Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> Ubuntu Local Security Checks >> USN120-1 : apache2 vulnerability

Vulnerability Assessment Details

USN120-1 : apache2 vulnerability
Vulnerability Assessment Summary
apache2 vulnerability

Detailed Explanation for this Vulnerability Assessment

Summary :

These remote packages are missing security patches :
- apache2
- apache2-common
- apache2-doc
- apache2-mpm-perchild
- apache2-mpm-prefork
- apache2-mpm-threadpool
- apache2-mpm-worker
- apache2-prefork-dev
- apache2-threaded-dev
- apache2-utils
- libapr0
- libapr0-dev


Description :

Luca Ercoli discovered that the "htdigest" program did not perform any
bounds checking when it copied the "user" and "realm" arguments into
local buffers. If this program is used in remotely callable CGI
scripts, this could be exploited by a remote attacker to execute
arbitrary code with the rights of the CGI script.

Solution :

Upgrade to :
- apache2-2.0.53-5ubuntu5.1 (Ubuntu 5.04)
- apache2-common-2.0.53-5ubuntu5.1 (Ubuntu 5.04)
- apache2-doc-2.0.53-5ubuntu5.1 (Ubuntu 5.04)
- apache2-mpm-perchild-2.0.53-5ubuntu5.1 (Ubuntu 5.04)
- apache2-mpm-prefork-2.0.53-5ubuntu5.1 (Ubuntu 5.04)
- apache2-mpm-threadpool-2.0.53-5ubuntu5.1 (Ubuntu 5.04)
- apache2-mpm-worker-2.0.53-5ubuntu5.1 (Ubuntu 5.04)
- apache2-prefork-dev-2.0.53-5ubuntu5.1 (Ubuntu 5.04)
- apache2-threaded-dev-2.0.53-5ubuntu5.1 (Ubuntu 5.04)
- apache2-utils-2.0.53-5ubuntu5.
[...]


Network Security Threat Level: High


Networks Security ID:

Vulnerability Assessment Copyright: Ubuntu Security Notice (C) 2005 Canonical, Inc. / NASL script (C) 2005 Michel Arboi
Cables, Connectors


Samsung Galaxy Tab A8 10.5

Samsung Galaxy Tab A8 10.5" SM-X200 128GB Wifi Only Tablet Open Box

$149.99


Case for Samsung Galaxy Tab A9+ 5G/A9 Plus 11

Case for Samsung Galaxy Tab A9+ 5G/A9 Plus 11"/A9 8.7"Shockproof Stand Full Body

$17.99


Samsung Galaxy Tab S6 Lite (2022) SM-P613 64GB, Wi-Fi, 10.4

Samsung Galaxy Tab S6 Lite (2022) SM-P613 64GB, Wi-Fi, 10.4" - Oxford Gray

$149.99


Genuine Samsung Book Cover Keyboard for 14.6

Genuine Samsung Book Cover Keyboard for 14.6" Galaxy Tab S8 Ultra | S8 Ultra 5G

$89.99


Samsung USB 3.1 Flash Drive Bar Plus 256gb TITAN Gray picture

Samsung USB 3.1 Flash Drive Bar Plus 256gb TITAN Gray

$24.10


Samsung Galaxy Tab A9 (X110) 64GB 4GB RAM International Version (New) picture

Samsung Galaxy Tab A9 (X110) 64GB 4GB RAM International Version (New)

$129.99


Samsung Galaxy 12.4 Inch Slim Keyboard For S7+ | S7 FE | S8+ | S8+ 5G EF-DT730 picture

Samsung Galaxy 12.4 Inch Slim Keyboard For S7+ | S7 FE | S8+ | S8+ 5G EF-DT730

$49.99


Samsung MZ-VLB1T0A MZVLB1T0HALR-000D1 02KXJH M.2 2280 1TB SSD picture

Samsung MZ-VLB1T0A MZVLB1T0HALR-000D1 02KXJH M.2 2280 1TB SSD

$40.00


Samsung Galaxy Tab A9+ 11.0

Samsung Galaxy Tab A9+ 11.0" 64GB Gray Wi-Fi Android Tablet

$160.00


Samsung 22 In LED-backlit LCD monitor, S22E450D picture

Samsung 22 In LED-backlit LCD monitor, S22E450D

$45.00


Discussions

No Discussions have been posted on this vulnerability.