rhsa-2002_041
Vulnerability from csaf_redhat
Published
2002-03-08 00:36
Modified
2024-11-21 22:18
Summary
Red Hat Security Advisory: : Updated mod_ssl packages available

Notes

Topic
Updated mod_ssl packages for Red Hat Linux 7, 7.1, and 7.2 are available which close a buffer overflow in mod_ssl.
Details
When session caching is enabled, mod_ssl will serialize SSL session variables to store them for later use. Unpatched versions of mod_ssl prior to version 2.8.7 which use the 'shm' or 'dbm' session caches would store session variables using a buffer with a fixed size, making it vulnerable to overflow. To exploit the overflow, the server must be configured to require client certificates, and an attacker must obtain a carefully crafted client certificate that has been signed by a Certificate Authority which is trusted by the server. If these conditions are met, it would be possible for an attacker to execute arbitrary code on the server. Red Hat Linux 6.2 and earlier releases which did not include the mod_ssl package are not vulnerable to this bug. Users who utilize client certificate authentication are strongly advised to upgrade or switch to shared memory session cache, shmcb, which is not vulnerable to this issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2002-0082 to this issue.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.


To clipboard 

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated mod_ssl packages for Red Hat Linux 7, 7.1, and\n7.2 are available which close a buffer overflow in mod_ssl.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "When session caching is enabled, mod_ssl will serialize SSL session\nvariables to store them for later use.  Unpatched versions of mod_ssl prior\nto version 2.8.7 which use the \u0027shm\u0027 or \u0027dbm\u0027 session caches would store\nsession variables using a buffer with a fixed size, making it vulnerable to\noverflow.\n\nTo exploit the overflow, the server must be configured to require client\ncertificates, and an attacker must obtain a carefully crafted client\ncertificate that has been signed by a Certificate Authority which is\ntrusted by the server. If these conditions are met, it would be possible\nfor an attacker to execute arbitrary code on the server.\n\nRed Hat Linux 6.2 and earlier releases which did not include the mod_ssl\npackage are not vulnerable to this bug.  Users who utilize client\ncertificate authentication are strongly advised to upgrade or switch to\nshared memory session cache, shmcb, which is not vulnerable to this issue.\n\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CAN-2002-0082 to this issue.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2002:041",
        "url": "https://access.redhat.com/errata/RHSA-2002:041"
      },
      {
        "category": "external",
        "summary": "http://marc.theaimsgroup.com/?l=apache-modssl\u0026m=101449247201254",
        "url": "http://marc.theaimsgroup.com/?l=apache-modssl\u0026m=101449247201254"
      },
      {
        "category": "external",
        "summary": "http://online.securityfocus.com/archive/1/258646",
        "url": "http://online.securityfocus.com/archive/1/258646"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2002/rhsa-2002_041.json"
      }
    ],
    "title": "Red Hat Security Advisory: : Updated mod_ssl packages available",
    "tracking": {
      "current_release_date": "2024-11-21T22:18:56+00:00",
      "generator": {
        "date": "2024-11-21T22:18:56+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2002:041",
      "initial_release_date": "2002-03-08T00:36:00+00:00",
      "revision_history": [
        {
          "date": "2002-03-08T00:36:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2002-03-01T00:00:00+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-21T22:18:56+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Linux 7.0",
                "product": {
                  "name": "Red Hat Linux 7.0",
                  "product_id": "Red Hat Linux 7.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:linux:7.0"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Linux 7.1",
                "product": {
                  "name": "Red Hat Linux 7.1",
                  "product_id": "Red Hat Linux 7.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:linux:7.1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Linux 7.2",
                "product": {
                  "name": "Red Hat Linux 7.2",
                  "product_id": "Red Hat Linux 7.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:linux:7.2"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Linux"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2002-0082",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616740"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The dbm and shm session cache code in mod_ssl before 2.8.7-1.3.23, and Apache-SSL before 1.3.22+1.46, does not properly initialize memory using the i2d_SSL_SESSION function, which allows remote attackers to use a buffer overflow to execute arbitrary code via a large client certificate that is signed by a trusted Certificate Authority (CA), which produces a large serialized session.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Linux 7.0",
          "Red Hat Linux 7.1",
          "Red Hat Linux 7.2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0082"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616740",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616740"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0082",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0082"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0082",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0082"
        }
      ],
      "release_date": "2002-02-27T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2002-03-08T00:36:00+00:00",
          "details": "Before applying this update, make sure to apply all previously released\nerrata relevant to your system.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade.  Only those\nRPMs which are currently installed will be updated.  Those RPMs which are\nnot installed but included in the list will not be updated.  Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network.  Many\npeople find this an easier way to apply updates.  To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.\n\nAfter applying these updates, you will need to restart an active server by \nperforming the following:\n\n/etc/rc.d/init.d/httpd restart \n\nThis step must be performed manually to keep SSL-capable servers from\nstalling when the server\u0027s key is password-protected.",
          "product_ids": [
            "Red Hat Linux 7.0",
            "Red Hat Linux 7.1",
            "Red Hat Linux 7.2"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2002:041"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "security flaw"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.