AnNyung Official Homepage Home > Update [ 1.3 ]  

HOME
What is AnNyung
Documents
Packages System
White Paper
Download
Update
  . 3.x [RSS]
  . 2.x [RSS]
  . 1.3 [RSS]
  . 1.2 [RSS]
  . 1.1 [RSS]
  . 1.0 [RSS]
FAQ
Hardware
RoadMap
Gallery

  Go oops.org
  AnNyung banner 88x31

  AnNyung 1 banner 80x15
  AnNyung 2 banner 80x15
  AnNyung 3 banner 80x15
  AnNyung banner 80x15
  AnNyung banner 80x15



apache 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.

문서번호 : 1373055912
업데이트 : 2013.07.06


상세내용

- apache 1.3.42-1 update

- 보안버그 수정 사항

. CVE-2011-3368
The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x
through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with
use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for
configuration of a reverse proxy, which allows remote attackers to send
requests to intranet servers via a malformed URI containing an initial @
(at sign) character.

. CVE-2011-4317
The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x
through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch
is in place, does not properly interact with use of (1) RewriteRule and (2)
ProxyPassMatch pattern matches for configuration of a reverse proxy, which
allows remote attackers to send requests to intranet servers via a malformed
URI containing an @ (at sign) character and a : (colon) character in invalid
positions. NOTE: this vulnerability exists because of an incomplete fix for
CVE-2011-3368.


Autoupdates 지원 : Packages System
    pkgadd -F "apache*"


update 패키지

  RPMS :

    . apache-1.3.42-1.i686.rpm
    . apache-devel-1.3.42-1.i686.rpm

  SRPMS :

    . apache-1.3.42-1.src.rpm


참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4317



    



 Home > Update [ 1.3 ]

Copyright 2024 OOPS Development Organization 
LAST MODIFIED: 2018/04/10