[ advisories | exploits | discussions | news | conventions | security tools | texts & papers ]
 main menu
- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news
 
 discussions
- read forum
- new topic
- search
 

 meetings
- meetings list
- recent additions
- add your info
 
 top 100 sites
- visit top sites
- sign up now
- members
 
 webmasters

- add your url
- add domain
- search box
- link to us

 
 projects
- our projects
- free email
 
 m4d network
- security software
- secureroot
- m4d.com
Home : Advisories : file view vulnerability in mod_rewrite`

Title: file view vulnerability in mod_rewrite`
Released by: Caldera
Date: 10th October 2000
Printable version: Click here 
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1



______________________________________________________________________________

   Caldera Systems, Inc.  Security Advisory



Subject: file view vulnerability in mod_rewrite

Advisory number: CSSA-2000-035.0

Issue date: 2000 October, 10

Cross reference:

______________________________________________________________________________





1. Problem Description



   The Apache HTTP server comes with a module named mod_rewrite

   which can be used to rewrite URLs presented by the client

   before further processing.



   The processing logic in mod_rewrite contains a flaw that allows

   attackers to view arbitrary files on the server system.



   In the default configuration shipped with OpenLinux, mod_rewrite

   is disabled.



2. Vulnerable Versions



   System                       Package

   -----------------------------------------------------------

   OpenLinux Desktop 2.3        All packages previous to

   apache-1.3.4-5



   OpenLinux eServer 2.3        All packages previous to

   and OpenLinux eBuilder       apache-1.3.9-5S



   OpenLinux eDesktop 2.4 All packages previous to

                                apache-1.3.11-2D



3. Solution



   Workaround:



   If you haven't enabled mod_rewrite, no action is required on

   your part. If you do use mod_rewrite, update to the fixed packages.



4. OpenLinux Desktop 2.3



   4.1 Location of Fixed Packages



       The upgrade packages can be found on Caldera's FTP site at:



       http://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/RPMS/



       The corresponding source code package can be found at:



       http://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/SRPMS



   4.2 Verification



       c01531115e05d0371db7b1ac83c85b3b  RPMS/apache-1.3.4-5.i386.rpm

       8403e4002988a610c8a0ee11e4b088b1  RPMS/apache-docs-1.3.4-5.i386.rpm

       28a4dc488a42088c1761cbb210a26c9c  SRPMS/apache-1.3.4-5.src.rpm



   4.3 Installing Fixed Packages



       Upgrade the affected packages with the following commands:



  rpm -Fhv apache-*1.3.4-5.i386.rpm



5. OpenLinux eServer 2.3 and OpenLinux eBuilder for ECential 3.0



   5.1 Location of Fixed Packages



       The upgrade packages can be found on Caldera's FTP site at:



       http://ftp.calderasystems.com/pub/updates/eServer/2.3/current/RPMS/



       The corresponding source code package can be found at:



       http://ftp.calderasystems.com/pub/updates/eServer/2.3/current/SRPMS



   5.2 Verification



       45bd05d80b8c5ca5ef87da39de9c19dd  RPMS/apache-1.3.9-5S.i386.rpm

       0a2043799cdf207f5b797f027a1228a3  RPMS/apache-devel-1.3.9-5S.i386.rpm

       7aa9d9789fb94600439752a72bb525fb  RPMS/apache-docs-1.3.9-5S.i386.rpm

       6305241c58b0185babe1582438aa62e9  SRPMS/apache-1.3.9-5S.src.rpm



   5.3 Installing Fixed Packages



       Upgrade the affected packages with the following commands:



  rpm -Fhv apache-*1.3.9-5S.i386.rpm



6. OpenLinux eDesktop 2.4



   6.1 Location of Fixed Packages



       The upgrade packages can be found on Caldera's FTP site at:



       http://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/RPMS/



       The corresponding source code package can be found at:



       http://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/SRPMS



   6.2 Verification



       c303c215facbe330fd454e502a50e798  RPMS/apache-1.3.11-2D.i386.rpm

       a173b7d14a0d0c1badf9e23c6ec3769e  RPMS/apache-devel-1.3.11-2D.i386.rpm

       3c92d84da29b69e8f4b665a17ce2328f  RPMS/apache-docs-1.3.11-2D.i386.rpm

       e9c43b643cb040b97130dcfd3ee17b10  SRPMS/apache-1.3.11-2D.src.rpm



   6.3 Installing Fixed Packages



       Upgrade the affected packages with the following commands:



  rpm -Fhv apache-*1.3.11-2D.i386.rpm



7. References



   This and other Caldera security resources are located at:



   http://www.calderasystems.com/support/security/index.html



   This security fix closes Caldera's internal Problem Report 7940.



8. Disclaimer



   Caldera Systems, Inc. is not responsible for the misuse of any of the

   information we provide on this website and/or through our security

   advisories. Our advisories are a service to our customers intended to

   promote secure installation and use of Caldera OpenLinux.



______________________________________________________________________________

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.0.1 (GNU/Linux)

Comment: For info see http://www.gnupg.org



iD8DBQE54wIa18sy83A/qfwRAiBuAJ4m7PwHmpb75kGjgfRgW0b23zTQBACfdz0a

TSR0QmfBRaIy7I3ZdjH2Blk=

=ijRI

-----END PGP SIGNATURE-----






(C) 1999-2000 All rights reserved.