Test ID:	1.3.6.1.4.1.25623.1.1.12.2023.5839.1
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-5839-1)
Summary:	The remote host is missing an update for the 'apache2' package(s) announced via the USN-5839-1 advisory.
Description:	Summary: The remote host is missing an update for the 'apache2' package(s) announced via the USN-5839-1 advisory. Vulnerability Insight: It was discovered that the Apache HTTP Server mod_dav module incorrectly handled certain If: request headers. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. (CVE-2006-20001) ZeddYu_Lu discovered that the Apache HTTP Server mod_proxy_ajp module incorrectly interpreted certain HTTP Requests. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. (CVE-2022-36760) Dimas Fariski Setyawan Putra discovered that the Apache HTTP Server mod_proxy module incorrectly truncated certain response headers. This may result in later headers not being interpreted by the client. (CVE-2022-37436) Affected Software/OS: 'apache2' package(s) on Ubuntu 18.04, Ubuntu 20.04, Ubuntu 22.04, Ubuntu 22.10. Solution: Please install the updated package(s). CVSS Score: 7.6 CVSS Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-20001 https://security.gentoo.org/glsa/202309-01 https://httpd.apache.org/security/vulnerabilities_24.html Common Vulnerability Exposure (CVE) ID: CVE-2022-36760 Common Vulnerability Exposure (CVE) ID: CVE-2022-37436
Copyright	Copyright (C) 2023 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.