Download
Downloadable File
File link | File size | File description |
---|---|---|
Abstract
Multiple vulnerabilities in IBM HTTP Server (CVE-2020-1927, CVE-2020-1934)
Download Description
PH21992 resolves the following problem:
ERROR DESCRIPTION:
CVE-2020-1927: IBM HTTP Server could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in the mod_rewrite module.
CVE-2020-1934: IBM HTTP Server could allow a remote attacker to execute arbitrary code on the system, caused by the use of an uninitialized value in mod_proxy_ftp.
PROBLEM SUMMARY:
CVE-2020-1927, CVE-2020-1934 in IBM HTTP Server.
PROBLEM CONCLUSION:
IHS was updated to resolve the vulnerabilities.
This fix is targeted for IBM HTTP Server fix packs:
- 8.5.5.18
- 9.0.5.4
ERROR DESCRIPTION:
CVE-2020-1927: IBM HTTP Server could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in the mod_rewrite module.
CVE-2020-1934: IBM HTTP Server could allow a remote attacker to execute arbitrary code on the system, caused by the use of an uninitialized value in mod_proxy_ftp.
PROBLEM SUMMARY:
CVE-2020-1927, CVE-2020-1934 in IBM HTTP Server.
PROBLEM CONCLUSION:
IHS was updated to resolve the vulnerabilities.
This fix is targeted for IBM HTTP Server fix packs:
- 8.5.5.18
- 9.0.5.4
Prerequisites
Download the UpdateInstaller below to install this fix.
URL | SIZE(Bytes) |
---|---|
UpdateInstaller | 7250000 |
Installation Instructions
Review the readme.txt for detailed installation instructions.
URL | SIZE(Bytes) |
---|---|
V70 Readme | 5199 |
V80 Readme | 2193 |
V85 Readme | 2211 |
V90 Readme | 2285 |
V90 Archive Readme | 1658 |
Download Package
DOWNLOAD | RELEASE DATE | SIZE(Bytes) |
DOWNLOAD Options |
---|---|---|---|
9.0.5.3-WS-WASIHS-IFPH21992 | 13 April 2020 | 10450129 | FC |
9.0.5.2-WS-WASIHS-IFPH21992 | 13 April 2020 | 10450099 | FC |
9.0.5.1-WS-WASIHS-IFPH21992 | 13 April 2020 | 10450077 | FC |
8.5.5.17-WS-WASIHS-IFPH21992 | 13 April 2020 | 12231423 | FC |
8.5.5.16-WS-WASIHS-IFPH21992 | 13 April 2020 | 20256946 | FC |
8.5.5.15-WS-WASIHS-IFPH21992 | 13 April 2020 | 21216227 | FC |
8.0.0.15-WS-WASIHS-IFPH21992 | 13 April 2020 | 81173391 | FC |
7.0.0.45-WS-WASIHS-AixPPC32-IFPH21992 | 13 April 2020 | 4129644 | FC |
7.0.0.45-WS-WASIHS-HpuxIA64-IFPH21992 | 13 April 2020 | 9743455 | FC |
7.0.0.45-WS-WASIHS-HpuxPaRISC-IFPH21992 | 13 April 2020 | 3951496 | FC |
7.0.0.45-WS-WASIHS-LinuxPPC32-IFPH21992 | 13 April 2020 | 3195276 | FC |
7.0.0.45-WS-WASIHS-LinuxS390-IFPH21992 | 13 April 2020 | 3193401 | FC |
7.0.0.45-WS-WASIHS-LinuxX32-IFPH21992 | 13 April 2020 | 2882618 | FC |
7.0.0.45-WS-WASIHS-SolarisSparc-IFPH21992 | 13 April 2020 | 4471179 | FC |
7.0.0.45-WS-WASIHS-SolarisX64-IFPH21992 | 13 April 2020 | 3090773 | FC |
7.0.0.45-WS-WASIHS-WinX32-IFPH21992 | 13 April 2020 | 5398804 | FC |
9.0.5.3-WS-WASIHS_Archive-AixPPC64-IFPH21992 | 13 April 2020 | 28134436 | FC |
9.0.5.3-WS-WASIHS_Archive-LinuxPPC64LE-IFPH21992 | 13 April 2020 | 26566668 | FC |
9.0.5.3-WS-WASIHS_Archive-LinuxS39064-IFPH21992 | 13 April 2020 | 27549522 | FC |
9.0.5.3-WS-WASIHS_Archive-LinuxX64-IFPH21992 | 13 April 2020 | 25659811 | FC |
9.0.5.3-WS-WASIHS_Archive-WinX32-IFPH21992 | 13 April 2020 | 26578262 | FC |
9.0.5.3-WS-WASIHS_Archive-WinX64-IFPH21992 | 13 April 2020 | 27472573 | FC |
9.0.5.2-WS-WASIHS_Archive-AixPPC64-IFPH21992 | 13 April 2020 | 28134103 | FC |
9.0.5.2-WS-WASIHS_Archive-LinuxPPC64LE-IFPH21992 | 13 April 2020 | 26566445 | FC |
9.0.5.2-WS-WASIHS_Archive-LinuxS39064-IFPH21992 | 13 April 2020 | 27549196 | FC |
9.0.5.2-WS-WASIHS_Archive-LinuxX64-IFPH21992 | 13 April 2020 | 25659686 | FC |
9.0.5.2-WS-WASIHS_Archive-WinX32-IFPH21992 | 13 April 2020 | 26578035 | FC |
9.0.5.2-WS-WASIHS_Archive-WinX64-IFPH21992 | 13 April 2020 | 27472162 | FC |
Problems Solved
PH21992
On
Technical Support
Contact IBM Support at https://www.ibm.com/software/mysupport/s/ or 1-800-IBM-SERV (US only).
Document Location
Worldwide
[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Component":"IBM HTTP Server","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"},{"code":"PF035","label":"z\/OS"}],"Version":"7.0.0.45;8.0.0.15;8.5.5.15;8.5.5.16;8.5.5.17;9.0.5.1;9.0.5.2;9.0.5.3","Edition":"Base,Enterprise,Advanced,Single Server,Network Deployment","Line of Business":{"code":"LOB45","label":"Automation"}}]
Problems (APARS) fixed
Was this topic helpful?
Document Information
Modified date:
15 April 2020
UID
ibm16189831