Note: This is an archival copy of Security Sun Alert 274110 as previously published on http://sunsolve.sun.com. Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1021709.1. |
Category Security Release Phase Workaround 6840453 Product Solaris 8 Operating System Solaris 9 Operating System Solaris 10 Operating System OpenSolaris Date of Workaround Release 15-Dec-2009 Security Vulnerability in the Apache 1.3 "mod_perl" Module Component "Status.pm" May Lead to Unauthorized Access to Data 1. Impact A cross-site scripting (XSS) vulnerability in the Apache 1.3 HTTP server "mod_perl" module's perl-status utility may allow an unprivileged remote user to inject arbitrary web script or HTML while accessing a crafted URL to perl-status utility. This can result in various impacts including the theft of sensitive information such as cookie information, access to user credentials or the hijacking of sessions. Additional information regarding this issue is available at: CVE-2009-0796 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0796
2. Contributing Factors This issue can occur in the following releases: SPARC Platform
1. OpenSolaris distributions may include additional bug fixes above and beyond the build from which it was derived. To determine the base build of OpenSolaris, the following command can be used: $ uname -v2. A system is only vulnerable to the described issue if the Apache 1.3 web server has been configured and is running on the system. The following command can be executed to determine if the Apache 1.3 web server is currently running on the system: $ /usr/bin/ps -ef | grep httpd3. The vulnerability only affects systems which make use of the Apache 1.3 Server mod_perl(3) (Status.pm) component. To determine if the "Status.pm" component is used, the following command can be run for all configuration files that define the running Apache 1.3 configurations: $ grep Apache::Status /etc/apache/httpd.confNote: Solaris 8 entered EOSL Phase 2 on 1 April 2009. Entitlement to patches developed on or after 1 April 2009 requires the purchase of the Solaris 8 Vintage Patch Service. See Note in section 5 for more details. 3. Symptoms There are no predictable symptoms that would indicate the issue has been exploited. 4. Workaround To work around the described issue, do not configure the mod_perl(3) component Status.pm in the Apache 1.3 "httpd.conf" file. This may be done by commenting the corresponding sections in the configuration file which contain "Apache::Status". 5. Resolution This issue is addressed in the following releases: SPARC Platform
Note: The READMEs of Solaris 8 patches developed on or after 1 April 2009 are available to all customers however Solaris 8 entered EOSL Phase 2 on April 1, 2009 and thus entitlement for these patches, including those that fix security vulnerabilities, requires the purchase of the Solaris 8 Vintage Patch Service. More information about the Solaris 8 Vintage Patch Service is available at: For more information on Security Sun Alerts, see 1009886.1. Modification History 25-Feb-2010: Updated for Patches Pending 08-Mar-2010: Updated Contributing Factors and Resolution sections for Solaris 9 patches References122911-18122912-18 113146-13 114145-12 Attachments This solution has no attachment |
|