Alerts This Week
Warning Icon 1 666
Alerts This Week
Warning Icon 1 666

Ubuntu 12.04 ESM: USN-3425-2 Critical: Apache Server Information Exposure

Calendar Oct 24, 2017 User Avatar LinuxSecurity Advisories
1 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory update apache Ubuntu information exposure sensitive data optionsbleed
Apache HTTP Server could be made to expose sensitive information over the network. 
=========================================================================Ubuntu Security Notice USN-3425-2
October 24, 2017

apache2 vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 ESM

Summary:

Apache HTTP Server could be made to expose sensitive information over
the network.

Software Description:
- apache2: Apache HTTP server

Details:

USN-3425-1 fixed a vulnerability in Apache HTTP Server. This update
provides the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

 Hanno Böck discovered that the Apache HTTP Server incorrectly handled
 Limit directives in .htaccess files. In certain configurations, a
 remote attacker could possibly use this issue to read arbitrary server
 memory, including sensitive information. This issue is known as
 Optionsbleed.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 ESM:
  apache2.2-bin                   2.2.22-1ubuntu1.14

In general, a standard system update will make all the necessary
changes.

References:
  https://ubuntu.com/security/notices/USN-3425-2
  https://ubuntu.com/security/notices/USN-3425-1
  CVE-2017-9798

Ubuntu 12.04 ESM: USN-3425-2 Critical: Apache Server Information Exposure

ubuntu
Calendar Grey October 24, 2017
Dist Ubuntu Esm H88
Recent Apache HTTP Server updates mitigate risks related to sensitive data exposure in Ubuntu 12.04 ESM. Explore further for comprehensive security insights.
Apache HTTP Server could be made to expose sensitive information over the network.

Summary

Topics%20covered

Topics Covered

security advisory update apache Ubuntu information exposure sensitive data optionsbleed

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 ESM:   apache2.2-bin                   2.2.22-1ubuntu1.14 In general, a standard system update will make all the necessary changes.

References

  https://ubuntu.com/security/notices/USN-3425-2

  https://ubuntu.com/security/notices/USN-3425-1

  CVE-2017-9798

Severity
critical
Lowest
Low
Medium
High
Critical

October 24, 2017

Topics%20covered

Topics Covered

security advisory update apache Ubuntu information exposure sensitive data optionsbleed

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here