==========================
==========================
===================

                           CERT-Renater

               Note d'Information No. 2013/VULN353
_____________________________________________________________________

DATE                : 20/08/2013

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running IBM HTTP Server versions 8 prior
                             to 8.0.0.7.

==========================
==========================
====================
http://www-01.ibm.com/support/docview.wss?uid=swg27021867
______________________________________________________________________

Fix Pack 7 (8.0.0.7)

Fix release date: 19 August 2013
Last modified: 19 August 2013
Status: Recommended

Download Fix Pack 7 	


APAR 	        Description
PM85211 	CVE-2013-0169: TLS Vulnerability
                http://xforce.iss.net/xforce/xfdb/81902
PM87808 	CVE-2013-1862: mod_rewrite vulnerability
PM89996 	CVE-2013-1896: mod_dav vulnerability
PM84215 	mod_mpmstats may report incorrect values during startup
                 or shutdown
PM87247 	Additional certificate attributes are needed as fields
                 accessible to the SSLClientAuthRequire directive
PM89422 	IHS WebDAV requests slow on Windows

Note: IBM HTTP Server 8.0.0.7 contains all applicable security fixes in
Apache HTTP Server versions up through 2.2.25.

==========================
==========================
====================

==========================
==========================
=======
Serveur de référence du CERT-Renater
https://services.renater.fr/ssi/
==========================
==========================
========
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================
==========================
========