c
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/6.0/ja/updates/RPMS/apache-manual-1.3.27-22.i386.rpm
      1089097 98f9b8f895fde788a95432850d74e4f5


 Reiferences :

 The Apache HTTP Server Project
   [Changes with Apache 1.3.29]
   http://www.apache.org/dist/httpd/CHANGES_1.3

 CVE
   [CAN-2003-0542]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0542


 --------------------------------------------------------------------------
 Revision History
    07 Apr 2004 Initial release
 --------------------------------------------------------------------------

 Copyright(C) 2004 Turbolinux, Inc. All rights reserved. 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFAc7R3K0LzjOqIJMwRAlxZAJ9ORe0DPep/y+YfROyoDwwn3JeloACfVUqH
pDCcD4nqPpmP7b2J1UaY1B8=
=/O1Q
-----END PGP SIGNATURE-----

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe

© 1998-2019 E-Soft Inc. All rights reserved.