Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2011-3368 |
CWE-ID | CWE-20 |
Exploitation vector | Network |
Public exploit | Public exploit code for vulnerability #1 is available. |
Vulnerable software Subscribe |
apache2 (Alpine package) Operating systems & Components / Operating system package or component |
Vendor | Alpine Linux Development Team |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
EUVDB-ID: #VU33694
Risk: Medium
CVSSv3.1: 4.9 [CVSS:3.1/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C]
CVE-ID: CVE-2011-3368
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.
MitigationInstall update from vendor's website.
Vulnerable software versionsapache2 (Alpine package): 2.2.21-r1 - 2.2.21-r3
External linkshttp://git.alpinelinux.org/aports/commit/?id=eb6bfe8b9093524e7eeeb50630c0dd0921880764
http://git.alpinelinux.org/aports/commit/?id=271ab41139ec89734cef1524dfc916f489708e9f
http://git.alpinelinux.org/aports/commit/?id=400a302e8bca4ad2bbef3bb38737680ef8fb53cd
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.