Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > September 2005 > IBM - Apache and mod_ssl Technical Support Bulletin

September 2005

IBM - Apache and mod_ssl Technical Support Bulletin

ID: 00818
Ref: 762/05
Date: 21 September 2005:14:25:22
Version: 1
Title: IBM - Apache and mod_ssl Technical Support Bulletin
Abstract: HMC 3.3.2 and above fix for Apache Security Issues, HMC V4R2.0 and above fix for Apache Server code
Vendors affected: IBM
Operating systems affected: IBM
Applications affected: IBM

Title
=====
IBM - Apache and mod_ssl Technical Support Bulletin

Detail
======

1) Hardware management console : Security fixes
(2005.09.21)
HMC 3.3.2 and above fix for Apache Security Issues

The fixes in this package address the following security
issues with Apache Server:

CAN-2004-0940 : Apache buffer overflow fix.
CAN-2004-0885 : mod_ssl vulnerabilities fix.
CAN-2005-1268 : mod_ssl vulnerabilities fix.
CAN-2005-2088 : Apache vulnerabilities fix.

This fix can be applied on HMC 3.3.2 systems and Above and
can be order using the PTF number U805614 or the APAR
number IY76332. All HMC 3.3.2 and above customer are
recommended to install this fix.

More information
https://techsupport.services.ibm.com/server/pseries.subscriptionSvcs?mode=18&ID=2087

HMC V4R2.0 and above fix for Apache Server code

This package provides an update to the Apache server code,
and must be installed on the V4 R2.0 or above HMC. This
service package is referenced by APAR MB01199 or PTF
MH00415.
The fixes in this package address the following security
issues:

CAN-2004-0940 : Apache buffer overflow fix.
CAN-2004-0885 : mod_ssl vulnerabilities fix.
CAN-2005-1268 : mod_ssl vulnerabilities fix.
CAN-2005-2088 : Apache vulnerabilities fix.
It is recommended that all HMC V4R2.0 and above customers
install this fix.

More information
https://techsupport.services.ibm.com/server/pseries.subscriptionSvcs?mode=18&ID=2088

- ---------------------------------------------------------------------

Related URLs:

Find end of support dates for AIX and software running on AIX
http://www.ibm.com/services/sl/products

Visit pSeries Support for a wide array of technical resources.
http://www.ibm.com/server/eserver/support/pseries

Download fixes for AIX V5 and 4.3 OS, Java, Compilers:
https://techsupport.services.ibm.com/server/aix.fdc

Update your Subscription Service profile
https://techsupport.services.ibm.com/server/pseries.subscriptionSvcs?mode=2

Unsubscribe from Subscription Service
https://techsupport.services.ibm.com/server/pseries.subscriptionSvcs?mode=3

Sign up for customized weekly newsletter from IBM
https://isource.ibm.com/world/index.shtml

- ----------------------------------------------------------------------
IBM, eServer and pSeries are trademarks or registered trademarks of the International
Business Machines Corporation in the United States or other countries, or both.



  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |