ESB-2018.1329 - [Ubuntu] apache2: Multiple vulnerabilities 2018-05-02

Printable version
PGP/GPG verifiable version

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2018.1329
                    Apache HTTP Server vulnerabilities
                                2 May 2018

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           apache2
Publisher:         Ubuntu
Operating System:  Ubuntu
Impact/Access:     Create Arbitrary Files         -- Remote/Unauthenticated
                   Denial of Service              -- Remote/Unauthenticated
                   Provide Misleading Information -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2018-1312 CVE-2018-1303 CVE-2018-1301
                   CVE-2018-1283 CVE-2017-15715 CVE-2017-15710

Reference:         ESB-2018.1230
                   ESB-2018.0845

Original Bulletin: 
   http://www.ubuntu.com/usn/usn-3627-2

- --------------------------BEGIN INCLUDED TEXT--------------------

Ubuntu Security Notice USN-3627-2
April 30, 2018

apache2 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

- - Ubuntu 18.04 LTS

Summary:

Several security issues were fixed in the Apache HTTP Server.

Software Description:
- - apache2: Apache HTTP server

Details:

USN-3627-1 fixed vulnerabilities in Apache HTTP Server. This update
provides the corresponding updates for Ubuntu 18.04 LTS.

Original advisory details:

 Alex Nichols and Jakob Hirsch discovered that the Apache HTTP Server
 mod_authnz_ldap module incorrectly handled missing charset encoding
 headers. A remote attacker could possibly use this issue to cause the
 server to crash, resulting in a denial of service. (CVE-2017-15710)
  
 Elar Lang discovered that the Apache HTTP Server incorrectly handled
 certain characters specified in <FilesMatch>. A remote attacker could
 possibly use this issue to upload certain files, contrary to expectations.
 (CVE-2017-15715)
 
 It was discovered that the Apache HTTP Server mod_session module
 incorrectly handled certain headers. A remote attacker could possibly use
 this issue to influence session data. (CVE-2018-1283)

 Robert Swiecki discovered that the Apache HTTP Server incorrectly handled
 certain requests. A remote attacker could possibly use this issue to cause
 the server to crash, leading to a denial of service. (CVE-2018-1301)
 
 Robert Swiecki discovered that the Apache HTTP Server mod_cache_socache
 module incorrectly handled certain headers. A remote attacker could
 possibly use this issue to cause the server to crash, leading to a denial
 of service. (CVE-2018-1303)

 Nicolas Daniels discovered that the Apache HTTP Server incorrectly
 generated the nonce when creating HTTP Digest authentication challenges.
 A remote attacker could possibly use this issue to replay HTTP requests
 across a cluster of servers. (CVE-2018-1312)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
  apache2-bin                     2.4.29-1ubuntu4.1

In general, a standard system update will make all the necessary changes.


References:
  https://usn.ubuntu.com/usn/usn-3627-2
  https://usn.ubuntu.com/usn/usn-3627-1
  CVE-2017-15710, CVE-2017-15715, CVE-2018-1283, CVE-2018-1301,
  CVE-2018-1303, CVE-2018-1312

Package Information:
  https://launchpad.net/ubuntu/+source/apache2/2.4.29-1ubuntu4.1

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWuku24x+lLeg9Ub1AQiOTA/+PbrKmr/3AOfgUEXVh3nCtvKMp6KqfE7N
M7TzOqLYQHwe0fRlOfMP5VD00RG2VNgaiyaHtUxM0hZgZsJafrfzAVWP1niTyze8
PcByF9tmTTFYh/CuR6Z87T2b3XlAyZywpgzB3d0d8b+Q67E+U/PH/ZE4r56sMH25
tcD+C3B5yNGyAYZMYczIMXZ5y+ASVnHMQEm3haF2tCJZZSbC/nNzGj+kyCGIT4Gg
SZrQndhxUMh8jQXaakzLGIWVu3vC3P+sJV2CS8WXDeG6A2gsprXYpqj4j/+I0Y7U
DrlQylsiQxlTCdhbPB/u5AnHN5Nnn9E6qYx3Nmjxpnm4/IltpnH09Mppsvz1GQSr
aPcjKvQELxmtwtqv8k6zXN5CJhV0PDiTM2pWE/V/td2QFIyN0fkfWSHDzT0p0gsB
dn8Meqphvzn5oZboM4cYAXgxbjwZJQBrsPRYp1VG6o/K+J/K8+iJ4TchWSSVeozK
QFosIrcyvJWP7BC4isJbxBwj5b+DB8uU2+ZSXg2me/ENr7CLlEK8uKbdQrZXoHzd
45FlJO9kcS8EgD2lBGe/Sgoc7xCnMX8jRODdUyqBGeZNQE2g0qOjXMRK96NVaez9
VDh8C7DXMKGwBV+fcnZb5Be4y0BT6WXI0pKaMLrCvVNHNwZq3+Oc/IqXhjYfyIUO
mCKXtxejiyA=
=zpQE
-----END PGP SIGNATURE-----

« Back to bulletins