SB2018032938 - Fedora 26 update for httpd
Published: March 29, 2018 Updated: April 24, 2025
Security Bulletin ID
SB2018032938
Severity
Medium
Patch available
YES
Number of vulnerabilities
6
Exploitation vector
Remote access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 6 secuirty vulnerabilities.
1) Out-of-bounds read (CVE-ID: CVE-2018-1303)
The vulnerability allows a remote attacker to cause DoS condition on the target system.The weakness exists in Apache HTTPD mod_cache_socache due to improper validation of user-supplied input. A remote attacker can send a specially crafted HTTP request header, trigger an out-of-bounds memory read error in mod_cache_socache and cause the target service to crash.
2) Out-of-bounds read (CVE-ID: CVE-2018-1301)
The vulnerability allows a remote attacker to cause DoS condition on the target system.The weakness exists due to improper validation of user-supplied input. A remote attacker can send a specially crafted HTTP request to trigger an out-of-bounds memory access error after a header size limit has been reached to cause the target service to crash.
3) Security restrictions bypass (CVE-ID: CVE-2018-1312)
The vulnerability allows a remote attacker to bypass security restrictions on the target system.The weakness exists in Apache HTTPD mod_auth_digest due to improper generation of HTTP Digest authentication nonce. A remote attacker can replay HTTP requests across the cluster without detection by the target server(s) and bypass replay protection.
4) Security restrictions bypass (CVE-ID: CVE-2017-15715)
The vulnerability allows a remote attacker to bypass security restrictions on the target system.The weakness exists on systems that allow uploading of user-specified filenames due to the '<FilesMatch>' expression may not correctly match characters in a filename. A remote attacker can supply a specially crafted filename to potentially bypass security controls that use the '<FilesMatch>' directive.
5) Out-of-bounds write (CVE-ID: CVE-2017-15710)
The vulnerability allows a remote attacker to cause DoS condition on the target system.The weakness exists in HTTPD mod_authnz_ldap due to improper validation of user-supplied input. A remote attacker can send a specially crafted Accept-Language header value, trigger an out-of-bounds memory write error and potentially cause the target service to crash.
6) Improper access control (CVE-ID: CVE-2018-1283)
The vulnerability allows a remote attacker to modify data on the target system.The weakness exists on systems with mod_session configured with SessionEnv on to forward session data to CGI applications due to improper input validation. A remote attacker can send a specially crafted 'Session' header value to potentially modify mod_session data.
Remediation
Install update from vendor's website.