Fixes are available
PK53584; 2.0.47.1: IBM HTTP Server 2.0.47 Cumulative Interim Fix
PK65782; 2.0.47.1: IBM HTTP Server V2.0.47 Cumulative Interim Fix
Java SDK 1.5 SR8 Cumulative Fix for WebSphere Application Server
Java SDK 1.5 SR8 Cumulative Fix for WebSphere Application Server
Java SDK 1.5 SR10 Cumulative Fix for WebSphere Application Server
6.1.0.31: Java SDK 1.5 SR11 FP1 Cumulative Fix for WebSphere Application Server
6.1.0.33: Java SDK 1.5 SR12 FP1 Cumulative Fix for WebSphere
6.1.0.29: Java SDK 1.5 SR11 Cumulative Fix for WebSphere Application Server
6.1.0.35: Java SDK 1.5 SR12 FP2 Cumulative Fix for WebSphere
6.1.0.37: Java SDK 1.5 SR12 FP3 Cumulative Fix for WebSphere
6.1.0.39: Java SDK 1.5 SR12 FP4 Cumulative Fix for WebSphere Application Server
6.1.0.41: Java SDK 1.5 SR12 FP5 Cumulative Fix for WebSphere Application Server
6.1.0.43: Java SDK 1.5 SR13 Cumulative Fix for WebSphere Application Server
6.1.0.45: Java SDK 1.5 SR14 Cumulative Fix for WebSphere Application Server
6.1.0.47: WebSphere Application Server V6.1 Fix Pack 47
6.1.0.47: Java SDK 1.5 SR16 Cumulative Fix for WebSphere Application Server
APAR status
Closed as program error.
Error description
Apache 2.0 mod_proxy has a defect in parsing dates returned by t This defect is a simple error in which heap memory beyond the en could be read if the date string has an invalid format. If the origin server returns maliciously-formatted dates and the improper date string resides at the end of a page of memory and next page is not mapped, the web server process could crash whil handling the proxy response. This could result in a denial of service, where other processing being performed by that web server process is terminated by the crash.
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: IBM HTTP SERVER configurations with * * mod_proxy configured as a forward proxy to untrusted hosts * **************************************************************** * PROBLEM DESCRIPTION: mod_proxy might be forced to crash a * * web server child process using a malicious Date header field * * in the response to IHS running as a proxy * **************************************************************** * RECOMMENDATION: Apply this fix if IHS is used as a forward * * proxy to untrusted hosts. * **************************************************************** When parsing the Date header returned from the origin server, mod_proxy could read memory beyond the end of the allocated buffer when the returned Date header is of an invalid format. If this memory was beyond the end of a range of addressable memory, a crash could result. If the memory was not beyond the end of a range of addressable memory, no problem would occur and mod_proxy would not be influenced by the contents of that memory.
Problem conclusion
mod_proxy was updated to more carefully handle invalid dates from the origin server. . This fix is targeted for: Fix pack 6.1.0.13. Fix pack 6.0.2.23. Cumulative e-fix PK53584 for 2.0.47.1 Cumulative e-fix PK55141 for 1.3.28.1
Temporary fix
Comments
APAR Information
APAR number
PK50469
Reported component name
IBM HTTP SERVER
Reported component ID
5724J0801
Reported release
60A
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2007-08-06
Closed date
2007-09-04
Last modified date
2007-11-16
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
IBM HTTP SERVER
Fixed component ID
5724J0801
Applicable component levels
R60A PSN
UP
R60H PSN
UP
R60P PSN
UP
R60I PSN
UP
R60S PSN
UP
R60W PSN
UP
R60Z PSN
UP
R61A PSN
UP
R61H PSN
UP
R61P PSN
UP
R61I PSN
UP
R61S PSN
UP
R61W PSN
UP
R61Z PSN
UP
Document Information
Modified date:
07 September 2022