Hi,
This is my first post so please don't flame me if I violated any norms.
I am trying to find out if one of my Apache installation is vulnerable to
CVS-2011-4317 or not. The description of this vulnerability says that this
vulnerability exists in "2.2.x through 2.2.21, when the Revision 1179239
patch is in place".
My question is how do I determine if this Revision patch is in place or not
by looking at the source code for our installation ( I have 2.2.17 and
2.2.19 installed)
Thanks
Murthy
Comments
Re: How to find if Revision 1179239 patch is in pl
By Mark Montague at 02/13/2012 - 19:00On February 13, 2012 17:28 , Murthy Ganti
<murthy. ... at cbsinteractive dot com> wrote:
If you see the following lines (the ones in green in the right-hand
column) in the file server/protocol.c then the revision 1179239 patch is
in place:
<a href="https://svn.apache.org/viewvc/httpd/httpd/trunk/server/protocol.c?r1=1178566&r2=1179239&pathrev=1179239&diff_format=h" title="https://svn.apache.org/viewvc/httpd/httpd/trunk/server/protocol.c?r1=1178566&r2=1179239&pathrev=1179239&diff_format=h">https://svn.apache.org/viewvc/httpd/httpd/trunk/server/protocol.c?r1=117...</a>
The most likely situation in which this would be the case is if you are
using a version of Apache HTTP Server that is patched for you by an
upstream distributor and you upgraded to a version in which the
distributor back-ported the fix for CVE-2011-3368 but you did not
upgrade to a version in which the distributor back-ported the fix for
CVE-2011-4317.
Or, this could arise if you compile 2.2.17 or 2.2.19 from source
yourself and you patched the source to fix CVE-2011-3368 thus creating
the vulnerability described in CVE-2011-4317 but you did not apply the
patch to fix CVE-2011-4317 for some reason, despite applying other fixes.