[plug] Fwd: vulnerabilitys

Weirdo linuxalien at optusnet.com.au
Tue May 6 16:58:08 WST 2003 

I don't know if any of you have seen this yet.
Tim
>From: David White <D.White at exchange.curtin.edu.au>
>To: "'linuxalien at optusnet.com.au'" <linuxalien at optusnet.com.au>
>Subject:
>Date: Tue, 6 May 2003 15:52:24 +0800
>X-Mailer: Internet Mail Service (5.5.2656.59)
>
>Apache Mod_Auth_Any Remote Command Execution Vulnerability
>Risk
>High
>Date Discovered
>04-28-2003
>Description
>A vulnerability has been discovered in the mod_auth_any Apache module. The
>problem occurs due to insufficient sanitiziation of user-supplied arguments.
>As a result, it may be possible for an attacker to execute arbitrary
>commands, by placing shell metacharacters within an argument.
>
>All commands executed in this manner would be run with the privileges the
>Apache HTTPD server.
>Platforms Affected
>RedHat Enterprise Linux AS 2.1
>RedHat Enterprise Linux ES 2.1
>RedHat Enterprise Linux WS 2.1
>RedHat Linux 7.2
>RedHat Linux 7.2 athlon
>RedHat Linux 7.2 i386
>RedHat Linux 7.2 i586
>RedHat Linux 7.2 i686
>RedHat Linux 7.2 ia64
>RedHat Linux 7.3
>RedHat Linux 7.3 i386
>RedHat Linux 7.3 i686
>RedHat Linux Advanced Work Station 2.1
>Components Affected
>mod_auth_any mod_auth_any 1.2.2
>Recommendations
>Block external access at the network boundary, unless service is required by
>external parties.
>Restrict remote access to the Apache server from all but trusted hosts. This
>may limit attempts to exploit this and other latent vulnerabilities.
>
>Deploy network intrusion detection systems to monitor network traffic for
>malicious activity.
>Malicious network activity may be indicated by network-based intrusion
>detection systems. Audit IDS and web server logs regularly to identify
>potential attacks.
>
>Run all server processes as non-privileged users with minimal access rights.
>Where possible, run the Apache server with privilege separation enabled.
>This may limit the consequences of an attacker exploiting this condition to
>execute arbitrary code.
>
>Red Hat has released a security advisory (RHSA-2003:114-09) containing fixes
>which address this issue. Further information on how to obtain and apply
>fixes can be found in the attached advisory.
>
>
>mod_auth_any mod_auth_any 1.2.2:
>         mod_auth_any Upgrade mod_auth_any-1.2.2-2.i386.rpm
>
><ftp://updates.redhat.com/7.3/en/os/i386/mod_auth_any-1.2.2-2.i386.rpm>
>         mod_auth_any Upgrade mod_auth_any-1.2.2-2.ia64.rpm
>
><ftp://updates.redhat.com/7.2/en/os/ia64/mod_auth_any-1.2.2-2.ia64.rpm>
>         mod_auth_any Upgrade mod_auth_any-1.2.2-2.i386.rpm
>
><ftp://updates.redhat.com/7.2/en/os/i386/mod_auth_any-1.2.2-2.i386.rpm>
>References
>Source: RedHat RHSA-2003:113-01 Updated mod_auth_any packages available
>URL: <http://online.securityfocus.com/advisories/5352>
>
>Source: mod_auth_any Homepage
>URL: <http://www.itlab.musc.edu/webNIS/mod_auth_any.html>
>
>Source: RHSA-2003-114
>URL: <http://rhn.redhat.com/errata/RHSA-2003-114.html>
>Credits
>The discovery of this vulnerability has been credited to Daniel Jarboe and
>Maneesh Sahani.
>
>
>
>         Regards,
>
>         David White
>
>_______________________________________________________________________
>         David White     Phone:  STD (08) 9266 2683
>         Undergraduate Course Coordinator                IDD +61-8-9266 2683
>         Department of Chemical Engineering      Fax:    STD (08) 9266 2681
>         GPO Box U1987           IDD +61-8-9266 2681
>         Perth WA 6845 Australia Email:  D.White at curtin.edu.au
>         Registered Chemical Engineer #2078733   CRICOS provider code 00301J
>
>_______________________________________________________________________
>         DISCLAIMER. Unless this email discusses official business of Curtin
>         University of Technology, it is private correspondence of the author
>         and the University accepts no responsibility for the contents.
>
>_______________________________________________________________________
>         Timetables for Semester 1, 2003, can be downloaded from
>         http://www.curtin.edu.au/curtin/dept/chemeng/chemeng_tt.pdf

weirdo at linuxalien.tk
Dot TK ambassador - For a free .tk domain please contact me

ICQ# 255176389
MSN weirdo at linuxalien.tk

Riverton, Perth, WA

More information about the plug mailing list