绿盟科技NSFOCUS安全漏洞系统

安全研究

安全漏洞

Apache mod_proxy_ajp模块入站请求体远程拒绝服务漏洞

发布日期：2010-03-02
更新日期：2010-03-04

受影响系统：

Apache Group Apache 2.2.x

不受影响系统：

Apache Group Apache 2.2.15

描述：

BUGTRAQ  ID: 38491
CVE(CAN) ID: CVE-2010-0408

Apache HTTP Server是一款流行的Web服务器。

在处理某些畸形的入站消息时Apache服务器mod_proxy_ajp模块的modules/proxy/mod_proxy_ajp.c文件中的ap_proxy_ajp_request()函数可能会返回HTTP_INTERNAL_SERVER_ERROR出错代码。这可能导致后端服务器一直处于出错状态，直到重试超时过期。

<*来源：Niku Toivola （niku.toivola@sulake.com）

  链接：http://secunia.com/advisories/38776/
        https://www.redhat.com/support/errata/RHSA-2010-0168.html
        http://www.debian.org/security/2010/dsa-2035
        https://www.redhat.com/support/errata/RHSA-2010-0396.html
*>

建议：

厂商补丁：

Apache Group
------------
目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：

http://svn.apache.org/viewvc?view=revision&revision=917876

Debian
------
Debian已经为此发布了一个安全公告（DSA-2035-1）以及相应补丁:
DSA-2035-1：New apache2 packages fix several issues
链接：http://www.debian.org/security/2010/dsa-2035

补丁下载：
Source archives:

http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny7.dsc
Size/MD5 checksum:     1682 58737d2f0024a178d40db6f9356e5b6a
http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny7.diff.gz
Size/MD5 checksum:   147059 f599c83adbced41a7339524c512ae0cd
http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9.orig.tar.gz
Size/MD5 checksum:  6396996 80d3754fc278338033296f0d41ef2c04

Architecture independent packages:

http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny7_all.deb
Size/MD5 checksum:    45366 9f02e6acd2828a7cfcb5c9e4866ab120
http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.2.9-10+lenny7_all.deb
Size/MD5 checksum:  2060854 5b1f6debc65b7ca2ae8156b21f0d0597
http://security.debian.org/pool/updates/main/a/apache2/apache2-src_2.2.9-10+lenny7_all.deb
Size/MD5 checksum:  6737126 afec2194fa17efb6e4096c1019936cd0

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny7_alpha.deb
Size/MD5 checksum:   148012 8ecfd6794861e9e3d6978da82bc2cefe
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny7_alpha.deb
Size/MD5 checksum:   849168 55f719672e65f8d4fd8d5e636ce699fc
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny7_alpha.deb
Size/MD5 checksum:    84550 be00c04e09e2674ac29698b375cf929a
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny7_alpha.deb
Size/MD5 checksum:   261782 b1033eed4f6ef387ba40a9e47f22b55f
http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny7_alpha.deb
Size/MD5 checksum:  2402612 88e34405726dc0db8dc6fa08fe9d3015
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny7_alpha.deb
Size/MD5 checksum:   262442 bd016288cc237eb634fb192495e82497
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny7_alpha.deb
Size/MD5 checksum:   209852 4bdaa051f16395f975ae9e23f20656cd
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny7_alpha.deb
Size/MD5 checksum:   208812 b81f75539975f5ce8d9d963d80db736d
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny7_alpha.deb
Size/MD5 checksum:   256700 edfa8a0cbf63cab6a556c4dd27469774
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny7_alpha.deb
Size/MD5 checksum:    82844 e30731c8d0d35915b89c971d8f75d601

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny7_amd64.deb
Size/MD5 checksum:   210460 5d06fbdfb55a1df8dbcba748863979ae
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny7_amd64.deb
Size/MD5 checksum:   253932 48d0d2c1809442bc8156b2cfc8479833
http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny7_amd64.deb
Size/MD5 checksum:  2474402 297cc14e46752a0eaa74c51745f1b167
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny7_amd64.deb
Size/MD5 checksum:   825742 b6c41005aa6023fd6b8e46a2c2bb54d8
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny7_amd64.deb
Size/MD5 checksum:   211780 5b708928d5ccdd153a133696b0c2f634
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny7_amd64.deb
Size/MD5 checksum:   257998 2f673a0130221479fda2744754886983
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny7_amd64.deb
Size/MD5 checksum:   144544 6f5b0f0b1771560d2c03d9656a29fff5
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny7_amd64.deb
Size/MD5 checksum:    83122 3d1320b8034c5a264fafe1abda73519a
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny7_amd64.deb
Size/MD5 checksum:   258520 c87fc981aa02f36ae6c11ae4864956de
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny7_amd64.deb
Size/MD5 checksum:    84794 e4fc458a59f5752c1f42c78b6fa987f5

arm architecture (ARM)

http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny7_arm.deb
Size/MD5 checksum:   224742 ad1a76d935c9556154813b9522dc6bed
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny7_arm.deb
Size/MD5 checksum:   788804 f5f761306f86bb4d184079ed955c5976
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny7_arm.deb
Size/MD5 checksum:   221026 0298c56590af4130f885c7fa310ea37d
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny7_arm.deb
Size/MD5 checksum:   213052 7e5d2451da332850ce1023e7c378d10a
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny7_arm.deb
Size/MD5 checksum:   214146 f86977fe84b12fe8023e9bfbb511102a
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny7_arm.deb
Size/MD5 checksum:   147688 300f2873dad2d5913c9b8263576719f2
http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny7_arm.deb
Size/MD5 checksum:  2338672 a06089d9f0c9cf6d4e3a79d3042580c1
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny7_arm.deb
Size/MD5 checksum:    84248 35162b0a8a48282954ba150f19693d33
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny7_arm.deb
Size/MD5 checksum:    82516 9cd27238e0ec866f8dba6005006dc6b9
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny7_arm.deb
Size/MD5 checksum:   225298 962f8f913a6e3c1dcd15987c3d0d8c9b

armel architecture (ARM EABI)

http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny7_armel.deb
Size/MD5 checksum:   226470 2640d070ec26b2973f12e50004187430
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny7_armel.deb
Size/MD5 checksum:   222010 f0530b25b7e6b471aa97cc8ec86e735d
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny7_armel.deb
Size/MD5 checksum:   212630 1dcb5bed6c6d3e91d17407cc456cc3d6
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny7_armel.deb
Size/MD5 checksum:   151358 59ecc9ecda664b7a8f401fbf62cf3982
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny7_armel.deb
Size/MD5 checksum:   213756 e178ec6db09bf648f0ec63f00486fc4a
http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny7_armel.deb
Size/MD5 checksum:  2340908 74e02e41ebb2439d902a14f905688be3
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny7_armel.deb
Size/MD5 checksum:    82404 baa982a3b2940ffdc73130536d29fd00
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny7_armel.deb
Size/MD5 checksum:    84052 4b68dc6b80635d9b2bc7677dd087386e
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny7_armel.deb
Size/MD5 checksum:   802876 b35c7bbe91e1b92d701435dfed0b5736
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny7_armel.deb
Size/MD5 checksum:   226188 c1395ebd59cf917f202de0a1783770d3

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny7_hppa.deb
Size/MD5 checksum:  2384952 fc3cfd3a3295212ef11e81f8dafd6334
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny7_hppa.deb
Size/MD5 checksum:   246522 3e02003e50bcfbb80ebf759fdd940c66
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny7_hppa.deb
Size/MD5 checksum:   245948 2f5dd3734ad765775a32a797850e33ec
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny7_hppa.deb
Size/MD5 checksum:    84164 46b37167fbef173aa29d8a0883be5fac
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny7_hppa.deb
Size/MD5 checksum:   896872 55bb18bae73b60e8b982111c56b101bc
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny7_hppa.deb
Size/MD5 checksum:   153148 bd52450b076b8f55d0095112e733cd8c
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny7_hppa.deb
Size/MD5 checksum:    82416 fa04a87df2de26ec8259bf70e5e8d926
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny7_hppa.deb
Size/MD5 checksum:   213134 2dd0368d2b94941264e55b8b3f20857f
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny7_hppa.deb
Size/MD5 checksum:   241646 dc2e2b09a0c72ff0e01ba136dfefa856
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny7_hppa.deb
Size/MD5 checksum:   211854 d83149e56efd9c074b32c961a6272b23

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny7_i386.deb
Size/MD5 checksum:   238526 97ff922ee6bf6c19cee164794630256d
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny7_i386.deb
Size/MD5 checksum:   210052 34369451ba65d4a734034a0dfba31345
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny7_i386.deb
Size/MD5 checksum:   211200 a4da7ec33873626b51191c56a5974e8b
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny7_i386.deb
Size/MD5 checksum:    82508 b6443c6a2c94a2ef8627802c0a0cbaa3
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny7_i386.deb
Size/MD5 checksum:   242016 13be25ca0b28f708a0defd5225d1d1d7
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny7_i386.deb
Size/MD5 checksum:   782932 4b5e5364b62eda87bffb60f5bb37f04e
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny7_i386.deb
Size/MD5 checksum:    84238 c43d713e364322ddb3af3bcaf0e4de9d
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny7_i386.deb
Size/MD5 checksum:   241622 1293d06d3a572a5d0e4e96f201cf32c0
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny7_i386.deb
Size/MD5 checksum:   146222 75ce464a2e479e4806dd55926143be47
http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny7_i386.deb
Size/MD5 checksum:  2317652 69ccff7beaa71326022cbc06d41fcfa5

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny7_ia64.deb
Size/MD5 checksum:    83682 f31ab5b2b2e52571a13e57fe76e131fc
http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny7_ia64.deb
Size/MD5 checksum:  2319396 b212a76ab3692819f9038c48163423c0
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny7_ia64.deb
Size/MD5 checksum:    85694 8ee80e22226a42cf7026e805ae1fc3ba
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny7_ia64.deb
Size/MD5 checksum:   303620 4c60aef451289494b86068d3554ebc42
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny7_ia64.deb
Size/MD5 checksum:   311254 3cdb05084df1bc4aca51152aa30fa278
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny7_ia64.deb
Size/MD5 checksum:   312292 70f294dc7cb432ace777ed43cb91ca4b
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny7_ia64.deb
Size/MD5 checksum:  1038294 591ffdeebd2f55f2462de2076c509878
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny7_ia64.deb
Size/MD5 checksum:   209912 e0e96ce793583af713f59c5e10c6de80
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny7_ia64.deb
Size/MD5 checksum:   163266 23277a351e4b1560d715dc57f1b7701a
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny7_ia64.deb
Size/MD5 checksum:   208830 f8953d6f26e275b28ffcc7e3189c98e3

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny7_mips.deb
Size/MD5 checksum:   229742 c4f54d969a0a202f03ccd1508664bc9c
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny7_mips.deb
Size/MD5 checksum:   210200 b787622b559b2283a5627577f6a674dc
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny7_mips.deb
Size/MD5 checksum:   233314 21767ab217dc89d701235342e5131f79
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny7_mips.deb
Size/MD5 checksum:   793674 2701365a1cf8a0431a587db97936145d
http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny7_mips.deb
Size/MD5 checksum:  2492036 3e8cb9a08b422dd062461e959df1c8cd
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny7_mips.deb
Size/MD5 checksum:   211322 5d2769bfe8182bdbbf9854c3fee80376
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny7_mips.deb
Size/MD5 checksum:   152188 22f386ca6335b4af7c3210da76f306d9
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny7_mips.deb
Size/MD5 checksum:    82576 7dc12e73fed40a5d8bc5784cddfdadf8
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny7_mips.deb
Size/MD5 checksum:   233976 4481891d78d49539d029eca1928a716c
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny7_mips.deb
Size/MD5 checksum:    84198 e46b26c2efa7f439aee81000f750b12d

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny7_mipsel.deb
Size/MD5 checksum:   232250 495c2e976772a7c2e4a711908ff31a0c
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny7_mipsel.deb
Size/MD5 checksum:   209870 ef6cfcd63e072cc47b368f6ed7153281
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny7_mipsel.deb
Size/MD5 checksum:   208844 7b2d354c6ef23a33977561518c66676a
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny7_mipsel.deb
Size/MD5 checksum:   779224 d2b383edaba6ee943872c6a8099fc722
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny7_mipsel.deb
Size/MD5 checksum:    83834 bc7152c16e202516cbe475c19be39e7f
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny7_mipsel.deb
Size/MD5 checksum:   228206 6222f49c5a6ce469d38b1027c552cb8e
http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny7_mipsel.deb
Size/MD5 checksum:  2421350 e2b868f3aefc3aed746aba0770473f30
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny7_mipsel.deb
Size/MD5 checksum:   150218 e37c40c73f8bd7c8b93a4281c832648c
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny7_mipsel.deb
Size/MD5 checksum:    82252 8e90c947c9e6c7ae38b17fe706a9a11a
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny7_mipsel.deb
Size/MD5 checksum:   232940 335201394e1c507909e3663be2b3b5ba

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny7_powerpc.deb
Size/MD5 checksum:   254146 a4e1c794bcceef63b264aaaac6d67fd6
http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny7_powerpc.deb
Size/MD5 checksum:  2513082 5d896ec8ef209fcda5742a1a9ec200d7
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny7_powerpc.deb
Size/MD5 checksum:   928912 ff0ea38f535697f81105d9bb2b07e2be
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny7_powerpc.deb
Size/MD5 checksum:   258590 48435b265870f9a5beaea30db05de8ec
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny7_powerpc.deb
Size/MD5 checksum:    83644 0b811450f6b2804d38e3fe4686078084
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny7_powerpc.deb
Size/MD5 checksum:   259404 693ac4132feb7dd1a52971371ecd56d1
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny7_powerpc.deb
Size/MD5 checksum:    85332 7e755948550dfbce7d6525388a8b5b9f
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny7_powerpc.deb
Size/MD5 checksum:   212826 59d76ffc9981fabf770ee407a27af52a
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny7_powerpc.deb
Size/MD5 checksum:   161298 d6a7dc59a2d2554ef51783fab9fb0c15
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny7_powerpc.deb
Size/MD5 checksum:   211768 d691e724c006564585b0175eb67f291c

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny7_s390.deb
Size/MD5 checksum:   260994 a839172525a323cad3d0879d1ff89210
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny7_s390.deb
Size/MD5 checksum:    84792 ff59eafc0f68f90776fb940733d933f7
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny7_s390.deb
Size/MD5 checksum:   843642 ac1abdcc444471bf5503bdefb4e59c4f
http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny7_s390.deb
Size/MD5 checksum:  2429228 b4f680c4a7aaa90f7eadcc01928ce710
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny7_s390.deb
Size/MD5 checksum:   256712 18e714b8f5ef70e9c396caca6d7ce698
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny7_s390.deb
Size/MD5 checksum:   211236 929c4f162f963423b4233ca6439586e6
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny7_s390.deb
Size/MD5 checksum:    83070 1e1ec69bf9e2839c3db02033f6b1ca89
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny7_s390.deb
Size/MD5 checksum:   261668 3213f36030783167b4c0300834a682dd
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny7_s390.deb
Size/MD5 checksum:   212240 1abc24eb70132596c0b076db8cf0c2db
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny7_s390.deb
Size/MD5 checksum:   150732 1bfc74bf4dc77c53cf31e60e94aa28cb

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny7_sparc.deb
Size/MD5 checksum:   145952 f665453436258bb0d921229808e5ee87
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny7_sparc.deb
Size/MD5 checksum:    82862 39ea998f8c0db9567910a7d5e934a2c5
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny7_sparc.deb
Size/MD5 checksum:   784222 013f896249de3f01408300e337c36b49
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny7_sparc.deb
Size/MD5 checksum:   211916 2be53e81254cd2a7d83b7c1bd9bac1d1
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny7_sparc.deb
Size/MD5 checksum:   241270 99365a7e4a516b8427253bac3ce69a44
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny7_sparc.deb
Size/MD5 checksum:   240778 f61fd467b85116b45c87cc48931861a1
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny7_sparc.deb
Size/MD5 checksum:    84606 ed8d2bfc1cec31ff3c638ae8f892d6d0
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny7_sparc.deb
Size/MD5 checksum:   213132 df1fab5a87a80e0e66b80d50086dc218
http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny7_sparc.deb
Size/MD5 checksum:  2233030 ac06cea995c866a6fd27a8922d2bd5d7
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny7_sparc.deb
Size/MD5 checksum:   237138 7ad176ecb1f799f6a954afd9ee1a31e8

- From the apache2-mpm-itk source package:

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b4_alpha.deb
Size/MD5 checksum:   198270 37511ff523c00dfd94686da9c4ed1ad7

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b3_amd64.deb
Size/MD5 checksum:   195222 9764e5a1bcdf1501381c5cb22d1101db

arm architecture (ARM)

http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b3_arm.deb
Size/MD5 checksum:   161916 6d9216fb6195f975464391c366d5d6eb

armel architecture (ARM EABI)

http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b3_armel.deb
Size/MD5 checksum:   162904 9035f96ad7ec223298f256129a5f4fba

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b3_hppa.deb
Size/MD5 checksum:   183304 306d679dc522570254dcaa81b3105e73

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b3_i386.deb
Size/MD5 checksum:   178986 b955efd13a0734596a0b936913d564b2

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b3_ia64.deb
Size/MD5 checksum:   247228 3a115bf303067a8c29d2ec127a7ccc56

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b3_mips.deb
Size/MD5 checksum:   171054 a118f468ac32c7d2388fd98b98e8fffe

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b3_mipsel.deb
Size/MD5 checksum:   169500 90ac7e587508c02e3a0aac3d29087f7f

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b3_powerpc.deb
Size/MD5 checksum:   195234 914bb47b1c30dcb494a713ee17125b69

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b3_s390.deb
Size/MD5 checksum:   197564 be5c1c16a345935ad5a8e1fc299301e5

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b3_sparc.deb
Size/MD5 checksum:   177732 acce311a9354b32da0b6d7f8f0255f70

补丁安装方法：

1. 手工安装补丁包：

  首先，使用下面的命令来下载补丁软件：
  # wget url  (url是补丁下载链接地址)

  然后，使用下面的命令来安装补丁：
  # dpkg -i file.deb (file是相应的补丁名)

2. 使用apt-get自动安装补丁包：

   首先，使用下面的命令更新内部数据库：
   # apt-get update

   然后，使用下面的命令安装更新软件包：
   # apt-get upgrade

RedHat
------
RedHat已经为此发布了一个安全公告（RHSA-2010:0168-01）以及相应补丁:
RHSA-2010:0168-01：Moderate: httpd security and enhancement update
链接：https://www.redhat.com/support/errata/RHSA-2010-0168.html

浏览次数：5721
严重程度：0（网友投票）

本安全漏洞由绿盟科技翻译整理，版权所有，未经许可，不得转载
绿盟科技给您安全的保障

关于我们: 公司介绍; 公司荣誉; 公司新闻

联系我们: 公司总部; 分支机构; 海外机构

快速链接: 绿盟云; 绿盟威胁情报中心NTI; 技术博客