[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2011-3368

Date: (C)2011-10-05   (M)2017-08-29
 
CVSS Score: 5.0Access Vector: NETWORK
Exploitability Subscore: 10.0Access Complexity: LOW
Impact Subscore: 2.9Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: NONE
 Availability: NONE











The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.

Reference:
SECTRACK-1026144
EXPLOIT-DB-17969
http://seclists.org/fulldisclosure/2011/Oct/232
http://seclists.org/fulldisclosure/2011/Oct/273
http://seclists.org/fulldisclosure/2015/Apr/5
SECUNIA-46288
SECUNIA-46414
SECUNIA-48551
BID-49957
OSVDB-76079
APPLE-SA-2012-09-19-2
HPSBOV02822
IAVM:2012-A-0017
IAVM:2012-A-0152
IAVM:2012-B-0056
MDVSA-2011:144
MDVSA-2013:150
RHSA-2011:1391
RHSA-2011:1392
SE49723
SE49724
SSRT100966
SUSE-SU-2011:1229
http://web.archiveorange.com/archive/v/ZyS0hzECD5zzb2NkvQlt
apache-modproxy-information-disclosure(70336)
http://kb.juniper.net/JSA10585
http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html
http://support.apple.com/kb/HT5501
http://svn.apache.org/viewvc?view=revision&revision=1179239
http://www.contextis.com/research/blog/reverseproxybypass/
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html
https://bugzilla.redhat.com/show_bug.cgi?id=740045
openSUSE-SU-2013:0243
openSUSE-SU-2013:0248

CPE    100
cpe:/a:apache:http_server:2.0.64
cpe:/a:apache:http_server:1.3.34
cpe:/a:apache:http_server:1.3.1.1
cpe:/a:apache:http_server:2.2.6
...
CWE    1
CWE-20
OVAL    18
oval:org.secpod.oval:def:103359
oval:org.secpod.oval:def:500713
oval:org.secpod.oval:def:301081
oval:org.secpod.oval:def:600726
...

© 2013 SecPod Technologies