|
Apache Mod_Proxy Remote Negative Content-Length Buffer Overflow Vulnerability
Solution: Trustix has released advisory TSLSA-2004-0056 along with fixes dealing with this issue. Please see the referenced advisory for more information. Mandrake has released a security advisory (MDKSA-2004:065) to address this issue. Information on obtaining fixes and updating packages can be found in the referenced advisory. Debian has released advisory DSA 525-1 dealing with this issue. Please see the referenced advisory for more information. Gentoo has released advisory GLSA 200406-16 to address this issue. Gentoo fixes may be applied with the following commands: emerge sync emerge -pv ">=net-www/apache-1.3.31-r2" emerge ">=net-www/apache-1.3.31-r2" OpenPKG has released advisory OpenPKG-SA-2004.029 dealing with this issue. Please see the referenced advisory for more information. OpenBSD has released patches for OpenBSD 3.4 and 3.5. Please see the patch files for instructions on applying and rebuilding the affected binaries. New snapshots and OpenBSD-current as of 12 June 2004 contain the fixes as well. SGI has released a security advisory (20040605-01-U) to address this and other issues in SGI ProPack 2.4. Please see the referenced advisory for more information. IBM has released fixes to address this issue in IBM HTTP server. For more information, see the IBM alert in web references. HP has made fixes available for its HP-UX 11.04 VirtualVault and Webproxy products. See advisory HPSBUX01057. Sun has released an alert (Alert ID: 57628) containing preliminary T-patches to address this and other issues in Apache. Please see the advisory in web references for more information. Sun has released an update to Sun Alert ID: 57628. Patches for Solaris 9.0 have been made available. Patches for Solaris 8.0 are still pending. Sun has released an update to Sun Alert ID: 57628. T-Patches (T116973-01, T116974-01) are available through normal support channels for Solaris 8 SPARC platform and Solaris 8 x86 platform. Please see the referenced Sun alert for more information. The Fedora Legacy project has released advisory FLSA:1737 along with fixes to address this issue in RedHat Linux 7.3. Please see the referenced advisory for further information. Slackware Linux has made an advisory (SSA:2004-299-01) along with fixes available dealing with this and other issues. Please see the referenced advisory for more information. The vendor has released version 1.3.33 of Apache to address this and other issues. HP has released security advisory HPSBUX01098 along with fix information regarding this issue. Please see the referenced advisory for more information. Turbolinux advisory 18/Nov/2004 addresses this issue. Please see the attached advisory for further information on obtaining and applying fixes. Apple has released an advisory (APPLE-SA-2004-12-02) dealing with this and other issues. This security update resolves this issue by installing Apache version 1.3.33, which has been fixed against this issue. Please see the referenced advisory for more information. HP has released security advisory HPSBUX01113 with fix information regarding this issue. Please see the referenced advisory for more information. OpenBSD OpenBSD 3.5
OpenBSD OpenBSD 3.4
Sun Solaris 9
Sun Solaris 9_x86
Apache Software Foundation Apache 1.3
Apache Software Foundation Apache 1.3.1
Apache Software Foundation Apache 1.3.11
Apache Software Foundation Apache 1.3.12
Apache Software Foundation Apache 1.3.14
Apache Software Foundation Apache 1.3.17
Apache Software Foundation Apache 1.3.18
Apache Software Foundation Apache 1.3.19
Apache Software Foundation Apache 1.3.20
Apache Software Foundation Apache 1.3.22
Apache Software Foundation Apache 1.3.23
Apache Software Foundation Apache 1.3.24
Apache Software Foundation Apache 1.3.25
IBM HTTP Server 1.3.26 .1
Apache Software Foundation Apache 1.3.26
IBM HTTP Server 1.3.26
IBM HTTP Server 1.3.26 .2
Apache Software Foundation Apache 1.3.27
Apache Software Foundation Apache 1.3.28
IBM HTTP Server 1.3.28
Apache Software Foundation Apache 1.3.29
Apache Software Foundation Apache 1.3.3
Apache Software Foundation Apache 1.3.31
Apache Software Foundation Apache 1.3.4
Apache Software Foundation Apache 1.3.6
Apache Software Foundation Apache 1.3.7 -dev
Apache Software Foundation Apache 1.3.9
SGI ProPack 2.4
|
|
 Privacy Statement |
