update apache httpd v2.4.53 (Apache HTTP Server CVE-2022-23943、CVE-2022-22721、CVE-2022-22720)


通報主旨

[安全性更新通報]

Apache HTTP Server存在安全性漏洞,遠端攻擊者可以利用漏洞進行阻斷服務攻擊(DOS)或遠端執行任意程式碼(RCE)。若各機構使用之Apache HTTP Server受漏洞影響,請儘速修補漏洞。

摘要說明

1.           Apache HTTP Server存在多個安全性漏洞(CVE-2022-23943CVE-2022-22721CVE-2022-22720),可讓遠端攻擊者透過發送惡意封包,利用漏洞進行阻斷服務攻擊(DOS)或遠端執行任意程式碼(RCE)

2.           若各機構使用之Apache HTTP Server受漏洞影響,請儘速修補漏洞,並優先針對於Internet上提供服務之Apache HTTP Server進行修補。

漏洞影響範圍及

修補方式

CVE-2022-23943CVE-2022-22721CVE-2022-22720影響範圍及修補方式:

n 受影響版本:

Apache HTTP Server versions 2.4.52()以前之版本

n 修補方式:

更新至Apache HTTP Server versions 2.4.53

n 詳細受影響範圍及更新說明請參考Apache官網,連結如下:

https://httpd.apache.org/security/vulnerabilities_24.html

※ 設備更新前,敬請進行完整評估與測試

※ 請勿使用外部網站進行弱點測試

參考來源

https://httpd.apache.org/security/vulnerabilities_24.html

 


 [root@pr2 httpd-2.4.53]# cd srclib/

 mv apr-util ../../httpd-2.4.53/srclib/

 mv apr ../../httpd-2.4.53/srclib/

 ./configure --with-included-apr --prefix=/etc/httpd --with-expat=/opt/apache_files --with-apr=/root/apache/httpd-2.4.52/srclib/apr --with-apr-util=/root/apache/httpd-2.4.52/srclib/apr-util --with-pcre=/usr/bin/pcre-config --enable-modules=most --enable-mods-shared=all --with-mpm=prefork


  926  make clean

  927  make

  928  make install

  929  apachectl stop

  966  cd /opt/aps/bin

  971  systemctl stop ps_kernel.service

  972  systemctl start ps_kernel.service

  974  ./ps_ctl.sh stop

  975  ./ps_ctl.sh start

  976  apachectl restart

  977  apachectl -V

留言

張貼留言

這個網誌中的熱門文章

10.29 Slow HTTP Denial of Service Attack (Slowloris)

站長日誌 109.10.29 弱點掃描偵測到Slow HTTP Denial of Service Attack弱點一隻 Server-Specific Recommendations Applying the above steps to the HTTP servers tested in the previous article indicates the following server-specific settings: Apache Using the < Limit > and < LimitExcept > directives to drop requests with methods not supported by the URL alone won’t help, because Apache waits for the entire request to complete before applying these directives. Therefore, use these parameters in conjunction with the  LimitRequestFields ,  LimitRequestFieldSize ,  LimitRequestBody ,  LimitRequestLine ,  LimitXMLRequestBody  directives as appropriate. For example, it is unlikely that your web app requires an 8190 byte header, or an unlimited body size, or 100 headers per request, as most default configurations have.  Set reasonable  TimeOut  and  KeepAliveTimeOut  directive values. The default value of 300 seconds for  TimeOut  is overkil...
閱讀完整內容

在CentOS 8 Stream安裝NTP Client與設定時區

sudo dnf install chrony vi /etc/chrony.conf 加入 server tock.stdtime.gov.tw sudo systemctl enable chronyd sudo systemctl start chronyd sudo timedatectl set-timezone Asia/Taipei date ls -l /etc/localtime 在Fortigate設定NTP自動校準時間 Use this command to configure Network Time Protocol (NTP) servers. The Network Time Protocol enables you to keep the FortiGate time in sync with other network systems. By enabling NTP on the FortiGate, FortiOS will check with the NTP server you select at the configured intervals. This will also ensure that logs and other time-sensitive settings on the FortiGate are correct. The FortiGate maintains its internal clock using a built-in battery. At start up, the time reported by the FortiGate will indicate the hardware clock time, which may not be accurate. When using NTP, the system time might change after the FortiGate has successfully obtained the time from a configured NTP server. config system ntp set ntpsync {enable | disable} Enable/disable setting the Forti...
閱讀完整內容

Update Pattern of TrendMicro AntiVirus Software - ServerProtect

使用指令更新 SPLX 掃瞄引擎與病毒碼 1. 打開終端機指令並使用 root 登入 2. 在終端機輸入以下指令: /opt/TrendMicro/SProtectLinux/SPLX.vsapiapp/splxmain -u 確認您的病毒碼與掃描引擎版本 在終端機執行指令:ps aux | grep splxmain 指令將顯示一些相似的訊息: root 14913 0.0 0.1 3568 624 pts/2 S 04:51 0:00 /opt/TrendMicro/SProtectLinux/ /SPLX.vsapiapp/splxmain -u 至/opt/TrendMicro/SProtectLinux/目錄並且確認更新的病毒碼檔案 lpt$vpn.xxx (xxx 代表現在的病毒碼版本) 病毒碼更新完成,請在相同目錄下如步驟輸入以下指令: ls -al *vpn.xxx (xxx 代表現在的病毒碼版本) ls -al libvsapi.so (掃描引擎檔案) 確認掃描引擎更新成功,兩個檔案的時間與日期戳記將會相同
閱讀完整內容