what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

CVE-2011-4317

Status Candidate

Overview

The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an @ (at sign) character and a : (colon) character in invalid positions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.

Related Files

HP Security Bulletin HPSBMU02786 SSRT100877 2
Posted May 9, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02786 SSRT100877 2 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux, Windows, and VMware ESX. The vulnerabilities could be exploited remotely resulting in unauthorized access, disclosure of information, data modification, Denial of Service (DoS), and execution of arbitrary code. Revision 2 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, windows
advisories | CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-3379, CVE-2011-3607, CVE-2011-4078, CVE-2011-4108, CVE-2011-4153, CVE-2011-4317, CVE-2011-4415, CVE-2011-4576, CVE-2011-4577, CVE-2011-4619, CVE-2011-4885, CVE-2012-0021, CVE-2012-0027, CVE-2012-0031, CVE-2012-0036, CVE-2012-0053, CVE-2012-0057, CVE-2012-0830, CVE-2012-1165, CVE-2012-1823, CVE-2012-2012, CVE-2012-2013, CVE-2012-2014, CVE-2012-2015, CVE-2012-2016
SHA-256 | 5dbefc2f5ce267adce1e15986e02edbb8a3cd8b62ebf6a7c096957f60f594794
HP Security Bulletin HPSBOV02822 SSRT100966
Posted Oct 10, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV02822 SSRT100966 - Potential vulnerabilities have been identified with HP Secure Web Server (SWS) for OpenVMS. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, or unauthorized disclosure of information. Revision 1 of this advisory.

tags | advisory, web, denial of service, vulnerability
advisories | CVE-2011-0419, CVE-2011-1928, CVE-2011-3192, CVE-2011-3368, CVE-2011-3607, CVE-2011-4317, CVE-2012-0031
SHA-256 | 21c104d295b4ae2e63eb3ca4f8927d747e86151bd3754aa34134f75312b342b7
Apple Security Advisory 2012-09-19-2
Posted Sep 22, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-09-19-2 - OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and Security Update 2012-004 are now available and address Apache, BIND, CoreText, Data Security, and many other vulnerabilities.

tags | advisory, vulnerability
systems | apple, osx
advisories | CVE-2011-3026, CVE-2011-3048, CVE-2011-3368, CVE-2011-3389, CVE-2011-3607, CVE-2011-4313, CVE-2011-4317, CVE-2011-4599, CVE-2012-0021, CVE-2012-0031, CVE-2012-0053, CVE-2012-0643, CVE-2012-0650, CVE-2012-0652, CVE-2012-0668, CVE-2012-0670, CVE-2012-0671, CVE-2012-0831, CVE-2012-1172, CVE-2012-1173, CVE-2012-1667, CVE-2012-1823, CVE-2012-2143, CVE-2012-2311, CVE-2012-2386, CVE-2012-2688, CVE-2012-3716, CVE-2012-3718
SHA-256 | 40b0db811b217e85fb6806b53d13edb126d8f6537576e1fb80a6d9e6c2266a62
HP Security Bulletin HPSBMU02786 SSRT100877
Posted Jun 28, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02786 SSRT100877 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely resulting in unauthorized access, disclosure of information, data modification, Denial of Service (DoS), and execution of arbitrary code. Revision 1 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, windows
advisories | CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-3379, CVE-2011-3607, CVE-2011-4078, CVE-2011-4108, CVE-2011-4153, CVE-2011-4317, CVE-2011-4415, CVE-2011-4576, CVE-2011-4577, CVE-2011-4619, CVE-2011-4885, CVE-2012-0021, CVE-2012-0027, CVE-2012-0031, CVE-2012-0036, CVE-2012-0053, CVE-2012-0057, CVE-2012-0830, CVE-2012-1165, CVE-2012-1823, CVE-2012-2012, CVE-2012-2013, CVE-2012-2014, CVE-2012-2015, CVE-2012-2016
SHA-256 | 856251204fbecc5944b74b48232e96b353c5844f102f2b4ea9de3e11e27b5a7d
Gentoo Linux Security Advisory 201206-25
Posted Jun 24, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201206-25 - Multiple vulnerabilities were found in Apache HTTP Server. Versions less than 2.2.22-r1 are affected.

tags | advisory, web, vulnerability
systems | linux, gentoo
advisories | CVE-2010-0408, CVE-2010-0434, CVE-2010-1452, CVE-2010-2791, CVE-2011-3192, CVE-2011-3348, CVE-2011-3368, CVE-2011-3607, CVE-2011-4317, CVE-2012-0021, CVE-2012-0031, CVE-2012-0053, CVE-2012-0883
SHA-256 | 384b2487f5f9cd58a858736f481966a3ddea24b706867ab02a3f57c4c6800e0f
HP Security Bulletin HPSBMU02748 SSRT100772
Posted Mar 29, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02748 SSRT100772 - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM) running Apache HTTP Server. The vulnerabilities could be exploited remotely resulting in unauthorized disclosure of information, unauthorized modification, or Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, web, denial of service, vulnerability
advisories | CVE-2011-3368, CVE-2011-3607, CVE-2011-4317, CVE-2012-0021, CVE-2012-0031, CVE-2012-0053
SHA-256 | 7fae2700afe344be38de57d49ac19bea29b89131596241416dbf472e479b30dc
Ubuntu Security Notice USN-1368-1
Posted Feb 17, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1368-1 - It was discovered that the Apache HTTP Server incorrectly handled the SetEnvIf .htaccess file directive. An attacker having write access to a .htaccess file may exploit this to possibly execute arbitrary code. Prutha Parikh discovered that the mod_proxy module did not properly interact with the RewriteRule and ProxyPassMatch pattern matches in the configuration of a reverse proxy. This could allow remote attackers to contact internal webservers behind the proxy that were not intended for external exposure. Various other issues were also addressed.

tags | advisory, remote, web, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-3607, CVE-2011-4317, CVE-2012-0021, CVE-2012-0031, CVE-2012-0053, CVE-2011-3607, CVE-2011-4317, CVE-2012-0021, CVE-2012-0031, CVE-2012-0053
SHA-256 | fa8c135df3525e7c504b7b8471eb4ffb02bbcb4cef2d2668c2621785aaf45c6c
Red Hat Security Advisory 2012-0128-01
Posted Feb 13, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0128-01 - The Apache HTTP Server is a popular web server. It was discovered that the fix for CVE-2011-3368 did not completely address the problem. An attacker could bypass the fix and make a reverse proxy connect to an arbitrary server not directly accessible to the attacker by sending an HTTP version 0.9 request, or by using a specially-crafted URI. The httpd server included the full HTTP header line in the default error page generated when receiving an excessively long or malformed header. Malicious JavaScript running in the server's domain context could use this flaw to gain access to httpOnly cookies.

tags | advisory, web, arbitrary, javascript
systems | linux, redhat
advisories | CVE-2011-3607, CVE-2011-3639, CVE-2011-4317, CVE-2012-0031, CVE-2012-0053
SHA-256 | 47e04bdea922f45dbb611a67d0f33763ce878e42f56c0cde78a5dc761c2218f2
Slackware Security Advisory - httpd Updates
Posted Feb 13, 2012
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New httpd packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues. The apr-util package has also been updated to the latest version.

tags | advisory
systems | linux, slackware
advisories | CVE-2011-3368, CVE-2011-3607, CVE-2011-4317, CVE-2012-0021, CVE-2012-0031, CVE-2012-0053
SHA-256 | d918adbd8e8a933420c61087ab85772332adaaf1a957177ead0deb868b6d1325
Debian Security Advisory 2405-1
Posted Feb 7, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2405-1 - Several vulnerabilities have been found in the Apache HTTPD Server.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2011-3607, CVE-2011-3368, CVE-2011-3639, CVE-2011-4317, CVE-2012-0031, CVE-2012-0053
SHA-256 | b0c6203ca4497541242454515790d9cfda365dfb81c65448ab664a3e143985e1
Apache 2.2.22 Multiple Updates
Posted Feb 2, 2012
Site httpd.apache.org

Apache HTTP Server version 2.2.22 has been released. It addresses a wide array of vulnerabilities ranging from denial of service to integer overflow issues.

tags | advisory, web, denial of service, overflow, vulnerability
advisories | CVE-2011-3368, CVE-2011-3607, CVE-2011-4317, CVE-2012-0021, CVE-2012-0031, CVE-2012-0053
SHA-256 | 85672817e23c25e72bd6c9922fb22ec525d83fee8b06bd7f90f95794e0e9561d
Mandriva Linux Security Advisory 2012-003
Posted Jan 10, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-003 - Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a.htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, leading to a heap-based buffer overflow. The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of RewriteRule and ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an \@ character and a : character in invalid positions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368. The updated packages have been patched to correct these issues.

tags | advisory, remote, web, overflow, local
systems | linux, mandriva
advisories | CVE-2011-3607, CVE-2011-4317
SHA-256 | c67cf79a3c62b81057754ad363ae14900efdb1f1fcbad2d4c3fd00086a37d2b6
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close