PI17025: CVE-2014-0963: Potential denial of service vulnerability in IBM HTTP Server

Download

Abstract

Potential vulnerability in IBM HTTP Server with SSL enabled.

Download Description

PI17025 resolves the following problem:

ERROR DESCRIPTION:
A vulnerability in IBM Global Security Kit (GSKit) could result in a denial of service for IBM HTTP Server.

LOCAL FIX:

PROBLEM SUMMARY:
Potential vulnerability for IBM HTTP Server.

PROBLEM CONCLUSION:
IBM HTTP Server usage of GSKit was modified to prevent exposure to the vulnerability.
(GSKit is not updated by this interim fix).

This fix is targeted for IBM HTTP Server fixpacks:
- 7.0.0.33
- 8.0.0.9
- 8.5.5.3

Prerequisites

UpdateInstaller is required for 6.1 and 7.0 interim fixes.

[{"PRLabel":"UpdateInstaller","PRLang":"English","PRSize":"7250000","PRPlat":{"label":"AIX","code":"PF002"},"PRURL":"http://www.ibm.com/support/docview.wss?rs=180&uid=swg21205991"}]

Download Package

GSKit is not updated by this interim fix.
The 6.1 version of this interim fix is a cumulative interim fix. See the readme.txt that accompanies the fix for more information.

          [{"DNLabel":"8.5.0.0 to 8.5.5.2 Distributed platforms","DNDate":"13 May 2014","DNLang":"English","DNSize":"1698649","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=8.5.0.0-WS-WASIHS-MultiOS-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"8.0.0.0 to 8.0.0.8 Distributed platforms","DNDate":"13 May 2014","DNLang":"English","DNSize":"1728084","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=8.0.0.0-WS-WASIHS-MultiOS-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"7.0.0.0 to 7.0.0.31 AixPPC32","DNDate":"13 May 2014","DNLang":"English","DNSize":"75004","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=7.0.0.0-WS-WASIHS-AixPPC32-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"7.0.0.0  to 7.0.0.31 HpuxIA64","DNDate":"13 May 2014","DNLang":"English","DNSize":"196448","DNPlat":{"label":"HP-UX","code":"PF010"},"DNURL":"http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=7.0.0.0-WS-WASIHS-HpuxIA64-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"7.0.0.0 to 7.0.0.31 HpuxPaRISC","DNDate":"13 May 2014","DNLang":"English","DNSize":"101599","DNPlat":{"label":"HP-UX","code":"PF010"},"DNURL":"http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=7.0.0.0-WS-WASIHS-HpuxPaRISC-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"7.0.0.0 to 7.0.0.31 LinuxPPC32","DNDate":"13 May 2014","DNLang":"English","DNSize":"72668","DNPlat":{"label":"Linux","code":"PF016"},"DNURL":"http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=7.0.0.0-WS-WASIHS-LinuxPPC32-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"7.0.0.0 to 7.0.0.31 LinuxS390","DNDate":"13 May 2014","DNLang":"English","DNSize":"78171","DNPlat":{"label":"Linux","code":"PF016"},"DNURL":"http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=7.0.0.0-WS-WASIHS-LinuxS390-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"7.0.0.0 to 7.0.0.31 LinuxX32","DNDate":"13 May 2014","DNLang":"English","DNSize":"65920","DNPlat":{"label":"Linux","code":"PF016"},"DNURL":"http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=7.0.0.0-WS-WASIHS-LinuxX32-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"7.0.0.0 to 7.0.0.31 SolarisSparc","DNDate":"13 May 2014","DNLang":"English","DNSize":"86316","DNPlat":{"label":"Solaris","code":"PF027"},"DNURL":"http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=7.0.0.0-WS-WASIHS-SolarisSparc-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"7.0.0.0 to 7.0.0.31 SolarisX64","DNDate":"13 May 2014","DNLang":"English","DNSize":"83557","DNPlat":{"label":"Solaris","code":"PF027"},"DNURL":"http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=7.0.0.0-WS-WASIHS-SolarisX64-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"7.0.0.0 to 7.0.0.31 WinX32","DNDate":"13 May 2014","DNLang":"English","DNSize":"97307","DNPlat":{"label":"Windows","code":"PF033"},"DNURL":"http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=7.0.0.0-WS-WASIHS-WinX32-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"6.1.0.47 AixPPC32","DNDate":"13 May 2014","DNLang":"English","DNSize":"1853436","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=6.1.0.47-WS-WASIHS-AixPPC32-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"6.1.0.47 HpuxIA64","DNDate":"13 May 2014","DNLang":"English","DNSize":"5295807","DNPlat":{"label":"HP-UX","code":"PF010"},"DNURL":"http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=6.1.0.47-WS-WASIHS-HpuxIA64-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"6.1.0.47 HpuxPaRISC","DNDate":"13 May 2014","DNLang":"English","DNSize":"2028490","DNPlat":{"label":"HP-UX","code":"PF010"},"DNURL":"http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=6.1.0.47-WS-WASIHS-HpuxPaRISC-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"6.1.0.47 LinuxPPC32","DNDate":"13 May 2014","DNLang":"English","DNSize":"1936331","DNPlat":{"label":"Linux","code":"PF016"},"DNURL":"http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=6.1.0.47-WS-WASIHS-LinuxPPC32-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"6.1.0.47 LinuxS390","DNDate":"13 May 2014","DNLang":"English","DNSize":"1683627","DNPlat":{"label":"Linux","code":"PF016"},"DNURL":"http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=6.1.0.47-WS-WASIHS-LinuxS390-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"6.1.0.47 LinuxX32","DNDate":"13 May 2014","DNLang":"English","DNSize":"1622309","DNPlat":{"label":"Linux","code":"PF016"},"DNURL":"http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=6.1.0.47-WS-WASIHS-LinuxX32-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"6.1.0.47 SolarisSparc","DNDate":"13 May 2014","DNLang":"English","DNSize":"3826236","DNPlat":{"label":"Solaris","code":"PF027"},"DNURL":"http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=6.1.0.47-WS-WASIHS-SolarisSparc-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"6.1.0.47 SolarisX64","DNDate":"13 May 2014","DNLang":"English","DNSize":"1649627","DNPlat":{"label":"Solaris","code":"PF027"},"DNURL":"http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=6.1.0.47-WS-WASIHS-SolarisX64-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"6.1.0.47 WinX32","DNDate":"13 May 2014","DNLang":"English","DNSize":"4592503","DNPlat":{"label":"Windows","code":"PF033"},"DNURL":"http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=6.1.0.47-WS-WASIHS-WinX32-IFPI17025","DNURL_FTP":" ","DDURL":" "}]
          

[{"Product":{"code":"SSEQTJ","label":"IBM HTTP Server"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Base Server","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"8.5.5;8.5;8.0;7.0;6.1.0.47","Edition":"Base;Developer;Express;Network Deployment","Line of Business":{"code":"LOB45","label":"Automation"}}]

Problems (APARS) fixed
PI17025

Was this topic helpful?

Document Information

Modified date:
07 September 2022

UID

swg24037517

Tips