Download
Downloadable File
File link | File size | File description |
---|---|---|
Abstract
Multiple vulnerabilities in IBM HTTP Server (CVE-2018-20843, CVE-2019-10092, CVE-2019-10098)
Download Description
PH14974 resolves the following problem:
ERROR DESCRIPTION:
CVE-2018-20843: libexpat is vulnerable to a denial of service, caused by an error in the XML parser.
CVE-2019-10092: Apache HTTP Server is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the mod_proxy error page.
CVE-2019-10098: Apache HTTP Server could allow a remote attacker to conduct phishing attacks, caused by an open rdirect vulnerability in the mod_rewrite module.
PROBLEM SUMMARY:
CVE-2019-10092, CVE-2019-10098, CVE-2018-20843 in IBM HTTP Server.
PROBLEM CONCLUSION:
IHS was updated to prevent the vulnerable conditions.
This fix is targeted for IBM HTTP Server fix packs:
- 8.5.5.17
- 9.0.5.1
Prerequisites
None
Installation Instructions
Please review the readme.txt for detailed installation instructions.
URL | SIZE(Bytes) |
---|---|
V90 Readme | 2427 |
V90 Archive Readme | 1799 |
V85 Readme | 2350 |
V80 Readme | 2341 |
V70 Readme | 5347 |
Download Package
DOWNLOAD | RELEASE DATE | SIZE(Bytes) |
DOWNLOAD Options |
---|---|---|---|
9.0.0.11-WS-WASIHS-IFPH14974 | 09-17-2019 | 17249837 | FC |
9.0.5.0-WS-WASIHS-IFPH14974 | 09-17-2019 | 16336000 | FC |
9.0.5.0-WS-WASIHS_Archive-AixPPC64-IFPH14974 | 09-17-2019 | 28016520 | FC |
9.0.5.0-WS-WASIHS_Archive-LinuxPPC64LE-IFPH14974 | 09-17-2019 | 26500078 | FC |
9.0.5.0-WS-WASIHS_Archive-LinuxS39064-IFPH14974 | 09-17-2019 | 27376359 | FC |
9.0.5.0-WS-WASIHS_Archive-LinuxX64-IFPH14974 | 09-17-2019 | 25552909 | FC |
9.0.5.0-WS-WASIHS_Archive-WinX32-IFPH14974 | 09-17-2019 | 26525458 | FC |
9.0.5.0-WS-WASIHS_Archive-WinX64-IFPH14974 | 09-17-2019 | 27407321 | FC |
8.5.5.16-WS-WASIHS-IFPH14974 | 09-17-2019 | 18829766 | FC |
8.5.5.15-WS-WASIHS-IFPH14974 | 09-17-2019 | 19789431 | FC |
8.0.0.15-WS-WASIHS-IFPH14974 | 09-17-2019 | 80999137 | FC |
7.0.0.45-WS-WASIHS-AixPPC32-IFPH14974 | 09-17-2019 | 4119863 | FC |
7.0.0.45-WS-WASIHS-HpuxIA64-IFPH14974 | 09-17-2019 | 9724296 | FC |
7.0.0.45-WS-WASIHS-HpuxPaRISC-IFPH14974 | 09-17-2019 | 3940916 | FC |
7.0.0.45-WS-WASIHS-LinuxPPC32-IFPH14974 | 09-17-2019 | 3183316 | FC |
7.0.0.45-WS-WASIHS-LinuxS390-IFPH14974 | 09-17-2019 | 3179755 | FC |
7.0.0.45-WS-WASIHS-LinuxX32-IFPH14974 | 09-17-2019 | 2870613 | FC |
7.0.0.45-WS-WASIHS-SolarisSparc-IFPH14974 | 09-17-2019 | 4470449 | FC |
7.0.0.45-WS-WASIHS-SolarisX64-IFPH14974 | 09-17-2019 | 3081318 | FC |
7.0.0.45-WS-WASIHS-WinX32-IFPH14974 | 09-17-2019 | 5508396 | FC |
Problems Solved
PH14974
On
Technical Support
Contact IBM Support using SR (http://www.ibm.com/software/support/probsub.html), visit the support web site, or contact 1-800-IBM-SERV (U.S. only).
Document Location
Worldwide
[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Component":"IBM HTTP Server","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"},{"code":"PF035","label":"z\/OS"}],"Version":"7.0.0.45;8.0.0.15;8.5.5.15;8.5.5.16;9.0.0.11;9.0.5.0","Edition":"Advanced,Base,Enterprise,Network Deployment,Single Server","Line of Business":{"code":"LOB45","label":"Automation"}}]
Problems (APARS) fixed
Was this topic helpful?
Document Information
Modified date:
18 September 2019
UID
ibm11074154