QID 198516
Date Published: 2021-09-30
QID 198516: Ubuntu Security Notification for Apache Hypertext Transfer Protocol (HTTP) Server Vulnerabilities (USN-5090-1)
The apache http server http/2 module incorrectly handled certain crafted methods.
The apache http server incorrectly handled certain malformed requests.
The apache mod_proxy_uwsgi module incorrectly handled certain request uri-paths.
The apache http server incorrectly handled escaping quotes.
The apache mod_proxy module incorrectly handled certain request uri-paths.
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
a remote attacker could possibly use this issue to perform request splitting or cache poisoning attacks. (
Cve-2021-33193).
A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service.
(cve-2021-34798).
A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service.
this issue only affected ubuntu 20.04 lts and ubuntu 21.04.
(cve-2021-36160).
If the server was configured with third-party modules, a remote attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code. (
Cve-2021-39275).
A remote attacker could possibly use this issue to cause the server to forward requests to arbitrary origin servers.
(cve-2021-40438).
- USN-5090-1 -
ubuntu.com/security/notices/USN-5090-1
CVEs related to QID 198516
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| USN-5090-1 | Ubuntu Linux |
ubuntu.com/security/notices/USN-5090-1 |