Apache Satisfy Directive Access Control Bypass Vulnerability

Solution:
HP has released an advisory (HPSBGN01091) and an update to fix this vulnerability and other vulnerabilities in Secure Web Server for Tru64 UNIX; the Secure Web Server product is based on Apache.

Trustix Linux has released an advisory (TSLSA-2004-0049) along with fixes dealing with this issue. Please see the referenced advisory for more information.

Gentoo has released advisory (GLSA 200409-33) to address this issue. Please see the referenced advisory for more information. Gentoo users may carry out the following commands to update their systems:

emerge sync
emerge -pv ">=net-www/apache-2.0.51-r1"
emerge ">=net-www/apache-2.0.51-r1"

Red Hat Fedora has released an advisory (FEDORA-2004-313) along with fixes dealing with this and other issues. Please see the referenced advisory for more information.

The vendor has released version 2.0.52 to address this issue:

HP has released an advisory (HPSBUX01090) to address various issues affecting HP-UX running Apache and PHP. Please see the referenced advisory for more information.


Apache Apache 2.0.51

HP Tru64 UNIX Compaq Secure Web Server 4.0 F

HP Tru64 UNIX Compaq Secure Web Server 4.0 G

HP Tru64 UNIX Compaq Secure Web Server 5.0 A

HP Tru64 UNIX Compaq Secure Web Server 5.1 A

HP Tru64 UNIX Compaq Secure Web Server 5.1

HP Tru64 UNIX Compaq Secure Web Server 5.8.1

HP Tru64 UNIX Compaq Secure Web Server 5.8.2

HP Tru64 UNIX Compaq Secure Web Server 5.9.1

HP Tru64 UNIX Compaq Secure Web Server 5.9.2

HP Tru64 UNIX Compaq Secure Web Server 6.3


 

Privacy Statement
Copyright 2010, SecurityFocus