[Bug 1875299] [NEW] Apache's mod_remoteip: IP address spoofing via X-Forwarded-For when mod_rewrite rule is triggered

Launchpad Bug Tracker Mon, 27 Apr 2020 17:40:10 -0700

*** This bug is a security vulnerability ***

You have been subscribed to a public security bug by Seth Arnold (seth-arnold):


There is a bug in mod_remoteip (a part of Apache Web Server): 
https://bz.apache.org/bugzilla/show_bug.cgi?id=60251
Although the status of this bug is "NEW", actually it was fixed in Apache 
2.4.24.
Although a CVE id was not requested yet, actually it is a vulnerability.

The fix was not backported to Ubuntu 16.04 (xenial).

Impact: if a victim uses Apache rewrite rules, then an attacker can
spoof his IP address for logs and PHP scripts.

ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: apache2 2.4.18-2ubuntu3.14
ProcVersionSignature: Ubuntu 4.4.0-22.40-generic 4.4.8
Uname: Linux 4.4.0-22-generic x86_64
Apache2ConfdDirListing: False
ApportVersion: 2.20.1-0ubuntu2.23
Architecture: amd64
Date: Mon Apr 27 13:17:43 2020
SourcePackage: apache2
UpgradeStatus: No upgrade log present (probably fresh install)
error.log:
 
modified.conffile..etc.apache2.apache2.conf: [modified]
modified.conffile..etc.apache2.mods-available.dir.conf: [modified]
modified.conffile..etc.apache2.mods-available.ssl.conf: [modified]
modified.conffile..etc.apache2.ports.conf: [modified]
modified.conffile..etc.apache2.sites-available.000-default.conf: [modified]
modified.conffile..etc.apache2.sites-available.default-ssl.conf: [modified]
mtime.conffile..etc.apache2.apache2.conf: 2020-04-23T15:45:48.416970
mtime.conffile..etc.apache2.mods-available.dir.conf: 2020-04-23T12:03:13.711062
mtime.conffile..etc.apache2.mods-available.ssl.conf: 2020-04-23T12:02:44.854484
mtime.conffile..etc.apache2.ports.conf: 2020-04-23T15:45:48.169037
mtime.conffile..etc.apache2.sites-available.000-default.conf: 
2020-04-23T15:45:48.197030
mtime.conffile..etc.apache2.sites-available.default-ssl.conf: 
2020-04-23T15:45:48.225022

** Affects: apache2 (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: amd64 apport-bug xenial
-- 
Apache's mod_remoteip: IP address spoofing via X-Forwarded-For when mod_rewrite 
rule is triggered
https://bugs.launchpad.net/bugs/1875299
You received this bug notification because you are a member of Ubuntu Bugs, 
which is subscribed to the bug report.

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1875299] [NEW] Apache's mod_remoteip: IP address spoofing via X-Forwarded-For when mod_rewrite rule is triggered

Reply via email to