apache2 mod_rewrite CVE 2013-1862

Bug #1188069 reported by Ante Karamatić
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
apache2 (Ubuntu)
Invalid
Low
Unassigned
Lucid
Fix Released
Low
Unassigned
Precise
Fix Released
Low
Unassigned
Quantal
Fix Released
Low
Unassigned
Raring
Fix Released
Low
Unassigned
Saucy
Invalid
Low
Unassigned

Bug Description

Vulnerability has been found in mod_rewrite in apache2. This vulnerability has been considered low.

There's a patch available at:

http://people.apache.org/~jorton/mod_rewrite-CVE-2013-1862.patch

Vulnerability can be triggered by exploiting the code

Known Workaround is to not using RewriteLog directive.

Tags: security

CVE References

Revision history for this message
Ante Karamatić (ivoks) wrote :
information type: Public → Public Security
tags: added: security
Revision history for this message
Marc Deslauriers (mdeslaur) wrote :

We are tracking this issue here:

http://people.canonical.com/~ubuntu-security/cve/?cve=CVE-2013-1862

Since this issue has been rated as having a "low" priority, we will not be releasing a security update until more important issues are found, at which point the security update will bundle them.

Changed in apache2 (Ubuntu Lucid):
status: New → Confirmed
Changed in apache2 (Ubuntu Precise):
status: New → Confirmed
Changed in apache2 (Ubuntu Quantal):
status: New → Confirmed
Changed in apache2 (Ubuntu Raring):
status: New → Confirmed
Changed in apache2 (Ubuntu Saucy):
status: New → Confirmed
Changed in apache2 (Ubuntu Lucid):
importance: Undecided → Low
Changed in apache2 (Ubuntu Precise):
importance: Undecided → Low
Changed in apache2 (Ubuntu Raring):
importance: Undecided → Low
Changed in apache2 (Ubuntu Saucy):
importance: Undecided → Low
Changed in apache2 (Ubuntu Quantal):
importance: Undecided → Low
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apache2 - 2.2.14-5ubuntu8.12

---------------
apache2 (2.2.14-5ubuntu8.12) lucid-security; urgency=low

  * SECURITY UPDATE: log file poisoning via mod_rewrite (LP: #1188069)
    - debian/patches/CVE-2013-1862.dpatch: properly escape items in
      modules/mappers/mod_rewrite.c.
    - CVE-2013-1862
  * SECURITY UPDATE: denial of service via MERGE request
    - debian/patches/CVE-2013-1896.dpatch: make sure DAV is enabled for URI
      in modules/dav/main/mod_dav.c.
    - CVE-2013-1896
 -- Marc Deslauriers <email address hidden> Fri, 12 Jul 2013 09:00:34 -0400

Changed in apache2 (Ubuntu Lucid):
status: Confirmed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apache2 - 2.2.22-6ubuntu2.3

---------------
apache2 (2.2.22-6ubuntu2.3) quantal-security; urgency=low

  * SECURITY UPDATE: log file poisoning via mod_rewrite (LP: #1188069)
    - debian/patches/CVE-2013-1862.patch: properly escape items in
      modules/mappers/mod_rewrite.c.
    - CVE-2013-1862
  * SECURITY UPDATE: denial of service via MERGE request
    - debian/patches/CVE-2013-1896.patch: make sure DAV is enabled for URI
      in modules/dav/main/mod_dav.c.
    - CVE-2013-1896
 -- Marc Deslauriers <email address hidden> Fri, 12 Jul 2013 08:35:53 -0400

Changed in apache2 (Ubuntu Quantal):
status: Confirmed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apache2 - 2.2.22-6ubuntu5.1

---------------
apache2 (2.2.22-6ubuntu5.1) raring-security; urgency=low

  * SECURITY UPDATE: log file poisoning via mod_rewrite (LP: #1188069)
    - debian/patches/CVE-2013-1862.patch: properly escape items in
      modules/mappers/mod_rewrite.c.
    - CVE-2013-1862
  * SECURITY UPDATE: denial of service via MERGE request
    - debian/patches/CVE-2013-1896.patch: make sure DAV is enabled for URI
      in modules/dav/main/mod_dav.c.
    - CVE-2013-1896
 -- Marc Deslauriers <email address hidden> Fri, 12 Jul 2013 08:29:24 -0400

Changed in apache2 (Ubuntu Raring):
status: Confirmed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apache2 - 2.2.22-1ubuntu1.4

---------------
apache2 (2.2.22-1ubuntu1.4) precise-security; urgency=low

  * SECURITY UPDATE: log file poisoning via mod_rewrite (LP: #1188069)
    - debian/patches/CVE-2013-1862.patch: properly escape items in
      modules/mappers/mod_rewrite.c.
    - CVE-2013-1862
  * SECURITY UPDATE: denial of service via MERGE request
    - debian/patches/CVE-2013-1896.patch: make sure DAV is enabled for URI
      in modules/dav/main/mod_dav.c.
    - CVE-2013-1896
 -- Marc Deslauriers <email address hidden> Fri, 12 Jul 2013 08:58:01 -0400

Changed in apache2 (Ubuntu Precise):
status: Confirmed → Fix Released
Revision history for this message
Marc Deslauriers (mdeslaur) wrote :

This vulnerability doesn't affect Apache 2.4, which is in saucy. Marking as invalid for saucy.

Changed in apache2 (Ubuntu Saucy):
status: Confirmed → Invalid
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.