[apache2] Multiple vulnerabilities possibly resulting in a Denial of Service or the disclosure of sensitive information

Bug #163828 reported by disabled.user on 2007-11-19
256
Affects Status Importance Assigned to Milestone
apache2 (Ubuntu)
Undecided
Unassigned

Bug Description

Binary package hint: apache2

References:
[1] http://www.gentoo.org/security/en/glsa/glsa-200711-06.xml
[2] SUSE-SA:2007:061

Quoting [1]:
"Multiple cross-site scripting vulnerabilities have been discovered in mod_status and mod_autoindex (CVE-2006-5752, CVE-2007-4465). An error has been discovered in the recall_headers() function in mod_mem_cache (CVE-2007-1862). The mod_cache module does not properly sanitize requests before processing them (CVE-2007-1863). The Prefork module does not properly check PID values before sending signals (CVE-2007-3304). The mod_proxy module does not correctly check headers before processing them (CVE-2007-3847).
[...]
A remote attacker could exploit one of these vulnerabilities to inject arbitrary script or HTML content, obtain sensitive information or cause a Denial of Service."

Jamie Strandboge (jdstrand) wrote :

The following CVEs are fixed (or Ubuntu isn't affected):
CVE-2006-5752
CVE-2007-1862
CVE-2007-1863
CVE-2007-3304

Removed the afore mentioned CVEs (they have been fixed in USN-499-1), and added CVEs from
MDVSA-2008:015 (http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:015) and
MDVSA-2008:016 (http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:016).

Apache 1.3.x is also affected:
MDVSA-2008:014 (http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:014)

Mathias Gug (mathiaz) wrote :

All the referenced CVE's have been fixed in Debian unstable. Marking Fix Commited for hardy as apache2 should be synced soon (see LP: #186856).

Changed in apache2:
status: New → Fix Committed
Jamie Strandboge (jdstrand) wrote :
Changed in apache2:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers