Apache Web Server 安全漏洞

admin
admin
admin
0
文章
0
评论
2022-07-22 09:10:52 CNNVD漏洞 来源:ZONE.CI 全球网 0 阅读模式

漏洞信息详情

Apache Web Server 安全漏洞

  • CNNVD编号:CNNVD-200207-041
  • 危害等级: 高危
  • CVE编号: CVE-2002-0392
  • 漏洞类型: 其他
  • 发布时间: 2002-06-18
  • 威胁类型: 远程
  • 更新时间: 2021-07-16
  • 厂        商: apache
  • 漏洞来源: Mark Litchfield※ m...

漏洞简介

Apache Web Server是一款非常流行的开放源码、功能强大的Web服务器程序,由Apache Software Foundation开发和维护。它可以运行在多种操作系统平台下,例如Unix/Linux/BSD系统以及Windows系统。Apache在处理以分块(chunked)方式传输数据的HTTP请求时存在设计漏洞,远程攻击者可能利用此漏洞在某些Apache服务器上以Web服务器进程的权限执行任意指令或进行拒绝服务攻击。分块编码(chunked encoding)传输方式是HTTP 1.1协议中定义的Web用户向服务器提交数据的一种方法,当服务器收到chunked编码方式的数据时会分配一个缓冲区存放之,如果提交的数据大小未知,客户端会以一个协商好的分块大小向服务器提交数据。Apache服务器缺省也提供了对分块编码(chunked encoding)支持。Apache使用了一个有符号变量储存分块长度,同时分配了一个固定大小的堆栈缓冲区来储存分块数据。出于安全考虑,在将分块数据拷贝到缓冲区之前,Apache会对分块长度进行检查,如果分块长度大于缓冲区长度,Apache将最多只拷贝缓冲区长度的数据,否则,则根据分块长度进行数据拷贝。然而在进行上述检查时,没有将分块长度转换为无符号型进行比较,因此,如果攻击者将分块长度设置成一个负值,就会绕过上述安全检查,Apache会将一个超长(至少>0x80000000字节)的分块数据拷贝到缓冲区中,这会造成一个缓冲区溢出。对于1.3到1.3.24(含1.3.24)版本的Apache,现在已经证实在Win32系统下, 远程攻击者可能利用这一漏洞执行任意代码。在UNIX系统下,也已经证实至少在OpenBSD系统下可以利用这一漏洞执行代码。据报告称下列系统也可以成功的利用: * Sun Solaris 6-8 (sparc/x86) * FreeBSD 4.3-4.5 (x86) * OpenBSD 2.6-3.1 (x86) * Linux (GNU) 2.4 (x86)对于Apache 2.0到2.0.36(含2.0.36),尽管存在同样的问题代码,但它会检测错误出现的条件并使子进程退出。根据不同因素,包括受影响系统支持的线程模式的影响,本漏洞可导致各种操作系统下运行的Apache Web服务器拒绝服务。

漏洞公告

临时解决方法:

此安全漏洞没有好的临时解决方案,由于已经有一个有效的攻击代码被发布,我们建议您立刻升级到Apache最新版本。

厂商补丁:

Apache Group

------------

Apache Group已经为此发布了一个安全公告(SB-20020617)以及相应的升级程序:

SB-20020617:Apache httpd: vulnerability with chunked encoding

链接:

http://httpd.apache.org/info/security_bulletin_20020617.txt" target="_blank">

http://httpd.apache.org/info/security_bulletin_20020617.txt

您可以在下列地址下载最新版本:

Apache 1.3.26:

Apache 2.0.39:

http://www.apache.org/dist/httpd/" target="_blank">

http://www.apache.org/dist/httpd/

Debian

------

Debian已经为此发布了一个安全公告(DSA-131-1)以及相应补丁:

DSA-131-1:Apache chunk handling vulnerability

链接:

http://www.debian.org/security/2002/dsa-131" target="_blank">

http://www.debian.org/security/2002/dsa-131

补丁下载:

Source archives:

http://security.debian.org/dists/stable/updates/main/source/apache_1.3.9-14.1.diff.gz" target="_blank">

http://security.debian.org/dists/stable/updates/main/source/apache_1.3.9-14.1.diff.gz

http://security.debian.org/dists/stable/updates/main/source/apache_1.3.9-14.1.dsc" target="_blank">

http://security.debian.org/dists/stable/updates/main/source/apache_1.3.9-14.1.dsc

http://security.debian.org/dists/stable/updates/main/source/apache_1.3.9.orig.tar.gz" target="_blank">

http://security.debian.org/dists/stable/updates/main/source/apache_1.3.9.orig.tar.gz

Architecture independent archives:

http://security.debian.org/dists/stable/updates/main/binary-all/apache-doc_1.3.9-14.1_all.deb" target="_blank">

http://security.debian.org/dists/stable/updates/main/binary-all/apache-doc_1.3.9-14.1_all.deb

Alpha architecture:

http://security.debian.org/dists/stable/updates/main/binary-alpha/apache-common_1.3.9-14.1_alpha.deb" target="_blank">

http://security.debian.org/dists/stable/updates/main/binary-alpha/apache-common_1.3.9-14.1_alpha.deb

http://security.debian.org/dists/stable/updates/main/binary-alpha/apache-dev_1.3.9-14.1_alpha.deb" target="_blank">

http://security.debian.org/dists/stable/updates/main/binary-alpha/apache-dev_1.3.9-14.1_alpha.deb

http://security.debian.org/dists/stable/updates/main/binary-alpha/apache_1.3.9-14.1_alpha.deb" target="_blank">

http://security.debian.org/dists/stable/updates/main/binary-alpha/apache_1.3.9-14.1_alpha.deb

ARM architecture:

http://security.debian.org/dists/stable/updates/main/binary-arm/apache-common_1.3.9-14.1_arm.deb" target="_blank">

http://security.debian.org/dists/stable/updates/main/binary-arm/apache-common_1.3.9-14.1_arm.deb

http://security.debian.org/dists/stable/updates/main/binary-arm/apache-dev_1.3.9-14.1_arm.deb" target="_blank">

http://security.debian.org/dists/stable/updates/main/binary-arm/apache-dev_1.3.9-14.1_arm.deb

http://security.debian.org/dists/stable/updates/main/binary-arm/apache_1.3.9-14.1_arm.deb" target="_blank">

http://security.debian.org/dists/stable/updates/main/binary-arm/apache_1.3.9-14.1_arm.deb

Intel IA-32 architecture:

http://security.debian.org/dists/stable/updates/main/binary-i386/apache-common_1.3.9-14.1_i386.deb" target="_blank">

http://security.debian.org/dists/stable/updates/main/binary-i386/apache-common_1.3.9-14.1_i386.deb

http://security.debian.org/dists/stable/updates/main/binary-i386/apache-dev_1.3.9-14.1_i386.deb" target="_blank">

http://security.debian.org/dists/stable/updates/main/binary-i386/apache-dev_1.3.9-14.1_i386.deb

http://security.debian.org/dists/stable/updates/main/binary-i386/apache_1.3.9-14.1_i386.deb" target="_blank">

http://security.debian.org/dists/stable/updates/main/binary-i386/apache_1.3.9-14.1_i386.deb

Motorola 680x0 architecture:

http://security.debian.org/dists/stable/updates/main/binary-m68k/apache-common_1.3.9-14.1_m68k.deb" target="_blank">

http://security.debian.org/dists/stable/updates/main/binary-m68k/apache-common_1.3.9-14.1_m68k.deb

http://security.debian.org/dists/stable/updates/main/binary-m68k/apache-dev_1.3.9-14.1_m68k.deb" target="_blank">

http://security.debian.org/dists/stable/updates/main/binary-m68k/apache-dev_1.3.9-14.1_m68k.deb

http://security.debian.org/dists/stable/updates/main/binary-m68k/apache_1.3.9-14.1_m68k.deb" target="_blank">

http://security.debian.org/dists/stable/updates/main/binary-m68k/apache_1.3.9-14.1_m68k.deb

PowerPC architecture:

http://security.debian.org/dists/stable/updates/main/binary-powerpc/apache-common_1.3.9-14.1_powerpc.deb" target="_blank">

http://security.debian.org/dists/stable/updates/main/binary-powerpc/apache-common_1.3.9-14.1_powerpc.deb

http://security.debian.org/dists/stable/updates/main/binary-powerpc/apache-dev_1.3.9-14.1_powerpc.deb" target="_blank">

http://security.debian.org/dists/stable/updates/main/binary-powerpc/apache-dev_1.3.9-14.1_powerpc.deb

http://security.debian.org/dists/stable/up" target="_blank">

http://security.debian.org/dists/stable/up

补丁安装方法:

1. 手工安装补丁包:

首先,使用下面的命令来下载补丁软件:

# wget url (url是补丁下载链接地址)

然后,使用下面的命令来安装补丁:

# dpkg -i file.deb (file是相应的补丁名)

2. 使用apt-get自动安装补丁包:

首先,使用下面的命令更新内部数据库:

# apt-get update

然后,使用下面的命令安装更新软件包:

# apt-get upgrade

FreeBSD

-------

FreeBSD已经为此发布了一个安全公告(FreeBSD-SN-02:04)以及相应补丁:

FreeBSD-SN-02:04:security issues in ports

链接:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:04 .asc

为了升级一个修复后的port包,可以采用下列两种方法中的任意一种:

1) 更新您的"Ports Collection",然后重建、重新安装port.您可以使用下列几个工具来使升级工作更简单:

/usr/ports/devel/portcheckout

/usr/ports/misc/porteasy

/usr/ports/sysutils/portupgrade

2) 卸载旧的port软件包,从下列地址获取并安装一个新的包:

[i386]

ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/All/

OpenBSD

-------

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.1/common/005_httpd.patch

更多信息可以参考如下链接:

http://www.openbsd.org/errata.HTML#httpd" target="_blank">

http://www.openbsd.org/errata.HTML#httpd

RedHat

------

RedHat已经为此发布了一个安全公告(RHSA-2002:103-13)以及相应补丁:

RHSA-2002:103-13:Updated Apache packages fix chunked encoding issue

链接:https://www.redhat.com/support/errata/RHSA-2002-103.HTML

补丁下载:

Red Hat Linux 6.2:

SRPMS:

ftp://updates.redhat.com/6.2/en/os/SRPMS/apache-1.3.22-5.6.src.rpm

alpha:

ftp://updates.redhat.com/6.2/en/os/alpha/apache-1.3.22-5.6.alpha.rpm

ftp://updates.redhat.com/6.2/en/os/alpha/apache-devel-1.3.22-5.6.alpha.rpm

ftp://updates.redhat.com/6.2/en/os/alpha/apache-manual-1.3.22-5.6.alpha.rpm

i386:

ftp://updates.redhat.com/6.2/en/os/i386/apache-1.3.22-5.6.i386.rpm

ftp://updates.redhat.com/6.2/en/os/i386/apache-devel-1.3.22-5.6.i386.rpm

ftp://updates.redhat.com/6.2/en/os/i386/apache-manual-1.3.22-5.6.i386.rpm

sparc:

ftp://updates.redhat.com/6.2/en/os/sparc/apache-1.3.22-5.6.sparc.rpm

参考网址

来源:ENGARDE

链接:http://www.linuxsecurity.com/advisories/other_advisory-2137.HTML

来源:httpd.apache.org%3E

链接:httpd.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.HTML/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.

来源:BID

链接:https://www.securityfocus.com/bid/5033

来源:OSVDB

链接:http://www.osvdb.org/838

来源:MLIST

链接:https://lists.apache.org/thread.HTML/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.

来源:MANDRAKE

链接:http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:039

来源:MLIST

链接:https://lists.apache.org/thread.HTML/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.

来源:XF

链接:http://www.iss.net/security_center/static/9249.php

来源:BUGTRAQ

链接:http://online.securityfocus.com/archive/1/278149

来源:httpd.apache.org

链接:httpd.apache.org/info/security_bulletin_20020617.txt

来源:REDHAT

链接:http://rhn.redhat.com/errata/RHSA-2002-118.HTML

来源:DEBIAN

链接:https://www.debian.org/security/2002/dsa-133

来源:SUSE

链接:http://www.novell.com/linux/security/advisories/2002_22_apache.HTML

来源:DEBIAN

链接:https://www.debian.org/security/2002/dsa-131

来源:DEBIAN

链接:https://www.debian.org/security/2002/dsa-132

来源:MLIST

链接:https://lists.apache.org/thread.HTML/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.

来源:HP

链接:http://online.securityfocus.com/advisories/4240

来源:FRSIRT

链接:http://www.frsirt.com/english/advisories/2006/3598

来源:REDHAT

链接:http://www.redhat.com/support/errata/RHSA-2002-150.HTML

来源:MLIST

链接:https://lists.apache.org/thread.HTML/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.

来源:REDHAT

链接:http://www.redhat.com/support/errata/RHSA-2002-126.HTML

来源:MLIST

链接:https://lists.apache.org/thread.HTML/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.

来源:BUGTRAQ

链接:http://archives.neohapsis.com/archives/bugtraq/2002-06/0266.HTML

来源:MLIST

链接:https://lists.apache.org/thread.HTML/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.

来源:BUGTRAQ

链接:http://archives.neohapsis.com/archives/bugtraq/2002-06/0235.HTML

来源:MLIST

链接:https://lists.apache.org/thread.HTML/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.

来源:SECUNIA

链接:http://secunia.com/advisories/21917

来源:HP

链接:http://www2.itrc.hp.com/service/cki/docDisplay.do?docLocale=en_US&docId=200000083816475

来源:MLIST

链接:https://lists.apache.org/thread.HTML/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.

来源:CONECTIVA

链接:http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000498

来源:MLIST

链接:https://lists.apache.org/thread.HTML/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.

来源:REDHAT

链接:http://www.redhat.com/support/errata/RHSA-2003-106.HTML

来源:HP

链接:http://online.securityfocus.com/advisories/4257

来源:REDHAT

链接:http://rhn.redhat.com/errata/RHSA-2002-117.HTML

来源:REDHAT

链接:http://rhn.redhat.com/errata/RHSA-2002-103.HTML

来源:MLIST

链接:https://lists.apache.org/thread.HTML/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.

来源:MLIST

链接:https://lists.apache.org/thread.HTML/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01@%3Ccvs.

来源:CERT

链接:http://www.cert.org/advisories/CA-2002-17.HTML

来源:BID

链接:https://www.securityfocus.com/bid/20005

来源:CERT-VN

链接:http://www.kb.cert.org/vuls/id/944335

受影响实体

  • Apache Http_server:2.0.36  
  • Apache Http_server:2.0.35  
  • Apache Http_server:2.0.32  
  • Apache Http_server:2.0.28  
  • Apache Http_server:2.0  

补丁

    暂无

weinxin
特别声明
本站(ZONE.CI)所有文章仅供技术研究,若将其信息做其他用途,由用户承担全部法律及连带责任,本站不承担任何法律及连带责任,请遵守中华人民共和国安全法.
ZONE.CI 全球网 | 安全领域涉猎者-乌云独行地带
咨询加Q:999999999
ZONE.CI 全球网 | 安全领域涉猎者-乌云独行地带
ZONE.CI 全球网 安全领域涉猎者-乌云独行地带
获取本源码
售前咨询加Q:120433200
站媒体网仿《知更鸟》模板
获取本源码 zmt6.com
评论:0   参与:  0