openSUSE Security Update : apache2 (openSUSE-2012-132)

This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

- httpd-2.2.x-bnc743743-CVE-2012-0053-server_protocol_c-cookie_exposure.diff
addresses CVE-2012-0053: error responses can expose cookies when
no custom 400 error code ErrorDocument is configured. [bnc#743743]

- httpd-2.2.x-bnc741243-CVE-2012-0031-scoreboard_handling.diff:
scoreboard corruption
(shared mem segment) by child causes
crash of privileged parent (invalid free()) during shutdown.
This is rated low impact. Notice:
https://svn.apache.org/viewvc?view=revision&revision=1230065
makes a change to the struct global_score, which causes binary
incompatibility. The change in above patch only goes as far as
the binary compatibility allows; the vulnerability is completely
fixed, though. CVE-2012-0031 [bnc#741243]

- /etc/init.d/apache2: new argument 'check-reload'. Exits
1 if httpd2 runs on deleted binaries such as after
package update, else 0. This is used by equally modified
/etc/logrotate.d/apache2, which uses
'/etc/init.d/apache2 check-reload' in its prerotate
script. These changes prevent httpd2 from being
(gracefully) reloaded by logrotate, executed by cron, if
new binaries have been installed. Instead, a warning is
printed on stdout and is being logged to the syslogs. If
this happens, apache's logs are NOT rotated, and the
running processes are left untouched. This limits the
maximum damage of log rotation to unrotated logs.
'/etc/init.d/apache2 restart' (or 'rcapache2 restart')
must be executed manually in such a case. [bnc#728876]

- httpd-2.2.x-bnc729181-CVE-2011-3607-int_overflow.diff: Fix for
integer overflow in server/util.c also known as CVE-2011-3607.
[bnc#729181]

- enable build and configuration of mod_reqtimeout.c
module by default in /etc/sysconfig/apache2
(APACHE_MODULES=...). This does not change already
existing sysconfig files, the module is only activated
via sysconfig if this package is installed without
pre-existing sysconfig file. See new file
/etc/apache2/mod_reqtimeout.conf for configurables.
Helps against Slowloris.pl DoS vulnerability that
consists of eating up request slots by very slowly
submitting the request. Note that mod_reqtimeout limits
requests based on a lower boundary of request speed, not
an upper boundary! CVE-2007-6750 [bnc#738855].

See also :

https://bugzilla.novell.com/show_bug.cgi?id=728876
https://bugzilla.novell.com/show_bug.cgi?id=729181
https://bugzilla.novell.com/show_bug.cgi?id=738855
https://bugzilla.novell.com/show_bug.cgi?id=741243
https://bugzilla.novell.com/show_bug.cgi?id=743743
https://svn.apache.org/viewvc?view=revision&revision=1230065

Solution :

Update the affected apache2 packages.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

Family: SuSE Local Security Checks

Nessus Plugin ID: 74555 ()

Bugtraq ID:

CVE ID: CVE-2007-6750
CVE-2011-3607
CVE-2012-0031
CVE-2012-0053

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now