IBM Support

PI17025: CVE-2014-0963: Potential denial of service vulnerability in IBM HTTP Server

Download


Abstract

Potential vulnerability in IBM HTTP Server with SSL enabled.

Download Description

PI17025 resolves the following problem:

ERROR DESCRIPTION:
A vulnerability in IBM Global Security Kit (GSKit) could result in a denial of service for IBM HTTP Server.

LOCAL FIX: 

PROBLEM SUMMARY:
Potential vulnerability for IBM HTTP Server.

PROBLEM CONCLUSION:
IBM HTTP Server usage of GSKit was modified to prevent exposure to the vulnerability.
(GSKit is not updated by this interim fix).

This fix is targeted for IBM HTTP Server fixpacks:
- 7.0.0.33
- 8.0.0.9
- 8.5.5.3

Prerequisites

UpdateInstaller is required for 6.1 and 7.0 interim fixes.

[{"PRLabel":"UpdateInstaller","PRLang":"English","PRSize":"7250000","PRPlat":{"label":"AIX","code":"PF002"},"PRURL":"http:\/\/www.ibm.com\/support\/docview.wss?rs=180&uid=swg21205991"}]

Download Package

GSKit is not updated by this interim fix.
The 6.1 version of this interim fix is a cumulative interim fix. See the readme.txt that accompanies the fix for more information.

On
[{"DNLabel":"8.5.0.0 to 8.5.5.2 Distributed platforms","DNDate":"13 May 2014","DNLang":"English","DNSize":"1698649","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http:\/\/www-933.ibm.com\/support\/fixcentral\/swg\/selectFixes?parent=ibm~WebSphere&product=ibm\/WebSphere\/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=8.5.0.0-WS-WASIHS-MultiOS-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"8.0.0.0 to 8.0.0.8 Distributed platforms","DNDate":"13 May 2014","DNLang":"English","DNSize":"1728084","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http:\/\/www-933.ibm.com\/support\/fixcentral\/swg\/selectFixes?parent=ibm~WebSphere&product=ibm\/WebSphere\/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=8.0.0.0-WS-WASIHS-MultiOS-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"7.0.0.0 to 7.0.0.31 AixPPC32","DNDate":"13 May 2014","DNLang":"English","DNSize":"75004","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http:\/\/www-933.ibm.com\/support\/fixcentral\/swg\/selectFixes?parent=ibm~WebSphere&product=ibm\/WebSphere\/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=7.0.0.0-WS-WASIHS-AixPPC32-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"7.0.0.0 to 7.0.0.31 HpuxIA64","DNDate":"13 May 2014","DNLang":"English","DNSize":"196448","DNPlat":{"label":"HP-UX","code":"PF010"},"DNURL":"http:\/\/www-933.ibm.com\/support\/fixcentral\/swg\/selectFixes?parent=ibm~WebSphere&product=ibm\/WebSphere\/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=7.0.0.0-WS-WASIHS-HpuxIA64-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"7.0.0.0 to 7.0.0.31 HpuxPaRISC","DNDate":"13 May 2014","DNLang":"English","DNSize":"101599","DNPlat":{"label":"HP-UX","code":"PF010"},"DNURL":"http:\/\/www-933.ibm.com\/support\/fixcentral\/swg\/selectFixes?parent=ibm~WebSphere&product=ibm\/WebSphere\/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=7.0.0.0-WS-WASIHS-HpuxPaRISC-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"7.0.0.0 to 7.0.0.31 LinuxPPC32","DNDate":"13 May 2014","DNLang":"English","DNSize":"72668","DNPlat":{"label":"Linux","code":"PF016"},"DNURL":"http:\/\/www-933.ibm.com\/support\/fixcentral\/swg\/selectFixes?parent=ibm~WebSphere&product=ibm\/WebSphere\/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=7.0.0.0-WS-WASIHS-LinuxPPC32-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"7.0.0.0 to 7.0.0.31 LinuxS390","DNDate":"13 May 2014","DNLang":"English","DNSize":"78171","DNPlat":{"label":"Linux","code":"PF016"},"DNURL":"http:\/\/www-933.ibm.com\/support\/fixcentral\/swg\/selectFixes?parent=ibm~WebSphere&product=ibm\/WebSphere\/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=7.0.0.0-WS-WASIHS-LinuxS390-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"7.0.0.0 to 7.0.0.31 LinuxX32","DNDate":"13 May 2014","DNLang":"English","DNSize":"65920","DNPlat":{"label":"Linux","code":"PF016"},"DNURL":"http:\/\/www-933.ibm.com\/support\/fixcentral\/swg\/selectFixes?parent=ibm~WebSphere&product=ibm\/WebSphere\/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=7.0.0.0-WS-WASIHS-LinuxX32-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"7.0.0.0 to 7.0.0.31 SolarisSparc","DNDate":"13 May 2014","DNLang":"English","DNSize":"86316","DNPlat":{"label":"Solaris","code":"PF027"},"DNURL":"http:\/\/www-933.ibm.com\/support\/fixcentral\/swg\/selectFixes?parent=ibm~WebSphere&product=ibm\/WebSphere\/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=7.0.0.0-WS-WASIHS-SolarisSparc-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"7.0.0.0 to 7.0.0.31 SolarisX64","DNDate":"13 May 2014","DNLang":"English","DNSize":"83557","DNPlat":{"label":"Solaris","code":"PF027"},"DNURL":"http:\/\/www-933.ibm.com\/support\/fixcentral\/swg\/selectFixes?parent=ibm~WebSphere&product=ibm\/WebSphere\/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=7.0.0.0-WS-WASIHS-SolarisX64-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"7.0.0.0 to 7.0.0.31 WinX32","DNDate":"13 May 2014","DNLang":"English","DNSize":"97307","DNPlat":{"label":"Windows","code":"PF033"},"DNURL":"http:\/\/www-933.ibm.com\/support\/fixcentral\/swg\/selectFixes?parent=ibm~WebSphere&product=ibm\/WebSphere\/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=7.0.0.0-WS-WASIHS-WinX32-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"6.1.0.47 AixPPC32","DNDate":"13 May 2014","DNLang":"English","DNSize":"1853436","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http:\/\/www-933.ibm.com\/support\/fixcentral\/swg\/selectFixes?parent=ibm~WebSphere&product=ibm\/WebSphere\/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=6.1.0.47-WS-WASIHS-AixPPC32-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"6.1.0.47 HpuxIA64","DNDate":"13 May 2014","DNLang":"English","DNSize":"5295807","DNPlat":{"label":"HP-UX","code":"PF010"},"DNURL":"http:\/\/www-933.ibm.com\/support\/fixcentral\/swg\/selectFixes?parent=ibm~WebSphere&product=ibm\/WebSphere\/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=6.1.0.47-WS-WASIHS-HpuxIA64-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"6.1.0.47 HpuxPaRISC","DNDate":"13 May 2014","DNLang":"English","DNSize":"2028490","DNPlat":{"label":"HP-UX","code":"PF010"},"DNURL":"http:\/\/www-933.ibm.com\/support\/fixcentral\/swg\/selectFixes?parent=ibm~WebSphere&product=ibm\/WebSphere\/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=6.1.0.47-WS-WASIHS-HpuxPaRISC-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"6.1.0.47 LinuxPPC32","DNDate":"13 May 2014","DNLang":"English","DNSize":"1936331","DNPlat":{"label":"Linux","code":"PF016"},"DNURL":"http:\/\/www-933.ibm.com\/support\/fixcentral\/swg\/selectFixes?parent=ibm~WebSphere&product=ibm\/WebSphere\/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=6.1.0.47-WS-WASIHS-LinuxPPC32-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"6.1.0.47 LinuxS390","DNDate":"13 May 2014","DNLang":"English","DNSize":"1683627","DNPlat":{"label":"Linux","code":"PF016"},"DNURL":"http:\/\/www-933.ibm.com\/support\/fixcentral\/swg\/selectFixes?parent=ibm~WebSphere&product=ibm\/WebSphere\/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=6.1.0.47-WS-WASIHS-LinuxS390-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"6.1.0.47 LinuxX32","DNDate":"13 May 2014","DNLang":"English","DNSize":"1622309","DNPlat":{"label":"Linux","code":"PF016"},"DNURL":"http:\/\/www-933.ibm.com\/support\/fixcentral\/swg\/selectFixes?parent=ibm~WebSphere&product=ibm\/WebSphere\/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=6.1.0.47-WS-WASIHS-LinuxX32-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"6.1.0.47 SolarisSparc","DNDate":"13 May 2014","DNLang":"English","DNSize":"3826236","DNPlat":{"label":"Solaris","code":"PF027"},"DNURL":"http:\/\/www-933.ibm.com\/support\/fixcentral\/swg\/selectFixes?parent=ibm~WebSphere&product=ibm\/WebSphere\/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=6.1.0.47-WS-WASIHS-SolarisSparc-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"6.1.0.47 SolarisX64","DNDate":"13 May 2014","DNLang":"English","DNSize":"1649627","DNPlat":{"label":"Solaris","code":"PF027"},"DNURL":"http:\/\/www-933.ibm.com\/support\/fixcentral\/swg\/selectFixes?parent=ibm~WebSphere&product=ibm\/WebSphere\/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=6.1.0.47-WS-WASIHS-SolarisX64-IFPI17025","DNURL_FTP":" ","DDURL":" "},{"DNLabel":"6.1.0.47 WinX32","DNDate":"13 May 2014","DNLang":"English","DNSize":"4592503","DNPlat":{"label":"Windows","code":"PF033"},"DNURL":"http:\/\/www-933.ibm.com\/support\/fixcentral\/swg\/selectFixes?parent=ibm~WebSphere&product=ibm\/WebSphere\/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=6.1.0.47-WS-WASIHS-WinX32-IFPI17025","DNURL_FTP":" ","DDURL":" "}]
[{"Product":{"code":"SSEQTJ","label":"IBM HTTP Server"},"Business Unit":{"code":"BU004","label":"Hybrid Cloud"},"Component":"Base Server","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"8.5.5;8.5;8.0;7.0;6.1.0.47","Edition":"Base;Developer;Express;Network Deployment"}]

Document Information

Modified date:
15 June 2018

UID

swg24037517