---------------------------------------------------------------------- Hardcore Disassembler / Reverse Engineer Wanted! Want to work with IDA and BinDiff? Want to write PoC's and Exploits? Your nationality is not important. We will get you a work permit, find an apartment, and offer a relocation compensation package. http://secunia.com/hardcore_disassembler_and_reverse_engineer/ ---------------------------------------------------------------------- TITLE: SUSE update for apache SECUNIA ADVISORY ID: SA21245 VERIFY ADVISORY: http://secunia.com/advisories/21245/ CRITICAL: Moderately critical IMPACT: DoS, System access WHERE: >From remote OPERATING SYSTEM: SUSE Linux Enterprise Server 9 http://secunia.com/product/4118/ SUSE Linux 9.3 http://secunia.com/product/4933/ SUSE Linux 9.2 http://secunia.com/product/4258/ SUSE Linux 10.1 http://secunia.com/product/10796/ SUSE Linux 10 http://secunia.com/product/6221/ DESCRIPTION: SUSE has issued an update for apache. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system. For more information: SA21197 SOLUTION: Apply updated packages. x86 Platform: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/apache2-2.2.0-21.7.i586.rpm 124342d5311b318586d91d12117bdd2a ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/apache2-prefork-2.2.0-21.7.i586.rpm 4a73ae89777943f4127743f817f0a0a5 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/apache2-worker-2.2.0-21.7.i586.rpm 1905af7f606986f1818ebed5bd3382d5 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/apache2-2.0.54-10.5.i586.rpm adf6c8665b9f0f36c6a7720a8f1bfad1 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/apache2-prefork-2.0.54-10.5.i586.rpm 1cbcec6896dc46504140177b48ca014d ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/apache2-worker-2.0.54-10.5.i586.rpm f721e397c518cc6160886a1296e5a109 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/apache2-2.0.53-9.12.i586.rpm e6ae2ee1353c1f1c31c0595b60d18137 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/apache2-prefork-2.0.53-9.12.i586.rpm cb02c5f97671d2ab0a64215ed9987c2f ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/apache2-worker-2.0.53-9.12.i586.rpm b8872991cf54d99659e60d860d0c44e8 SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/apache2-2.0.50-7.14.i586.rpm 9365d403839e7c0740aae1e2f1b6cdfc ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/apache2-prefork-2.0.50-7.14.i586.rpm 97d506d68996f80ffaaaa6494a127f7c ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/apache2-worker-2.0.50-7.14.i586.rpm f649e8eb98d43d6a44231f0c7453c9b2 Power PC Platform: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/apache2-2.2.0-21.7.ppc.rpm 133b02c7a3a52a2bf144ece351ba00a1 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/apache2-prefork-2.2.0-21.7.ppc.rpm 099056b7a0f634ff1daf583ce2163839 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/apache2-worker-2.2.0-21.7.ppc.rpm a22ae78408cedfea6d66362509d3c721 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/apache2-2.0.54-10.5.ppc.rpm 16a119e6dab8e972a992ef37bd9973aa ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/apache2-prefork-2.0.54-10.5.ppc.rpm fcb8c3ca92f1b9a39791f51aad5b8907 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/apache2-worker-2.0.54-10.5.ppc.rpm 0f5dff953aea37964958bc0ed8932412 x86-64 Platform: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/apache2-2.2.0-21.7.x86_64.rpm 3ab36db089d7f3d60a7114820970afdd ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/apache2-prefork-2.2.0-21.7.x86_64.rpm b7e9bc09fe9684292acf0e7ed0218b14 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/apache2-worker-2.2.0-21.7.x86_64.rpm b6b1ab1c03073f7f2acc07a0231ea532 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/apache2-2.0.54-10.5.x86_64.rpm 17c4bdc7577446bf45335ba58ebb3513 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/apache2-prefork-2.0.54-10.5.x86_64.rpm d55a93a86ae6b5bf037ee336d4307133 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/apache2-worker-2.0.54-10.5.x86_64.rpm e64fc86d3337913db0c22ffde3519a36 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/apache2-2.0.53-9.12.x86_64.rpm d4996884e49ef11d27c97340efb6f079 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/apache2-prefork-2.0.53-9.12.x86_64.rpm 5b599e78e59c7b59dc199777fe2c4eea ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/apache2-worker-2.0.53-9.12.x86_64.rpm 09f0f1dc18761a8a902f2dc5ab166883 SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/apache2-2.0.50-7.14.x86_64.rpm 595101ab05dfe5117ddab1d1f1463a28 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/apache2-prefork-2.0.50-7.14.x86_64.rpm 112fe5dd14b66a4fbb82c3c5178bef69 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/apache2-worker-2.0.50-7.14.x86_64.rpm 7c07b8b400e6ed13a4707c3ebe1eed3a Sources: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/apache2-2.2.0-21.7.src.rpm 493d11cc099e975bc0974611cf936816 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/apache2-2.0.54-10.5.src.rpm b83da64c6ad0b76d7a3a8bf909d61d39 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/apache2-2.0.53-9.12.src.rpm 5d4c85c7f60ea5c73df0fba7d92bec35 SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/apache2-2.0.50-7.14.src.rpm 2c4e95c0ebe9bee49dec733cbdeb42d3 SUSE SLES 9 http://support.novell.com/cgi-bin/search/searchtid.cgi?psdb/90eac595ae9e6c7fbeab2e05fb53a852.html http://support.novell.com/cgi-bin/search/searchtid.cgi?psdb/5d0c08a7586a4b960c62a9ab75e96a7c.html ORIGINAL ADVISORY: http://www.novell.com/linux/security/advisories/2006_43_apache.html OTHER REFERENCES: SA21197: http://secunia.com/advisories/21197/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------