#VU33694 Input validation error - CVE-2011-3368
Published: October 6, 2011 / Updated: August 4, 2020
Vulnerability identifier: #VU33694
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:A/U:Green
CVE-ID: CVE-2011-3368
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
Public exploit is available
Vulnerable software:
Software vendor:
Description
The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.
Remediation
Install update from vendor's website.
External links
- http://kb.juniper.net/JSA10585
- http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html
- http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html
- http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html
- http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html
- http://marc.info/?l=bugtraq&m=133294460209056&w=2
- http://marc.info/?l=bugtraq&m=134987041210674&w=2
- http://osvdb.org/76079
- http://rhn.redhat.com/errata/RHSA-2012-0542.html
- http://rhn.redhat.com/errata/RHSA-2012-0543.html
- http://seclists.org/fulldisclosure/2011/Oct/232
- http://seclists.org/fulldisclosure/2011/Oct/273
- http://secunia.com/advisories/46288
- http://secunia.com/advisories/46414
- http://secunia.com/advisories/48551
- http://support.apple.com/kb/HT5501
- http://svn.apache.org/viewvc?view=revision&revision=1179239
- http://web.archiveorange.com/archive/v/ZyS0hzECD5zzb2NkvQlt
- http://www.contextis.com/research/blog/reverseproxybypass/
- http://www.debian.org/security/2012/dsa-2405
- http://www.exploit-db.com/exploits/17969
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:144
- http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html
- http://www.redhat.com/support/errata/RHSA-2011-1391.html
- http://www.redhat.com/support/errata/RHSA-2011-1392.html
- http://www.securityfocus.com/bid/49957
- http://www.securitytracker.com/id?1026144
- http://www-01.ibm.com/support/docview.wss?uid=nas2064c7e5f53452ff686257927003c8d42
- http://www-01.ibm.com/support/docview.wss?uid=nas2b7c57b1f1035675186257927003c8d48
- https://bugzilla.redhat.com/show_bug.cgi?id=740045
- https://exchange.xforce.ibmcloud.com/vulnerabilities/70336
- https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E