Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2019.1150.2 USN-3937-1: Apache HTTP Server vulnerabilities 11 April 2019 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: apache Publisher: Ubuntu Operating System: Ubuntu Impact/Access: Root Compromise -- Existing Account Access Privileged Data -- Remote/Unauthenticated Denial of Service -- Remote/Unauthenticated Unauthorised Access -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2019-0220 CVE-2019-0217 CVE-2019-0211 CVE-2019-0196 CVE-2018-17199 CVE-2018-17189 CVE-2018-1312 CVE-2018-1301 CVE-2017-15710 Reference: ESB-2019.1129 Original Bulletin: https://usn.ubuntu.com/3937-1/ https://usn.ubuntu.com/3937-2/ Comment: This bulletin contains two (2) Ubuntu security advisories. Revision History: April 11 2019: This update provides the corresponding update for Ubuntu 12.04 ESM. April 5 2019: Initial Release - --------------------------BEGIN INCLUDED TEXT-------------------- USN-3937-1: Apache HTTP Server vulnerabilities 4 April 2019 apache2 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: o Ubuntu 18.10 o Ubuntu 18.04 LTS o Ubuntu 16.04 LTS o Ubuntu 14.04 LTS Summary Several security issues were fixed in the Apache HTTP Server. Software Description o apache2 - Apache HTTP server Details Charles Fol discovered that the Apache HTTP Server incorrectly handled the scoreboard shared memory area. A remote attacker able to upload and run scripts could possibly use this issue to execute arbitrary code with root privileges. (CVE-2019-0211) It was discovered that the Apache HTTP Server HTTP/2 module incorrectly handled certain requests. A remote attacker could possibly use this issue to cause the server to consume resources, leading to a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-17189) It was discovered that the Apache HTTP Server incorrectly handled session expiry times. When used with mod_session_cookie, this may result in the session expiry time to be ignored, contrary to expectations. (CVE-2018-17199) Craig Young discovered that the Apache HTTP Server HTTP/2 module incorrectly handled certain requests. A remote attacker could possibly use this issue to cause the server to process requests incorrectly. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2019-0196) Simon Kappel discovered that the Apache HTTP Server mod_auth_digest module incorrectly handled threads. A remote attacker with valid credentials could possibly use this issue to authenticate using another username, bypassing access control restrictions. (CVE-2019-0217) Bernhard Lorenz discovered that the Apache HTTP Server was inconsistent when processing requests containing multiple consecutive slashes. This could lead to directives such as LocationMatch and RewriteRule to perform contrary to expectations. (CVE-2019-0220) Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10 apache2-bin - 2.4.34-1ubuntu2.1 Ubuntu 18.04 LTS apache2-bin - 2.4.29-1ubuntu4.6 Ubuntu 16.04 LTS apache2-bin - 2.4.18-2ubuntu3.10 Ubuntu 14.04 LTS apache2-bin - 2.4.7-1ubuntu4.22 To update your system, please follow these instructions: https:// wiki.ubuntu.com/Security/Upgrades . In general, a standard system update will make all the necessary changes. References o CVE-2018-17189 o CVE-2018-17199 o CVE-2019-0196 o CVE-2019-0211 o CVE-2019-0217 o CVE-2019-0220 ================================================================================ ========================================================================== Ubuntu Security Notice USN-3937-2 April 10, 2019 apache2 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - - Ubuntu 12.04 ESM Summary: Several security issues were fixed in Apache. Software Description: - - apache2: Apache HTTP server Details: USN-3937-1 and USN-3627-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details:  Simon Kappel discovered that the Apache HTTP Server mod_auth_digest  module incorrectly handled threads. A remote attacker with valid  credentials could possibly use this issue to authenticate using  another username, bypassing access control restrictions.   (CVE-2019-0217)  Alex Nichols and Jakob Hirsch discovered that the Apache HTTP Server  mod_authnz_ldap module incorrectly handled missing charset encoding  headers. A remote attacker could possibly use this issue to cause the  server to crash, resulting in a denial of service. (CVE-2017-15710)  Robert Swiecki discovered that the Apache HTTP Server incorrectly  handled certain requests. A remote attacker could possibly use this  issue to cause the server to crash, leading to a denial of service.  (CVE-2018-1301)  Nicolas Daniels discovered that the Apache HTTP Server incorrectly  generated the nonce when creating HTTP Digest authentication  challenges. A remote attacker could possibly use this issue to replay  HTTP requests across a cluster of servers.  (CVE-2018-1312) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 ESM:  apache2.2-bin                    2.2.22-1ubuntu1.15 In general, a standard system update will make all the necessary changes. References:  https://usn.ubuntu.com/usn/usn-3937-2  https://usn.ubuntu.com/usn/usn-3937-1  CVE-2017-15710, CVE-2018-1301, CVE-2018-1312, CVE-2019-0217 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXK6tXmaOgq3Tt24GAQgVshAA1aEFoTth/JzHxquDQCQFaxIcqOuBzhA6 l2VmNpaJfPGWqphiQNGCmOmR1BGi0u14Xgqu1qSk2KWILJHhIhUjRZNFh9KNwhVr 1+RRFTsX26kpPjngAfzTj3Nyqk3bOPeuHzYTiN9FZyAy7YgcbkseuYJtJayTez24 EwUPFCF77C8IFHBYJwjzlq1Bn7FK5kGN9VvxwcDzdEpoOzuUPvZRo3xepi0HYnZW Xku8Vvx87tdwNSKuADwLhMN8DFpXdCTvqpbd81CYffLU2f82u9RXkP3sbRwoSdq3 ZPYu3MVUq9MoTf4SdSq4xr8HZsQ5V2sxlt3XQbIQ3MdLyAgO6IUgOAaNZv7kHrsy zjxPLE/w+9F9KZ05SVk9wdzLVI1u+fsxZI7vwDzHujq4G/+bPfwhMla7e4N5t9gd MNuQqgbY6acIlkpAUKBHwy3f9zY5GR3fkE4u13gHE5ppCti+eKWgJothCZp2+Hbw OWLHQFA7yX+Txa+qfYCmAgHiK1Oo1sYShDSoZx1ObJkwXOr+hK5xBSPtGD7ICYo+ twYS0DOuF1tzB6nypqIY6ChoTvvOEnrlBlTKSboya6CFOVBZPLRtFHh1id4VVEbJ zwu55CsNvy08lupJpTNvtqMbdxD7Z/iAVPdMdcFvKw/9cCpnVVTxX7QollzfcNHD IAdioOARstM= =EBFM -----END PGP SIGNATURE-----