Re: [Full-Disclosure] [SECURITY] [DSA 532-1] New libapache-mod-ssl packages fix multiple vulnerabilities

["Evgeny Demidov" <demidov () gleg net>]

On Thu, 22 Jul 2004 20:29:33 -0700
 debian-security-announce () lists debian org wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> - 
> --------------------------------------------------------------------------
> Debian Security Advisory DSA 532-1 
>                    security () debian org
> http://www.debian.org/security/ 
>                            Matt Zimmerman
> July 22nd, 2004 
>                        http://www.debian.org/security/faq
> - 
> --------------------------------------------------------------------------
>
> Package        : libapache-mod-ssl
> Vulnerability  : several
> Problem-Type   : remote
> Debian-specific: no
> CVE Ids        : CAN-2004-0488 CAN-2004-0700
>
> Two vulnerabilities were discovered in libapache-mod-ssl:
>
>  CAN-2004-0488 - Stack-based buffer overflow in the
>  ssl_util_uuencode_binary function in ssl_util.c for 
> Apache mod_ssl,
>  when mod_ssl is configured to trust the issuing CA, may 
> allow remote
>  attackers to execute arbitrary code via a client 
> certificate with a
>  long subject DN.
>
>  CAN-2004-0700 - Format string vulnerability in the 
> ssl_log function
>  in ssl_engine_log.c in mod_ssl 2.8.19 for Apache 1.3.31 
> may allow
>  remote attackers to execute arbitrary messages via 
> format string
>  specifiers in certain log messages for HTTPS.

Hmm, 'execute arbitrary messages via format string 
specifiers' you say?


Best regards
-Evgeny Demidov
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave