Security bugfix for package Apache
(Last modified: 19JUN2002)
solutions Security bugfix for package Apache SuSE Linux Maintenance Web (5c07dee804dd971217d00b385e8c6a6c)
SuSE Linux Enterprise Server 7 for PowerPC
SuSE Linux Enterprise Server 7 for IA32
SuSE Linux Enterprise Server 7 for IA64
SuSE Linux Enterprise Server 7 for S/390 and zSeries
SuSE Linux Connectivity Server
Previous versions of the Apache web server did not properly detect incorrectly encoded chunks, which caused a buffer overflow on the stack. On 32bit architectures, this overflow cannot be exploited to inject code into the
httpdprocess and gain access to the machine, because the overflow will always result in a segmentation fault and the process will terminate.
On 64bit architectures, it may be possible for an attacker to a exploit the buffer overflow to execute arbitary code with the privileges of the
wwwrunon SuSE Linux.)
For additional information, please refer to
rpm --nodeps -Fvh apache.rpm mod_ssl.rpm
If you have modified the configuration file
/etc/httpd/httpd.conf, upgrading will backup this file to
/etc/httpd/httpd.conf.rpmsave. If this is the case, make sure to restore this backup file. Finally, restart the web server using
Download Source Packages
Download the source code of the patches for maintained products.
The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.