Ubuntu Update For Apache2 USN-1903-1 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

It was discovered that the mod_rewrite module incorrectly sanitized non- printable characters before writing data to log files. A remote attacker could possibly use this flaw to execute arbitrary commands by injecting escape sequences in the log file. (CVE-2013-1862) It was discovered that the mod_dav module incorrectly handled certain MERGE requests. A remote attacker could use this issue to cause the server to stop responding, resulting in a denial of service. (CVE-2013-1896)

Affected

apache2 on Ubuntu 13.04 , Ubuntu 12.10 , Ubuntu 12.04 LTS , Ubuntu 10.04 LTS

Severity

Classification

CVE CVE-2013-1862, CVE-2013-1896

CVSS	Base Score: 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Ubuntu Update for curl USN-1801-1
Ubuntu Update for aptdaemon USN-1666-1
Ubuntu Update for bzip2 USN-1308-1
Ubuntu Update for clamav USN-1482-1
Ubuntu Update for colord USN-1289-1

Ubuntu Update for apache2 USN-1903-1

Take action and discover your vulnerabilities