int(1023)

Vulnerability Bulletins

Denegación de Servicio en el módulo mod_dav de Apache

Vulnerability classification
Property Value
Confidence level Oficial
Impact Denegación de Servicio
Dificulty Experto
Required attacker level Acceso remoto sin cuenta a un servicio estandar

System information
Property Value
Affected manufacturer GNU/Linux
Affected software Apache 2.0.x <=2.0.50
IBM® HTTP Server V2.0.

Description
Se ha descubierto una vulnerabilidad en la versión 2.0.50 y anteriores de la rama 2.0.x del servidor web Apache.

La vulnerabilidad reside en el módulo mod_dav y puede ser explotada cuando una localización ha sido configurada para autorizar el acceso mediante WebDAV. La vulnerabilidad reside, concretamente, en el manejo de las peticiones LOCK.

La explotación de esta vulnerabilidad podría permitir a un atacante remoto provocar una situación de denegación de servicio cuando se utiliza un modelo de hilos para los procesos mediante el envío de una secuencia especialmente diseñada de peticiones LOCK.

Solution
Si lo desea, aplique los mecanismos de actualización propios de su distribución, o bien baje las fuentes del software y compílelo usted mismo.


Actualización de software

Apache
Apache 2.0.51
http://httpd.apache.org

Red Hat Linux

Red Hat Desktop (v. 3)
AMD64
httpd-2.0.46-40.ent.x86_64.rpm
httpd-devel-2.0.46-40.ent.x86_64.rpm
mod_ssl-2.0.46-40.ent.x86_64.rpm
SRPMS
httpd-2.0.46-40.ent.src.rpm
i386
httpd-2.0.46-40.ent.i386.rpm
httpd-devel-2.0.46-40.ent.i386.rpm
mod_ssl-2.0.46-40.ent.i386.rpm
https://rhn.redhat.com/

Red Hat Enterprise Linux AS (v. 3)
AMD64:
httpd-2.0.46-40.ent.x86_64.rpm
httpd-devel-2.0.46-40.ent.x86_64.rpm
mod_ssl-2.0.46-40.ent.x86_64.rpm
SRPMS
httpd-2.0.46-40.ent.src.rpm
i386
httpd-2.0.46-40.ent.i386.rpm
httpd-devel-2.0.46-40.ent.i386.rpm
mod_ssl-2.0.46-40.ent.i386.rpm
ia64
httpd-2.0.46-40.ent.ia64.rpm
httpd-devel-2.0.46-40.ent.ia64.rpm
mod_ssl-2.0.46-40.ent.ia64.rpm
ppc
httpd-2.0.46-40.ent.ppc.rpm
httpd-devel-2.0.46-40.ent.ppc.rpm
mod_ssl-2.0.46-40.ent.ppc.rpm
s390
httpd-2.0.46-40.ent.s390.rpm
httpd-devel-2.0.46-40.ent.s390.rpm
mod_ssl-2.0.46-40.ent.s390.rpm
s390x
httpd-2.0.46-40.ent.s390x.rpm
httpd-devel-2.0.46-40.ent.s390x.rpm
mod_ssl-2.0.46-40.ent.s390x.rpm
https://rhn.redhat.com/

Red Hat Enterprise Linux ES (v. 3)
AMD64
httpd-2.0.46-40.ent.x86_64.rpm
httpd-devel-2.0.46-40.ent.x86_64.rpm
mod_ssl-2.0.46-40.ent.x86_64.rpm
SRPMS
httpd-2.0.46-40.ent.src.rpm
i386
httpd-2.0.46-40.ent.i386.rpm
httpd-devel-2.0.46-40.ent.i386.rpm
mod_ssl-2.0.46-40.ent.i386.rpm
ia64
httpd-2.0.46-40.ent.ia64.rpm
httpd-devel-2.0.46-40.ent.ia64.rpm
mod_ssl-2.0.46-40.ent.ia64.rpm
https://rhn.redhat.com/

Red Hat Enterprise Linux WS (v. 3)
AMD64
httpd-2.0.46-40.ent.x86_64.rpm
httpd-devel-2.0.46-40.ent.x86_64.rpm
mod_ssl-2.0.46-40.ent.x86_64.rpm
SRPMS
httpd-2.0.46-40.ent.src.rpm
i386
httpd-2.0.46-40.ent.i386.rpm
httpd-devel-2.0.46-40.ent.i386.rpm
mod_ssl-2.0.46-40.ent.i386.rpm
ia64
httpd-2.0.46-40.ent.ia64.rpm
httpd-devel-2.0.46-40.ent.ia64.rpm
mod_ssl-2.0.46-40.ent.ia64.rpm
https://rhn.redhat.com/

Debian Linux

Debian Linux 3.0
Source
http://security.debian.org/pool/updates/main/liba/libapache-mod-dav/libapache-mod-dav_1.0.3-3.1.dsc
http://security.debian.org/pool/updates/main/liba/libapache-mod-dav/libapache-mod-dav_1.0.3-3.1.diff.gz
http://security.debian.org/pool/updates/main/liba/libapache-mod-dav/libapache-mod-dav_1.0.3.orig.tar.gz
Alpha
http://security.debian.org/pool/updates/main/liba/libapache-mod-dav/libapache-mod-dav_1.0.3-3.1_alpha.deb
ARM
http://security.debian.org/pool/updates/main/liba/libapache-mod-dav/libapache-mod-dav_1.0.3-3.1_arm.deb
Intel IA-32
http://security.debian.org/pool/updates/main/liba/libapache-mod-dav/libapache-mod-dav_1.0.3-3.1_i386.deb
Intel IA-64
http://security.debian.org/pool/updates/main/liba/libapache-mod-dav/libapache-mod-dav_1.0.3-3.1_ia64.deb
HP Precision
http://security.debian.org/pool/updates/main/liba/libapache-mod-dav/libapache-mod-dav_1.0.3-3.1_hppa.deb
Motorola 680x0
http://security.debian.org/pool/updates/main/liba/libapache-mod-dav/libapache-mod-dav_1.0.3-3.1_m68k.deb
Big endian MIPS
http://security.debian.org/pool/updates/main/liba/libapache-mod-dav/libapache-mod-dav_1.0.3-3.1_mips.deb
Little endian MIPS
http://security.debian.org/pool/updates/main/liba/libapache-mod-dav/libapache-mod-dav_1.0.3-3.1_mipsel.deb
PowerPC
http://security.debian.org/pool/updates/main/liba/libapache-mod-dav/libapache-mod-dav_1.0.3-3.1_powerpc.deb
IBM S/390
http://security.debian.org/pool/updates/main/liba/libapache-mod-dav/libapache-mod-dav_1.0.3-3.1_s390.deb
Sun Sparc
http://security.debian.org/pool/updates/main/liba/libapache-mod-dav/libapache-mod-dav_1.0.3-3.1_sparc.deb

HP

HP-UX B.11.00
IPv4 - Instalar hpuxwsAPACHE A.2.0.52.00
http://software.hp.com/

HP-UX B.11.11
IPv4 - Instalar hpuxwsAPACHE A.2.0.52.00
IPv6 - Instalar hpuxwsAPACHE B.2.0.52.00
http://software.hp.com/

HP-UX B.11.22
IPv4 - Actualizar a HP-UX B.11.23

HP-UX B.11.23
IPv6 - Instalar hpuxwsAPACHE B.2.0.52.00
http://software.hp.com/

IBM
APAR PQ94389
http://www.ibm.com/support/docview.wss?rs=177&&uid=swg24008324

Standar resources
Property Value
CVE CAN-2004-0809
BID

Other resources
Overview of security vulnerabilities in Apache httpd 2.0
http://www.apacheweek.com/features/security-20

Red Hat Security Advisory RHSA-2004:463-09
https://rhn.redhat.com/errata/RHSA-2004-463.html

Debian Security Advisory DSA 558-1
http://lists.debian.org/debian-security-announce/debian-security-announce-2004/msg00162.html

HP SECURITY BULLETIN HPSBUX01090
http://www5.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01090

IBM Flash (Alert) 21190212
http://www-1.ibm.com/support/docview.wss?uid=swg21190212

Version history
Version Comments Date
1.0 Aviso emitido 2004-09-15
1.1 Apache httpd 2.0.51 publicado 2004-09-16
1.2 Aviso emitido por Red Hat (RHSA-2004:463-09) 2004-09-16
1.3 Aviso emitido por Debian (DSA 558-1) 2004-10-06
1.4 Aviso emitido por HP (HPSBUX01090) 2004-10-28
1.5 Aviso emitido por IBM (21190212) 2004-11-22
Ministerio de Defensa
CNI
CCN
CCN-CERT