IBM Support

PM87808: mod_rewrite vulnerability (CVE-2013-1862)

Download


Abstract

This APAR resolves a vulnerability in the optional mod_rewrite module.

Download Description

PM87808 resolves the following problem:

ERROR DESCRIPTION:
The IBM HTTP Server optional mod_rewrite module does not properly filter terminal escape sequences from logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.

USERS AFFECTED:
IBM HTTP Server users using the "RewriteLog" directive.

PROBLEM DESCRIPTION:
Unix-like terminals can potentially be manipulated while viewing a mod_rewrite log.


RECOMMENDATION:
Apply this fix if using the "RewriteLog" directive.

LOCAL FIX:
Don't view the mod_rewrite logs using a terminal emulator.


PROBLEM CONCLUSION:
Entries recorded in the "RewriteLog" undergo the same control character escaping as the primary error log.

This fix is targeted for IHS fixpacks:
- 6.1.0.47
- 7.0.0.31
- 8.0.0.7
- 8.5.5.1


Note: For the 8.x versions, this interim fix can also be installed using Install Manager (IM) with the
Web-based ("live") repository provided by IBM.

Prerequisites

UpdateInstaller is used for the pre-8.x interim fixes.

[{"PRLabel":"UpdateInstaller","PRLang":"English","PRSize":"7250000","PRPlat":{"label":"AIX","code":"PF002"},"PRURL":"http://www.ibm.com/support/docview.wss?rs=180&uid=swg21205991"}]
On
[{"DNLabel":"8.0.0.4 - 8.0.0.6 distributed platforms","DNDate":"9 Aug 2013","DNLang":"US English","DNSize":"790977","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www.ibm.com/support/fixcentral/quickorder?fixids=8.0.0.4-WS-WASIHS-MultiOS-IFPM87808&product=ibm%2FWebSphere%2FWebSphere+Application+Server&source=dbluesearch","DNURL_FTP":" ","DDURL":null},{"DNLabel":"8.0.0.4 - 8.0.0.6 z/OS","DNDate":"9 Aug 2013","DNLang":"US English","DNSize":"276545","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www.ibm.com/support/fixcentral/quickorder?fixids=8.0.0.4-WS-WASIHS-OS390-IFPM87808&product=ibm%2FWebSphere%2FWebSphere+Application+Server&source=dbluesearch","DNURL_FTP":" ","DDURL":null},{"DNLabel":"8.5.0.1 - 8.5.0.2 distributed platforms","DNDate":"9 Aug 2013","DNLang":"US English","DNSize":"784635","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www.ibm.com/support/fixcentral/quickorder?fixids=8.5.0.1-WS-WASIHS-MultiOS-IFPM87808&product=ibm%2FWebSphere%2FWebSphere+Application+Server&source=dbluesearch","DNURL_FTP":" ","DDURL":null},{"DNLabel":"8.5.0.1 - 8.5.0.2 z/OS","DNDate":"9 Aug 2013","DNLang":"US English","DNSize":"280775","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www.ibm.com/support/fixcentral/quickorder?fixids=8.5.0.1-WS-WASIHS-OS390-IFPM87808&product=ibm%2FWebSphere%2FWebSphere+Application+Server&source=dbluesearch","DNURL_FTP":" ","DDURL":null},{"DNLabel":"8.5.5.0 distributed platforms","DNDate":"9 Aug 2013","DNLang":"US English","DNSize":"767991","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www.ibm.com/support/fixcentral/quickorder?fixids=8.5.5.0-WS-WASIHS-MultiOS-IFPM87808&product=ibm%2FWebSphere%2FWebSphere+Application+Server&source=dbluesearch","DNURL_FTP":" ","DDURL":null},{"DNLabel":"8.5.5.0 z/OS","DNDate":"9 Aug 2013","DNLang":"US English","DNSize":"352870","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www.ibm.com/support/fixcentral/quickorder?fixids=8.5.5.0-WS-WASIHS-OS390-IFPM87808&product=ibm%2FWebSphere%2FWebSphere+Application+Server&source=dbluesearch","DNURL_FTP":" ","DDURL":null},{"DNLabel":"7.0.0.25 - 7.0.0.29 AixPPC32","DNDate":"9 Aug 2013","DNLang":"US English","DNSize":"40926","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www.ibm.com/support/fixcentral/quickorder?fixids=7.0.0.25-WS-WASIHS-AixPPC32-IFPM87808&source=dbluesearch&product=ibm%2FWebSphere%2FWebSphere+Application+Server","DNURL_FTP":" ","DDURL":null},{"DNLabel":"7.0.0.25 - 7.0.0.29 HpuxIA64","DNDate":"9 Aug 2013","DNLang":"US English","DNSize":"93076","DNPlat":{"label":"HP-UX","code":"PF010"},"DNURL":"http://www.ibm.com/support/fixcentral/quickorder?fixids=7.0.0.25-WS-WASIHS-HpuxIA64-IFPM87808&source=dbluesearch&product=ibm%2FWebSphere%2FWebSphere+Application+Server","DNURL_FTP":" ","DDURL":null},{"DNLabel":"7.0.0.25 - 7.0.0.29 HpuxPaRISC","DNDate":"9 Aug 2013","DNLang":"US English","DNSize":"40319","DNPlat":{"label":"HP-UX","code":"PF010"},"DNURL":"http://www.ibm.com/support/fixcentral/quickorder?fixids=7.0.0.25-WS-WASIHS-HpuxPaRISC-IFPM87808&source=dbluesearch&product=ibm%2FWebSphere%2FWebSphere+Application+Server","DNURL_FTP":" ","DDURL":null},{"DNLabel":"7.0.0.25 - 7.0.0.29 LinuxPPC32","DNDate":"9 Aug 2013","DNLang":"US English","DNSize":"35824","DNPlat":{"label":"Linux","code":"PF016"},"DNURL":"http://www.ibm.com/support/fixcentral/quickorder?fixids=7.0.0.25-WS-WASIHS-LinuxPPC32-IFPM87808&source=dbluesearch&product=ibm%2FWebSphere%2FWebSphere+Application+Server","DNURL_FTP":" ","DDURL":null},{"DNLabel":"7.0.0.25 - 7.0.0.29 LinuxS390","DNDate":"9 Aug 2013","DNLang":"US English","DNSize":"33712","DNPlat":{"label":"Linux","code":"PF016"},"DNURL":"http://www.ibm.com/support/fixcentral/quickorder?fixids=7.0.0.25-WS-WASIHS-LinuxS390-IFPM87808&source=dbluesearch&product=ibm%2FWebSphere%2FWebSphere+Application+Server","DNURL_FTP":" ","DDURL":null},{"DNLabel":"7.0.0.25 - 7.0.0.29 LinuxX32","DNDate":"9 Aug 2013","DNLang":"US English","DNSize":"32248","DNPlat":{"label":"Linux","code":"PF016"},"DNURL":"http://www.ibm.com/support/fixcentral/quickorder?fixids=7.0.0.25-WS-WASIHS-LinuxX32-IFPM87808&source=dbluesearch&product=ibm%2FWebSphere%2FWebSphere+Application+Server","DNURL_FTP":" ","DDURL":null},{"DNLabel":"7.0.0.25 - 7.0.0.29 SolarisSparc","DNDate":"9 Aug 2013","DNLang":"US English","DNSize":"42898","DNPlat":{"label":"Solaris","code":"PF027"},"DNURL":"http://www.ibm.com/support/fixcentral/quickorder?fixids=7.0.0.25-WS-WASIHS-SolarisSparc-IFPM87808&source=dbluesearch&product=ibm%2FWebSphere%2FWebSphere+Application+Server","DNURL_FTP":" ","DDURL":null},{"DNLabel":"7.0.0.25 - 7.0.0.29 SolarisX64","DNDate":"9 Aug 2013","DNLang":"US English","DNSize":"33570","DNPlat":{"label":"Solaris","code":"PF027"},"DNURL":"http://www.ibm.com/support/fixcentral/quickorder?fixids=7.0.0.25-WS-WASIHS-SolarisX64-IFPM87808&source=dbluesearch&product=ibm%2FWebSphere%2FWebSphere+Application+Server","DNURL_FTP":" ","DDURL":null},{"DNLabel":"7.0.0.25 - 7.0.0.29 WinX32","DNDate":"9 Aug 2013","DNLang":"US English","DNSize":"71427","DNPlat":{"label":"Windows","code":"PF033"},"DNURL":"http://www.ibm.com/support/fixcentral/quickorder?fixids=7.0.0.25-WS-WASIHS-WinX32-IFPM87808&source=dbluesearch&product=ibm%2FWebSphere%2FWebSphere+Application+Server","DNURL_FTP":" ","DDURL":null},{"DNLabel":"6.1.0.43 - 6.1.0.45 AixPPC32","DNDate":"9 Aug 2013","DNLang":"US English","DNSize":"38654","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www.ibm.com/support/fixcentral/quickorder?fixids=6.1.0.43-WS-WASIHS-AixPPC32-IFPM87808&source=dbluesearch&product=ibm%2FWebSphere%2FWebSphere+Application+Server","DNURL_FTP":" ","DDURL":null},{"DNLabel":"6.1.0.43 - 6.1.0.45 HpuxIA64","DNDate":"9 Aug 2013","DNLang":"US English","DNSize":"87232","DNPlat":{"label":"HP-UX","code":"PF010"},"DNURL":"http://www.ibm.com/support/fixcentral/quickorder?fixids=6.1.0.43-WS-WASIHS-HpuxIA64-IFPM87808&source=dbluesearch&product=ibm%2FWebSphere%2FWebSphere+Application+Server","DNURL_FTP":" ","DDURL":null},{"DNLabel":"6.1.0.43 - 6.1.0.45 HpuxPaRISC","DNDate":"9 Aug 2013","DNLang":"US English","DNSize":"37683","DNPlat":{"label":"HP-UX","code":"PF010"},"DNURL":"http://www.ibm.com/support/fixcentral/quickorder?fixids=6.1.0.43-WS-WASIHS-HpuxPaRISC-IFPM87808&source=dbluesearch&product=ibm%2FWebSphere%2FWebSphere+Application+Server","DNURL_FTP":" ","DDURL":null},{"DNLabel":"6.1.0.43 - 6.1.0.45 LinuxPPC32","DNDate":"9 Aug 2013","DNLang":"US English","DNSize":"36216","DNPlat":{"label":"Linux","code":"PF016"},"DNURL":"http://www.ibm.com/support/fixcentral/quickorder?fixids=6.1.0.43-WS-WASIHS-LinuxPPC32-IFPM87808&source=dbluesearch&product=ibm%2FWebSphere%2FWebSphere+Application+Server","DNURL_FTP":" ","DDURL":null},{"DNLabel":"6.1.0.43 - 6.1.0.45 LinuxS390","DNDate":"9 Aug 2013","DNLang":"US English","DNSize":"31570","DNPlat":{"label":"Linux","code":"PF016"},"DNURL":"http://www.ibm.com/support/fixcentral/quickorder?fixids=6.1.0.43-WS-WASIHS-LinuxS390-IFPM87808&source=dbluesearch&product=ibm%2FWebSphere%2FWebSphere+Application+Server","DNURL_FTP":" ","DDURL":null},{"DNLabel":"6.1.0.43 - 6.1.0.45 LinuxX32","DNDate":"9 Aug 2013","DNLang":"US English","DNSize":"30335","DNPlat":{"label":"Linux","code":"PF016"},"DNURL":"http://www.ibm.com/support/fixcentral/quickorder?fixids=6.1.0.43-WS-WASIHS-LinuxX32-IFPM87808&source=dbluesearch&product=ibm%2FWebSphere%2FWebSphere+Application+Server","DNURL_FTP":" ","DDURL":null},{"DNLabel":"6.1.0.43 - 6.1.0.45 SolarisSparc","DNDate":"9 Aug 2013","DNLang":"US English","DNSize":"40318","DNPlat":{"label":"Solaris","code":"PF027"},"DNURL":"http://www.ibm.com/support/fixcentral/quickorder?fixids=6.1.0.43-WS-WASIHS-SolarisSparc-IFPM87808&source=dbluesearch&product=ibm%2FWebSphere%2FWebSphere+Application+Server","DNURL_FTP":" ","DDURL":null},{"DNLabel":"6.1.0.43 - 6.1.0.45 SolarisX64","DNDate":"9 Aug 2013","DNLang":"US English","DNSize":"32086","DNPlat":{"label":"Solaris","code":"PF027"},"DNURL":"http://www.ibm.com/support/fixcentral/quickorder?fixids=6.1.0.43-WS-WASIHS-SolarisX64-IFPM87808&source=dbluesearch&product=ibm%2FWebSphere%2FWebSphere+Application+Server","DNURL_FTP":" ","DDURL":null},{"DNLabel":"6.1.0.43 - 6.1.0.45 WinX32","DNDate":"9 Aug 2013","DNLang":"US English","DNSize":"68687","DNPlat":{"label":"Windows","code":"PF033"},"DNURL":"http://www.ibm.com/support/fixcentral/quickorder?fixids=6.1.0.43-WS-WASIHS-WinX32-IFPM87808&source=dbluesearch&product=ibm%2FWebSphere%2FWebSphere+Application+Server","DNURL_FTP":" ","DDURL":null}]
[{"Product":{"code":"SSEQTJ","label":"IBM HTTP Server"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Base Server","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"},{"code":"PF035","label":"z\/OS"}],"Version":"8.5.5;8.5.0.2;8.5.0.1;8.0.0.6;8.0.0.5;8.0.0.4;7.0.0.29;7.0.0.27;7.0.0.25;6.1.0.45;6.1.0.43","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
07 September 2022

UID

swg24035498