Malware Devil

Tuesday, June 22, 2021

ESB-2021.2196 – [Ubuntu] Apache HTTP Server: Multiple vulnerabilities

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

===========================================================================
AUSCERT External Security Bulletin Redistribution

ESB-2021.2196
USN-4994-1: Apache HTTP Server vulnerabilities
22 June 2021

===========================================================================

AusCERT Security Bulletin Summary
———————————

Product: Apache HTTP Server
Publisher: Ubuntu
Operating System: Ubuntu
Impact/Access: Execute Arbitrary Code/Commands — Remote/Unauthenticated
Denial of Service — Remote/Unauthenticated
Access Confidential Data — Remote/Unauthenticated
Reduced Security — Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2021-30641 CVE-2021-26691 CVE-2021-26690
CVE-2020-35452 CVE-2020-13950

Reference: ESB-2021.2153
ESB-2021.2097

Original Bulletin:
https://ubuntu.com/security/notices/USN-4994-1
https://ubuntu.com/security/notices/USN-4994-2

Comment: This bulletin contains two (2) Ubuntu security advisories.

– ————————–BEGIN INCLUDED TEXT——————–

USN-4994-1: Apache HTTP Server vulnerabilities
21 June 2021

Several security issues were fixed in Apache HTTP Server.
Releases

o Ubuntu 21.04
o Ubuntu 20.10
o Ubuntu 20.04 LTS
o Ubuntu 18.04 LTS

Packages

o apache2 – Apache HTTP server

Details

Marc Stern discovered that the Apache mod_proxy_http module incorrectly
handled certain requests. A remote attacker could possibly use this issue
to cause Apache to crash, resulting in a denial of service. This issue only
affected Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. ( CVE-2020-13950 )

Antonio Morales discovered that the Apache mod_auth_digest module
incorrectly handled certain Digest nonces. A remote attacker could possibly
use this issue to cause Apache to crash, resulting in a denial of service.
( CVE-2020-35452 )

Antonio Morales discovered that the Apache mod_session module incorrectly
handled certain Cookie headers. A remote attacker could possibly use this
issue to cause Apache to crash, resulting in a denial of service.
( CVE-2021-26690 )

Christophe Jaillet discovered that the Apache mod_session module
incorrectly handled certain SessionHeader values. A remote attacker could
use this issue to cause Apache to crash, resulting in a denial of service,
or possibly execute arbitrary code. ( CVE-2021-26691 )

Christoph Anton Mitterer discovered that the new MergeSlashes configuration
option resulted in unexpected behaviour in certain situations.
( CVE-2021-30641 )

Update instructions

The problem can be corrected by updating your system to the following package
versions:

Ubuntu 21.04

o apache2 – 2.4.46-4ubuntu1.1
o apache2-bin – 2.4.46-4ubuntu1.1

Ubuntu 20.10

o apache2 – 2.4.46-1ubuntu1.2
o apache2-bin – 2.4.46-1ubuntu1.2

Ubuntu 20.04

o apache2 – 2.4.41-4ubuntu3.3
o apache2-bin – 2.4.41-4ubuntu3.3

Ubuntu 18.04

o apache2 – 2.4.29-1ubuntu4.16
o apache2-bin – 2.4.29-1ubuntu4.16

In general, a standard system update will make all the necessary changes.

References

o CVE-2021-26691
o CVE-2021-26690
o CVE-2020-35452
o CVE-2021-30641
o CVE-2020-13950

Related notices

o USN-4994-2 : apache2-utils, apache2-mpm-itk, apache2-mpm-prefork,
apache2-dev, apache2-data, apache2-suexec-pristine, apache2-mpm-worker,
apache2.2-bin, libapache2-mod-proxy-html, apache2-suexec-custom,
libapache2-mod-macro, apache2-doc, apache2-bin, apache2-suexec, apache2,
apache2-mpm-event

– ——————————————————————————

USN-4994-2: Apache HTTP Server vulnerabilities
21 June 2021

Several security issues were fixed in Apache HTTP Server.
Releases

o Ubuntu 16.04 ESM
o Ubuntu 14.04 ESM

Packages

o apache2 – Apache HTTP server

Details

USN-4994-1 fixed several vulnerabilities in Apache. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.

Original advisory details:

Antonio Morales discovered that the Apache mod_auth_digest module
incorrectly handled certain Digest nonces. A remote attacker could possibly
use this issue to cause Apache to crash, resulting in a denial of service.
( CVE-2020-35452 )

Antonio Morales discovered that the Apache mod_session module incorrectly
handled certain Cookie headers. A remote attacker could possibly use this
issue to cause Apache to crash, resulting in a denial of service.
( CVE-2021-26690 )

Christophe Jaillet discovered that the Apache mod_session module
incorrectly handled certain SessionHeader values. A remote attacker could
use this issue to cause Apache to crash, resulting in a denial of service,
or possibly execute arbitrary code. ( CVE-2021-26691 )

Christoph Anton Mitterer discovered that the new MergeSlashes configuration
option resulted in unexpected behaviour in certain situations.
( CVE-2021-30641 )

Update instructions

The problem can be corrected by updating your system to the following package
versions:

Ubuntu 16.04

o apache2 – 2.4.18-2ubuntu3.17+esm1
Available with UA Infra or UA Desktop
o apache2-bin – 2.4.18-2ubuntu3.17+esm1
Available with UA Infra or UA Desktop

Ubuntu 14.04

o apache2 – 2.4.7-1ubuntu4.22+esm1
Available with UA Infra or UA Desktop
o apache2-bin – 2.4.7-1ubuntu4.22+esm1
Available with UA Infra or UA Desktop

In general, a standard system update will make all the necessary changes.

References

o CVE-2021-26691
o CVE-2020-35452
o CVE-2021-30641
o CVE-2021-26690

Related notices

o USN-4994-1 : apache2-utils, apache2-dev, apache2-data,
apache2-suexec-pristine, libapache2-mod-md, apache2-suexec-custom,
libapache2-mod-proxy-uwsgi, apache2-doc, apache2-bin, apache2,
apache2-ssl-dev

– ————————–END INCLUDED TEXT——————–

You have received this e-mail bulletin as a result of your organisation’s
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT’s members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation’s
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author’s website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
—–BEGIN PGP SIGNATURE—–
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBYNEtXuNLKJtyKPYoAQg5LxAAn4JfF0C00aloNJ+AdTzijOshsx1XUioT
BZqqozPrw0fhoa2IG6X1meEre8wpmsBJ2dKZSh5xr/oHgfNTyuNX//wg9JBWJieC
3cHQxCzkjIJF6p6WIn8xU/Wl6BPdV6RoYW2YGlkMqNjb+Kn2igobRiXLXGEMn5Pj
PVoG64vIGxGD2tWTPh/atbaXy4v+IfcpBtsozOukPiE6VNBwED2MWWAZ5HJ7TC0c
3tXFAkwjWDsfDbSIiZGemtlP2P/AiYA2viP8Z4Vn4De2XhoJx1TV3/U0dRLq4Wfq
GB9p5bG0yG7vRws1l0xdSi9JIUYs2wU2YCiZNNCl10VJGP7LGdnj2C6ZN2OMGcm7
8MOl2yMfFADPKufV0Trk9WdMj8WmKE2RIXcXKsP3YpKCk/FeK4+GeOWaW7/Kgo8O
k1e2pOXOUqU3AOwUZpbJkPqb7RkGR5ipJJaqApQpk5qttM9aGh7sT3VcE3WxsCBa
7a1VZ4RYLE6ZMUzUOXtjOMHar9KXgYJ40WB2EWFOkxiBL1bJs0haLnYeBfGIfEbC
oYgZyeZPc80Evat+R6h3tTVO2XrK8ezJhkRnKkPDTALvOrQRTh/CND6PflDzB5XA
GCY54iqpA02ocg60dGGJIoucJrPX0lNH7yauBj/CMqXtKI472iYB40UBickMfAGv
HYrFxpvtoDk=
=bGsf
—–END PGP SIGNATURE—–

Read More

The post ESB-2021.2196 – [Ubuntu] Apache HTTP Server: Multiple vulnerabilities appeared first on Malware Devil.



https://malwaredevil.com/2021/06/22/esb-2021-2196-ubuntu-apache-http-server-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-2196-ubuntu-apache-http-server-multiple-vulnerabilities

No comments:

Post a Comment

Barbary Pirates and Russian Cybercrime

In 1801, the United States had a small Navy. Thomas Jefferson deployed almost half that Navy—three frigates and a schooner—to the Barbary C...