[manjaro-security] [arch-security] [ASA-201707-15] apache: multiple issues
Remi Gacogne
rgacogne at archlinux.org
Fri Jul 14 21:26:55 CEST 2017
Arch Linux Security Advisory ASA-201707-15
==========================================
Severity: Critical
Date : 2017-07-14
CVE-ID : CVE-2017-9788 CVE-2017-9789
Package : apache
Type : multiple issues
Remote : Yes
Link : https://security.archlinux.org/AVG-350
Summary
=======
The package apache before version 2.4.27-1 is vulnerable to multiple
issues including arbitrary code execution and information disclosure.
Resolution
==========
Upgrade to 2.4.27-1.
# pacman -Syu "apache>=2.4.27-1"
The problems have been fixed upstream in version 2.4.27.
Workaround
==========
None.
Description
===========
- CVE-2017-9788 (information disclosure)
A security issue has been found in apache's mod_auth_digest <= 2.4.26,
leading to information disclosure or denial of service. The value
placeholder in [Proxy-]Authorization headers of type 'Digest' was not
initialized or reset before or between successive key=value assignments
by mod_auth_digest. Providing an initial key with no '=' assignment
could reflect the stale value of uninitialized pool memory used by the
prior request, leading to leakage of potentially confidential
information, and a segfault.
- CVE-2017-9789 (arbitrary code execution)
A security issue has been found in apache's mod_http2 <= 2.4.26. When
under stress, closing many connections, the HTTP/2 handling code would
sometimes access memory after it has been freed, resulting in
potentially erratic behaviour.
Impact
======
A remote attacker could access sensitive information if mod_auth_digest
is enabled, or be able to execute arbitrary code on the affected host
if mod_http2 is enabled.
References
==========
https://httpd.apache.org/security/vulnerabilities_24.html
https://security.archlinux.org/CVE-2017-9788
https://security.archlinux.org/CVE-2017-9789
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.manjaro.org/pipermail/manjaro-security/attachments/20170714/c5030b85/attachment.sig>
More information about the manjaro-security
mailing list