Interstage HTTP Server: Four Security Vulnerabilities (CVE-2009-1891/ CVE-2009-2412/ CVE-2010-1623/ CVE-2010-1452). September 22nd, 2011
1. Description
Interstage Application Server and Interstage Studio were affected by the security vulnerabilities below:
- A Denial of Service (DoS) vulnerability has been confirmed in the Interstage HTTP Server content compression feature.
This vulnerability corresponds to CVE-2009-1891. - The Denial of Service (DoS) and arbitrary code execution on the Web server vulnerabilities have been confirmed in Interstage HTTP Server.
This vulnerability corresponds to CVE-2009-2412. - A Denial of Service (DoS) vulnerability has been confirmed in the Interstage HTTP Server request processing.
This vulnerability corresponds to CVE-2010-1623. - A Denial of Service (DoS) vulnerability has been confirmed in the Interstage HTTP Server WebDAV feature.
This vulnerability corresponds to CVE-2010-1452.
Fujitsu provides security patches shown in 3.
Please apply them as soon as possible.
2. Impact
- A modified request sent by a remote attacker may consume large amounts of CPU time on the Web server and cause Denial of Service (DoS).
- A Denial of Service (DoS) attack or arbitrary code execution on the Web server may have been caused by a malicious third party.
- A modified request sent by a remote attacker may result in a memory leak on the Web server and cause Denial of Service (DoS).
- A modified request sent by a remote attacker may cause Denial of Service (DoS).
3. Affected systems and corresponding action
3-1. Affected systems:
GP7000F, PRIMEPOWER, PRIMERGY, GP5000, CELSIUS, AT-compatible machine, PRIMEQUEST, SPARC Enterprise
3-2. Affected products and required patch
| Products | Version | Target OS | Package name | Patch ID. |
|---|---|---|---|---|
| Interstage Application Server Enterprise Edition for Windows [*1][*2] | V9.0.0/ V9.0.0A | Windows 2000 Server/ Windows Server 2003/ Windows Server 2003 R2 | F3FMihs | T001001WP-06 |
| Interstage Application Server Enterprise Edition for Windows [*1][*2] | V9.1.0/ V9.1.0B | Windows 2000 Server/ Windows Server 2003/ Windows Server 2003 R2/ Windows Server 2008 | F3FMihs | T002174WP-04 |
| Interstage Application Server Enterprise Edition for Windows [*1][*2] | V9.2.0 | Windows 2000 Server/ Windows Server 2003/ Windows Server 2003 R2/ Windows Server 2008/ Windows Server 2008 R2 | F3FMihs | T004344WP-03 |
| Interstage Application Server Standard-J Edition for Windows [*1][*2] | V9.0.0/ V9.0.0A/ V9.0.0B | Windows 2000 Server/ Windows Server 2003/ Windows Server 2003 R2 | F3FMihs | T001001WP-06 |
| Interstage Application Server Standard-J Edition for Windows [*1][*2] | V9.1.0/ V9.1.0B | Windows 2000 Server/ Windows Server 2003/ Windows Server 2003 R2/ Windows Server 2008 | F3FMihs | T002174WP-04 |
| Interstage Application Server Standard-J Edition for Windows [*1][*2] | V9.2.0 | Windows 2000 Server/ Windows Server 2003/ Windows Server 2003 R2/ Windows Server 2008/ Windows Server 2008 R2 | F3FMihs | T004344WP-03 |
| Interstage Application Server Enterprise Edition for Windows [*1][*2] | V9.0.0 | Windows(IPF) Server 2003/ Windows(IPF) Server 2003 R2 | F3FMihs | T001005IP-05 |
| Interstage Application Server Enterprise Edition for Windows [*1][*2] | V9.1.0 | Windows(IPF) Server 2003/ Windows(IPF) Server 2003 R2/ Windows(IPF) Server 2008 | F3FMihs | T002175IP-04 |
| Interstage Application Server Enterprise Edition for Windows [*1][*2] | V9.2.0 | Windows(IPF) Server 2003/ Windows(IPF) Server 2003 R2/ Windows(IPF) Server 2008 | F3FMihs | T004345IP-03 |
| Interstage Application Server Standard-J Edition for Windows [*1][*2] | V9.0.0 | Windows(IPF) Server 2003/ Windows(IPF) Server 2003 R2 | F3FMihs | T001005IP-05 |
| Interstage Application Server Standard-J Edition for Windows [*1][*2] | V9.1.0 | Windows(IPF) Server 2003/ Windows(IPF) Server 2003 R2/ Windows(IPF) Server 2008 | F3FMihs | T002175IP-04 |
| Interstage Application Server Standard-J Edition for Windows [*1][*2] | V9.2.0 | Windows(IPF) Server 2003/ Windows(IPF) Server 2003 R2/ Windows(IPF) Server 2008 | F3FMihs | T004345IP-03 |
| Interstage Application Server Enterprise Edition for Windows [*1][*2] | V9.2.0 | Windows(EM64T) Server 2003/ Windows(EM64T) Server 2003 R2/ Windows(EM64T) Server 2008/ Windows(EM64T) Server 2008 R2 | F3FMihs | T004346XP-03 |
| Interstage Application Server Standard-J Edition for Windows [*1][*2] | V9.2.0 | Windows(EM64T) Server 2003/ Windows(EM64T) Server 2003 R2/ Windows(EM64T) Server 2008/ Windows(EM64T) Server 2008 R2 | F3FMihs | T004346XP-03 |
| Interstage Application Server Enterprise Edition [*1] | V9.0.0/ V9.0.0B | Solaris 9/ 10 | FJSVihs | T001004SP-07 |
| Interstage Application Server Enterprise Edition [*1] | V9.1.0/ V9.1.0B | Solaris 9/ 10 | FJSVihs | T002180SP-05 |
| Interstage Application Server Enterprise Edition [*1] | V9.2.0 | Solaris 9/ 10 | FJSVihs | T004343SP-03 |
| Interstage Application Server Standard-J Edition [*1] | V9.0.0 | Solaris 9/ 10 | FJSVihs | T001004SP-07 |
| Interstage Application Server Standard-J Edition [*1] | V9.1.0/ V9.1.0B | Solaris 9/ 10 | FJSVihs | T002180SP-05 |
| Interstage Application Server Standard-J Edition [*1] | V9.2.0 | Solaris 9/ 10 | FJSVihs | T004343SP-03 |
| Interstage Application Server Enterprise Edition for Linux [*1] | V9.0.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVihs | T001003LP-05 |
| Interstage Application Server Enterprise Edition for Linux [*1] | V9.1.0/ V9.1.0B | RHEL-AS4(x86)/ AS4(EM64T) | FJSVihs | T002176LP-04 |
| Interstage Application Server Enterprise Edition for Linux [*1] | V9.2.0/ V9.3.1 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVihs | T004338LP-03 |
| Interstage Application Server Standard-J Edition for Linux [*1] | V9.0.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVihs | T001003LP-05 |
| Interstage Application Server Standard-J Edition for Linux [*1] | V9.1.0/ V9.1.0B | RHEL-AS4(x86)/ AS4(EM64T) | FJSVihs | T002176LP-04 |
| Interstage Application Server Standard-J Edition for Linux [*1] | V9.2.0/ V9.3.1 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVihs | T004338LP-03 |
| Interstage Application Server Enterprise Edition for Linux [*1] | V9.0.0 | RHEL5(x86)/ RHEL5(Intel64) | FJSVihs | T001044LP-05 |
| Interstage Application Server Enterprise Edition for Linux [*1] | V9.1.0/ V9.1.0B | RHEL5(x86)/ RHEL5(Intel64) | FJSVihs | T002177LP-04 |
| Interstage Application Server Enterprise Edition for Linux [*1] | V9.2.0/ V9.3.1 | RHEL5(x86)/ RHEL5(Intel64) | FJSVihs | T004339LP-03 |
| Interstage Application Server Standard-J Edition for Linux [*1] | V9.0.0 | RHEL5(x86)/ RHEL5(Intel64) | FJSVihs | T001044LP-05 |
| Interstage Application Server Standard-J Edition for Linux [*1] | V9.1.0/ V9.1.0B | RHEL5(x86)/ RHEL5(Intel64) | FJSVihs | T002177LP-04 |
| Interstage Application Server Standard-J Edition for Linux [*1] | V9.2.0/ V9.3.1 | RHEL5(x86)/ RHEL5(Intel64) | FJSVihs | T004339LP-03 |
| Interstage Application Server Enterprise Edition for Linux [*1] | V9.0.0/ V9.0.0A | RHEL-AS4(IPF) | FJSVihs | T001002QP-05 |
| Interstage Application Server Enterprise Edition for Linux [*1] | V9.1.0 | RHEL-AS4(IPF) | FJSVihs | T002178QP-04 |
| Interstage Application Server Enterprise Edition for Linux [*1] | V9.2.0 | RHEL-AS4(IPF) | FJSVihs | T004340QP-03 |
| Interstage Application Server Standard-J Edition for Linux [*1] | V9.0.0 | RHEL-AS4(IPF) | FJSVihs | T001002QP-05 |
| Interstage Application Server Standard-J Edition for Linux [*1] | V9.1.0 | RHEL-AS4(IPF) | FJSVihs | T002178QP-04 |
| Interstage Application Server Standard-J Edition for Linux [*1] | V9.2.0 | RHEL-AS4(IPF) | FJSVihs | T004340QP-03 |
| Interstage Application Server Enterprise Edition for Linux [*1] | V9.0.0/ V9.0.0A | RHEL5(IPF) | FJSVihs | T001043QP-05 |
| Interstage Application Server Enterprise Edition for Linux [*1] | V9.1.0 | RHEL5(IPF) | FJSVihs | T002179QP-04 |
| Interstage Application Server Enterprise Edition for Linux [*1] | V9.2.0 | RHEL5(IPF) | FJSVihs | T004341QP-03 |
| Interstage Application Server Standard-J Edition for Linux [*1] | V9.0.0 | RHEL5(IPF) | FJSVihs | T001043QP-05 |
| Interstage Application Server Standard-J Edition for Linux [*1] | V9.1.0 | RHEL5(IPF) | FJSVihs | T002179QP-04 |
| Interstage Application Server Standard-J Edition for Linux [*1] | V9.2.0 | RHEL5(IPF) | FJSVihs | T004341QP-03 |
| Interstage Application Server Enterprise Edition for Linux [*1] | V9.2.0/ V9.3.1 | RHEL5(Intel64) | FJSVihs | T004342LP-03 |
| Interstage Application Server Standard-J Edition for Linux [*1] | V9.2.0/ V9.3.1 | RHEL5(Intel64) | FJSVihs | T004342LP-03 |
| Products | Version | Target OS | Package name | Patch ID. |
|---|---|---|---|---|
| Interstage Studio Enterprise Edition for Windows [*1][*2] | V9.0.0 | Windows 2000 Server/ Windows Server 2003/ Windows Server 2003 R2/ Windows XP/ Windows Vista | F3FMihs | T001001WP-06 |
| Interstage Studio Enterprise Edition for Windows [*1][*2] | V9.1.0/ V9.1.0B | Windows 2000 Server/ Windows Server 2003/ Windows Server 2003 R2/ Windows Server 2008/ Windows XP/ Windows Vista | F3FMihs | T002174WP-04 |
| Interstage Studio Enterprise Edition for Windows [*1][*2] | V9.2.0 | Windows 2000 Server/ Windows Server 2003/ Windows Server 2003 R2/ Windows Server 2008/ Windows Server 2008 R2/ Windows XP/ Windows Vista/ Windows 7 | F3FMihs | T004344WP-03 |
| Interstage Studio Standard-J Edition for Windows [*1][*2] | V9.0.0 | Windows 2000 Server/ Windows Server 2003/ Windows Server 2003 R2/ Windows XP/ Windows Vista | F3FMihs | T001001WP-06 |
| Interstage Studio Standard-J Edition for Windows [*1][*2] | V9.1.0/ V9.1.0B | Windows 2000 Server/ Windows Server 2003/ Windows Server 2003 R2/ Windows Server 2008/ Windows XP/ Windows Vista | F3FMihs | T002174WP-04 |
| Interstage Studio Standard-J Edition for Windows [*1][*2] | V9.2.0 | Windows 2000 Server/ Windows Server 2003/ Windows Server 2003 R2/ Windows Server 2008/ Windows Server 2008 R2/ Windows XP/ Windows Vista/ Windows 7 | F3FMihs | T004344WP-03 |
For the Patches, please contact a Fujitsu system engineer or your partner(s).
[*1] The effect of CVE-2009-1891/ CVE-2009-2412/ CVE-2010-1623
[*2] The effect of CVE-2010-1452
Note: Determining the affected product
To check the software version, refer to the "FUJITSU SOFTWARE RELEASE GUIDE" supplied with the product.
3-3. Workaround
None.
4. Related information
- CVE-2009-1891
The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service (CPU consumption).
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891 - CVE-2009-2412
Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger crafted calls to the (1) allocator_alloc or (2) apr_palloc function in memory/unix/apr_pools.c in APR; or crafted calls to the (3) apr_rmm_malloc, (4) apr_rmm_calloc, or (5) apr_rmm_realloc function in misc/apr_rmm.c in APR-util; leading to buffer overflows.
NOTE: some of these details are obtained from third party information.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412 - CVE-2010-1623
Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the destruction of an APR bucket.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623 - CVE-2010-1452
The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service (process crash) via a request that lacks a path.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452
5. Revision history
- September 22nd, 2011: Initial release
