Apache: Multiple vulnerabilities
Gentoo Linux Security Advisory
||GLSA 200907-04 / apache
||July 12, 2009
||July 12, 2009: 01
All supported architectures
#268154, #271470, #276426, #276792
Multiple vulnerabilities in the Apache HTTP daemon allow for local
privilege escalation, information disclosure or Denial of Service attacks.
The Apache HTTP server is one of the most popular web servers on the
Multiple vulnerabilities have been discovered in the Apache HTTP
- Jonathan Peatfield reported that the
"Options=IncludesNoEXEC" argument to the "AllowOverride" directive is
not processed properly (CVE-2009-1195).
- Sander de Boer
discovered that the AJP proxy module (mod_proxy_ajp) does not correctly
handle POST requests that do not contain a request body
- The vendor reported that the HTTP proxy
module (mod_proxy_http), when being used as a reverse proxy, does not
properly handle requests containing more data as stated in the
"Content-Length" header (CVE-2009-1890).
- Francois Guerraz
discovered that mod_deflate does not abort the compression of large
files even when the requesting connection is closed prematurely
A local attacker could circumvent restrictions put up by the server
administrator and execute arbitrary commands with the privileges of the
user running the Apache server. A remote attacker could send multiple
requests to a server with the AJP proxy module, possibly resulting in
the disclosure of a request intended for another client, or cause a
Denial of Service by sending specially crafted requests to servers
running mod_proxy_http or mod_deflate.
Remove "include", "proxy_ajp", "proxy_http" and "deflate" from
APACHE2_MODULES in make.conf and rebuild Apache, or disable the
aforementioned modules in the Apache configuration.
All Apache users should upgrade to the latest version:
Code Listing 3.1: Resolution
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-servers/apache-2.2.11-r2"