Ubuntu 5942-2: Apache HTTP Server vulnerability | LinuxSecurity.com

What Are You Looking For?

Popular Tags

Sign Up
==========================================================================
Ubuntu Security Notice USN-5942-2
March 22, 2023

apache2 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 ESM

Summary:

Apache HTTP Server could allow unintended access to network services.

Software Description:
- apache2: Apache HTTP server

Details:

USN-5942-1 fixed vulnerabilities in Apache HTTP Server. This update
provides the corresponding update for CVE-2023-25690 for Ubuntu 16.04 ESM.

Original advisory details:

  Lars Krapf discovered that the Apache HTTP Server mod_proxy module
  incorrectly handled certain configurations. A remote attacker could
  possibly use this issue to perform an HTTP Request Smuggling attack.
  (CVE-2023-25690)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 ESM:
   apache2                         2.4.18-2ubuntu3.17+esm10

In general, a standard system update will make all the necessary changes.

References:
   https://ubuntu.com/security/notices/USN-5942-2
   https://ubuntu.com/security/notices/USN-5942-1
   CVE-2023-25690

Ubuntu 5942-2: Apache HTTP Server vulnerability

March 22, 2023
Apache HTTP Server could allow unintended access to network services.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 ESM Summary: Apache HTTP Server could allow unintended access to network services. Software Description: - apache2: Apache HTTP server Details: USN-5942-1 fixed vulnerabilities in Apache HTTP Server. This update provides the corresponding update for CVE-2023-25690 for Ubuntu 16.04 ESM. Original advisory details: Lars Krapf discovered that the Apache HTTP Server mod_proxy module incorrectly handled certain configurations. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. (CVE-2023-25690)

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 ESM: apache2 2.4.18-2ubuntu3.17+esm10 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5942-2

https://ubuntu.com/security/notices/USN-5942-1

CVE-2023-25690

Severity
Ubuntu Security Notice USN-5942-2

Package Information

Related News

The Tor Project’s New Privacy-Focused Browser Doesn’t Use the Tor Network

Trend Micro Uncovers Yet Another X.Org Server Vulnerability: CVE-2023-1393

5 Best free to use Linux Server distributions for 2023

Use Cockpit for Linux Remote Server Administration

News

Advisories

HOWTOs

Features

Linux Container Security Primer
Email Phishing Using Kali Linux
Is Linux A More Secure Option Than Windows For Businesses?
How Secure Is Linux?
How To Secure Against WordPress Vulnerabilities with Predictive Analysis Detection & Automated Remediation

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy