Default /usr/share/doc serving should be removed (CVE-2012-0216)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apache2 (Ubuntu) |
Triaged
|
Low
|
Unassigned |
Bug Description
CVE-2012-0216 reports an issue with the default Apache config serving a copy of /usr/share/doc:
"Niels Heinen noticed a security issue with the default Apache configuration on Debian if certain scripting modules like mod_php or mod_rivet are installed. The problem arises because the directory /usr/share/doc, which is mapped to the URL /doc, may contain example scripts that can be executed by requests to this URL. Although access to the URL /doc is restricted to connections from localhost, this still creates security issues in two specific configurations:
* if some front-end server on the same host forwards connections to an apache2 backend server on the localhost address, or
* if the machine running apache2 is also used for web browsing."
Debian recently removed this from the default config. See http://
Ubuntu Lucid and Precise still have this default config and should be fixed.
This CVE is being tracked in the Ubuntu CVE tracker:
http:// people. ubuntu. com/~ubuntu- security/ cve/CVE- 2012-0216