Apache HTTP Server Exploits Fixed in Ubuntu 13.04

A few other Ubuntu OSes have been affected by the problem

On July 15, Canonical published details about Apache HTTP Server vulnerabilities for its Ubuntu 13.04, Ubuntu 12.10, Ubuntu 12.04 LTS, and Ubuntu 10.04 LTS operating systems.

According to Canonical, several security issues were fixed in the Apache HTTP Server.

It has been that the mod_rewrite module incorrectly sanitized non-printable characters before writing data to log files. A remote attacker could have possibly used this flaw to execute arbitrary commands by injecting escape sequences in the log file.

For a more detailed description of the security problems, you can visit Canonical's security notification.

Users can simply fix the security flaws by upgrading the operating systems to the latest apache2.2-common package, specific to each distribution.

A normal system update, executed with the Update Manager, will implement all the necessary changes. A complete restart is necessary.

Hot right now  ·  Latest news