Default /usr/share/doc serving should be removed (CVE-2012-0216)
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| apache2 (Ubuntu) |
Triaged
|
Low
|
Unassigned | ||
Bug Description
CVE-2012-0216 reports an issue with the default Apache config serving a copy of /usr/share/doc:
"Niels Heinen noticed a security issue with the default Apache configuration on Debian if certain scripting modules like mod_php or mod_rivet are installed. The problem arises because the directory /usr/share/doc, which is mapped to the URL /doc, may contain example scripts that can be executed by requests to this URL. Although access to the URL /doc is restricted to connections from localhost, this still creates security issues in two specific configurations:
* if some front-end server on the same host forwards connections to an apache2 backend server on the localhost address, or
* if the machine running apache2 is also used for web browsing."
Debian recently removed this from the default config. See http://
Ubuntu Lucid and Precise still have this default config and should be fixed.
CVE References
| Tyler Hicks (tyhicks) wrote | #1 |
| Changed in apache2 (Ubuntu): | |
| importance: | Undecided → Low |
| status: | New → Triaged |
| visibility: | private → public |
This CVE is being tracked in the Ubuntu CVE tracker:
http://