Changes with Apache 1.3.37

 *) SECURITY: CVE-2006-3747 (cve.mitre.org)
    mod_rewrite: Fix an off-by-one security problem in the ldap scheme
    handling.  For some RewriteRules this could lead to a pointer being
    written out of bounds.  Reported by Mark Dowd of McAfee.
    [Mark Cox]

Changes with Apache 1.3.36

 *) Reverted SVN rev #396294 due to unwanted regression.
    The new feature introduced in 1.3.35 (Allow usage of the
    "Include" configuration directive within previously "Include"d
    files) has been removed in the meantime.
    (http://svn.apache.org/viewcvs?rev=396294&view=rev)

Changes with Apache 1.3.35

 *) SECURITY: CVE-2005-3352 (cve.mitre.org)
    mod_imap: Escape untrusted referer header before outputting in HTML
    to avoid potential cross-site scripting.  Change also made to
    ap_escape_html so we escape quotes.  Reported by JPCERT.
    [Mark Cox]

 *) core: Allow usage of the "Include" configuration directive within
    previously "Include"d files. [Colm MacCarthaigh]

 *) HTML-escape the Expect error message.  Not classed as security as
    an attacker has no way to influence the Expect header a victim will
    send to a target site.  Reported by Thiago Zaninotti
    <thiango nstalker.com>. [Mark Cox]

 *) mod_cgi: Remove block on OPTIONS method so that scripts can
    respond to OPTIONS directly rather than via server default.
    [Roy Fielding] PR 15242

Changes with Apache 1.3.34

 *) hsregex: fix potential core dumping on 64 bit machines, such as
    AMD64. PR 31858. [Glenn Strauss < gs-apache-dev gluelogic.com>]

 *) SECURITY: core: If a request contains both Transfer-Encoding and
    Content-Length headers, remove the Content-Length, mitigating some
    HTTP Request Splitting/Spoofing attacks.  This has no impact on
    mod_proxy_http, yet affects any module which supports chunked
    encoding yet fails to prefer T-E: chunked over the Content-Length
    purported value.  [Paul Querna, Joe Orton]

 *) Added TraceEnable [on|off|extended] per-server directive to alter
    the behavior of the TRACE method.  This addresses a flaw in proxy
    conformance to RFC 2616 - previously the proxy server would accept
    a TRACE request body although the RFC prohibited it.  The default
    remains 'TraceEnable on'.
    [William Rowe]

 *) mod_digest: Fix another nonce string calculation issue.
    [Eric Covener]

On 5/28/07, Carlos Augusto Beltrame <[EMAIL PROTECTED]> wrote:

Ola pessoal, voces poderiam me informar quais as vulnerabilidades criticas
do servidor apache na versao 1.3.33
 *=================================
 .''`. Yours Trully
: :' : Carlos Beltrame
`. `'` Eletrical Engineer
 `- IEEE #80472763
Linux User #442225
UNESP - Câmpus de Ilha Solteira
http://www.ieee.org/unesp-ilha
http://www.ldc.feis.unesp.br
*=================================



__________________________________________________
Fale com seus amigos de graça com o novo Yahoo! Messenger
http://br.messenger.yahoo.com/

  • Apache 1.3.33 Carlos Augusto Beltrame
    • Re: Apache 1.3.33 Felippe Bueno

Responder a