Apache HTTP Server vulnerabilities

2014-07-23T00:00:00
ID USN-2299-1
Type ubuntu
Reporter Ubuntu
Modified 2014-07-23T00:00:00

Description

Marek Kroemeke discovered that the mod_proxy module incorrectly handled certain requests. A remote attacker could use this issue to cause the server to stop responding, leading to a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-0117)

Giancarlo Pellegrino and Davide Balzarotti discovered that the mod_deflate module incorrectly handled body decompression. A remote attacker could use this issue to cause resource consumption, leading to a denial of service. (CVE-2014-0118)

Marek Kroemeke and others discovered that the mod_status module incorrectly handled certain requests. A remote attacker could use this issue to cause the server to stop responding, leading to a denial of service, or possibly execute arbitrary code. (CVE-2014-0226)

Rainer Jung discovered that the mod_cgid module incorrectly handled certain scripts. A remote attacker could use this issue to cause the server to stop responding, leading to a denial of service. (CVE-2014-0231)