RootSSV:4227Apache Mod_SSL可定制错误文档拒绝服务漏洞
0.974 High
EPSS
Percentile
99.9%
BUGTRAQ ID: 16152
CVE(CAN) ID: CVE-2005-3357
Mod_SSL是Apache服务器上的SSL实现,用来为Apache Web服务器提供加密支持。
在某些配置情况下Apache的Mod_SSL存在拒绝服务器,远程攻击者可能利用此漏洞导致Apache服务器的拒绝服务。
此拒绝服务漏洞是一个可能的空指针废弃问题引起的,当Apache被配置成支持对代码400错误可定制ErrorDocument时可触发此漏洞,远程攻击者可导致Apache进程或线程崩溃,持继性的攻击可以使Apache失去响应。
Apache Group Apache 2.x
临时解决方法:
如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁:
- 不要为Apache配置成对代码400错误可定制ErrorDocument。
厂商补丁:
RedHat
RedHat已经为此发布了一个安全公告(RHSA-2006:0159-01)以及相应补丁:
RHSA-2006:0159-01:Moderate: httpd security update
链接:<a href=“http://lwn.net/Alerts/166549/?format=printable” target=“_blank”>http://lwn.net/Alerts/166549/?format=printable</a>
补丁下载:
Red Hat Enterprise Linux AS version 3:
SRPMS:
<a href=“ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/httpd…” target=“_blank”>ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/httpd…</a>
5fb40d08b35daf0b9dca84bae2d807ad httpd-2.0.46-56.ent.src.rpm
i386:
58472c7851877c10d75fc11acc987690 httpd-2.0.46-56.ent.i386.rpm
7c5a357dc808d626e84f0b811d875087 httpd-devel-2.0.46-56.ent.i386.rpm
fd69217826949e34854440914919115d mod_ssl-2.0.46-56.ent.i386.rpm
ia64:
9ba4fcecc7a987e0095cab3f3097573e httpd-2.0.46-56.ent.ia64.rpm
eaaa9f395d525f97d864fa8fb7abf0b3 httpd-devel-2.0.46-56.ent.ia64.rpm
5c1958e1b3abe828ccc70ef6aed3bb64 mod_ssl-2.0.46-56.ent.ia64.rpm
ppc:
463c75e6ea66006c222c769c133bc4a0 httpd-2.0.46-56.ent.ppc.rpm
fbfa43b0915f7593b0b53b060ccaa5f8 httpd-devel-2.0.46-56.ent.ppc.rpm
a9c64df8a73025eca98e931dd074b69a mod_ssl-2.0.46-56.ent.ppc.rpm
s390:
fe25eb28019d8d9a3a75b87eb60dbfe9 httpd-2.0.46-56.ent.s390.rpm
21a7aab2c525ea1f61528823f440c1ab httpd-devel-2.0.46-56.ent.s390.rpm
4bec0fb1ba74b43121cba95fcbc54430 mod_ssl-2.0.46-56.ent.s390.rpm
s390x:
1f0093a5d44fa75ad8d5dff12f6a8f81 httpd-2.0.46-56.ent.s390x.rpm
e005b654914be004d22d456c3f7cd9f1 httpd-devel-2.0.46-56.ent.s390x.rpm
ed206f46043e55028a3a1ec63f516042 mod_ssl-2.0.46-56.ent.s390x.rpm
x86_64:
19e480d4aaf0e54cd1e8beb741081e1c httpd-2.0.46-56.ent.x86_64.rpm
204c07d7e05a9d4b3292a5072d9c6f2a httpd-devel-2.0.46-56.ent.x86_64.rpm
770cc4db896225d99e1df93a589a02b4 mod_ssl-2.0.46-56.ent.x86_64.rpm
Red Hat Desktop version 3:
SRPMS:
<a href=“ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/…” target=“_blank”>ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/…</a>
5fb40d08b35daf0b9dca84bae2d807ad httpd-2.0.46-56.ent.src.rpm
i386:
58472c7851877c10d75fc11acc987690 httpd-2.0.46-56.ent.i386.rpm
7c5a357dc808d626e84f0b811d875087 httpd-devel-2.0.46-56.ent.i386.rpm
fd69217826949e34854440914919115d mod_ssl-2.0.46-56.ent.i386.rpm
x86_64:
19e480d4aaf0e54cd1e8beb741081e1c httpd-2.0.46-56.ent.x86_64.rpm
204c07d7e05a9d4b3292a5072d9c6f2a httpd-devel-2.0.46-56.ent.x86_64.rpm
770cc4db896225d99e1df93a589a02b4 mod_ssl-2.0.46-56.ent.x86_64.rpm
Red Hat Enterprise Linux ES version 3:
SRPMS:
<a href=“ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/httpd…” target=“_blank”>ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/httpd…</a>
5fb40d08b35daf0b9dca84bae2d807ad httpd-2.0.46-56.ent.src.rpm
i386:
58472c7851877c10d75fc11acc987690 httpd-2.0.46-56.ent.i386.rpm
7c5a357dc808d626e84f0b811d875087 httpd-devel-2.0.46-56.ent.i386.rpm
fd69217826949e34854440914919115d mod_ssl-2.0.46-56.ent.i386.rpm
ia64:
9ba4fcecc7a987e0095cab3f3097573e httpd-2.0.46-56.ent.ia64.rpm
eaaa9f395d525f97d864fa8fb7abf0b3 httpd-devel-2.0.46-56.ent.ia64.rpm
5c1958e1b3abe828ccc70ef6aed3bb64 mod_ssl-2.0.46-56.ent.ia64.rpm
x86_64:
19e480d4aaf0e54cd1e8beb741081e1c httpd-2.0.46-56.ent.x86_64.rpm
204c07d7e05a9d4b3292a5072d9c6f2a httpd-devel-2.0.46-56.ent.x86_64.rpm
770cc4db896225d99e1df93a589a02b4 mod_ssl-2.0.46-56.ent.x86_64.rpm
Red Hat Enterprise Linux WS version 3:
SRPMS:
<a href=“ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/httpd…” target=“_blank”>ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/httpd…</a>
5fb40d08b35daf0b9dca84bae2d807ad httpd-2.0.46-56.ent.src.rpm
i386:
58472c7851877c10d75fc11acc987690 httpd-2.0.46-56.ent.i386.rpm
7c5a357dc808d626e84f0b811d875087 httpd-devel-2.0.46-56.ent.i386.rpm
fd69217826949e34854440914919115d mod_ssl-2.0.46-56.ent.i386.rpm
ia64:
9ba4fcecc7a987e0095cab3f3097573e httpd-2.0.46-56.ent.ia64.rpm
eaaa9f395d525f97d864fa8fb7abf0b3 httpd-devel-2.0.46-56.ent.ia64.rpm
5c1958e1b3abe828ccc70ef6aed3bb64 mod_ssl-2.0.46-56.ent.ia64.rpm
x86_64:
19e480d4aaf0e54cd1e8beb741081e1c httpd-2.0.46-56.ent.x86_64.rpm
204c07d7e05a9d4b3292a5072d9c6f2a httpd-devel-2.0.46-56.ent.x86_64.rpm
770cc4db896225d99e1df93a589a02b4 mod_ssl-2.0.46-56.ent.x86_64.rpm
Red Hat Enterprise Linux AS version 4:
SRPMS:
<a href=“ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/httpd…” target=“_blank”>ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/httpd…</a>
1758c0d1f6326b2f8d77885a351872a1 httpd-2.0.52-22.ent.src.rpm
i386:
64b2b544496645ed16ce4e7415b358b0 httpd-2.0.52-22.ent.i386.rpm
7191377bec8fdd54c327830b05f74e7e httpd-devel-2.0.52-22.ent.i386.rpm
5b69c82ad64cee1b4c46e9f814e88286 httpd-manual-2.0.52-22.ent.i386.rpm
4cde89fc87b21feff51d54098fe4ed83 httpd-suexec-2.0.52-22.ent.i386.rpm
97f4a87d758c4b84def3abf53e6293cc mod_ssl-2.0.52-22.ent.i386.rpm
ia64:
c7522babbf9b3a24f8c3bfaff8e2e10f httpd-2.0.52-22.ent.ia64.rpm
10a317c00ae0e59b4f3071870f6d939a httpd-devel-2.0.52-22.ent.ia64.rpm
adaf0ba8b49ee0ceb3469e1b5f67c339 httpd-manual-2.0.52-22.ent.ia64.rpm
38dec291e729a7e69bdc9ba25cfca5be httpd-suexec-2.0.52-22.ent.ia64.rpm
fa92eddcfe59311085ed2c0c7675380b mod_ssl-2.0.52-22.ent.ia64.rpm
ppc:
1fef1c2e4c3e8796c8d29f1a8b4288f2 httpd-2.0.52-22.ent.ppc.rpm
756f217a147ae442b5b60612c42a6e80 httpd-devel-2.0.52-22.ent.ppc.rpm
d8f0dd7e832cad4efa48333ed1d649af httpd-manual-2.0.52-22.ent.ppc.rpm
3a466a4bceadf2fcc1994206481062a6 httpd-suexec-2.0.52-22.ent.ppc.rpm
a293bf05ecae2c4b192d5ec3dfcbb98d mod_ssl-2.0.52-22.ent.ppc.rpm
s390:
c9aee197a528745c6c8590f7605b1643 httpd-2.0.52-22.ent.s390.rpm
9f8f303a60b8b52a5a1c4be911df9212 httpd-devel-2.0.52-22.ent.s390.rpm
f3107dc3d74f773f21854fc94e2eca2d httpd-manual-2.0.52-22.ent.s390.rpm
4f3d8737a2656298e7b2b867b0f35d2a httpd-suexec-2.0.52-22.ent.s390.rpm
e78eb4e3946b778fcd3a8fd650c1cc02 mod_ssl-2.0.52-22.ent.s390.rpm
s390x:
c175a4c5c89597afd57932e6e08f5755 httpd-2.0.52-22.ent.s390x.rpm
f894f7f71f4ab719d09812bb794f37df httpd-devel-2.0.52-22.ent.s390x.rpm
da94d5e68605db9f5c4c801e853e60ad httpd-manual-2.0.52-22.ent.s390x.rpm
350bbc702110c42e1cf95787168d63b1 httpd-suexec-2.0.52-22.ent.s390x.rpm
321b95391c4d73b76fb632db96fec976 mod_ssl-2.0.52-22.ent.s390x.rpm
x86_64:
e0c7651c64d7ba3c4c1e6e5b0296295c httpd-2.0.52-22.ent.x86_64.rpm
95f9a419ba8d943c5a99fc750fc82176 httpd-devel-2.0.52-22.ent.x86_64.rpm
f72c3a86cae6f4a2716e27d1e315797c httpd-manual-2.0.52-22.ent.x86_64.rpm
dbbd0863f64a60bba95c0bd2164e4d17 httpd-suexec-2.0.52-22.ent.x86_64.rpm
8ee3ac6dff631ffc1d2b645582b35cfb mod_ssl-2.0.52-22.ent.x86_64.rpm
Red Hat Enterprise Linux Desktop version 4:
SRPMS:
<a href=“ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/…” target=“_blank”>ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/…</a>
1758c0d1f6326b2f8d77885a351872a1 httpd-2.0.52-22.ent.src.rpm
i386:
64b2b544496645ed16ce4e7415b358b0 httpd-2.0.52-22.ent.i386.rpm
7191377bec8fdd54c327830b05f74e7e httpd-devel-2.0.52-22.ent.i386.rpm
5b69c82ad64cee1b4c46e9f814e88286 httpd-manual-2.0.52-22.ent.i386.rpm
4cde89fc87b21feff51d54098fe4ed83 httpd-suexec-2.0.52-22.ent.i386.rpm
97f4a87d758c4b84def3abf53e6293cc mod_ssl-2.0.52-22.ent.i386.rpm
x86_64:
e0c7651c64d7ba3c4c1e6e5b0296295c httpd-2.0.52-22.ent.x86_64.rpm
95f9a419ba8d943c5a99fc750fc82176 httpd-devel-2.0.52-22.ent.x86_64.rpm
f72c3a86cae6f4a2716e27d1e315797c httpd-manual-2.0.52-22.ent.x86_64.rpm
dbbd0863f64a60bba95c0bd2164e4d17 httpd-suexec-2.0.52-22.ent.x86_64.rpm
8ee3ac6dff631ffc1d2b645582b35cfb mod_ssl-2.0.52-22.
可使用下列命令安装补丁:
rpm -Fvh [文件名]
Related
