exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

CVE-2011-3368

Status Candidate

Overview

The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.

Related Files

Apache Reverse Proxy Bypass Scanner
Posted Sep 1, 2024
Authored by Jay Turla | Site metasploit.com

Scan for poorly configured reverse proxy servers. By default, this module attempts to force the server to make a request with an invalid domain name. Then, if the bypass is successful, the server will look it up and of course fail, then responding with a status code 502. A baseline status code is always established and if that baseline matches your test status code, the injection attempt does not occur. "set VERBOSE true" if you are paranoid and want to catch potential false negatives. Works best against Apache and mod_rewrite.

tags | exploit
advisories | CVE-2011-3368
SHA-256 | 1a2aeb41e4bc8514346a4bbe493318a1c73ff9327c6e82b06a7a3c3f9105f36b
HP Security Bulletin HPSBOV02822 SSRT100966
Posted Oct 10, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV02822 SSRT100966 - Potential vulnerabilities have been identified with HP Secure Web Server (SWS) for OpenVMS. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, or unauthorized disclosure of information. Revision 1 of this advisory.

tags | advisory, web, denial of service, vulnerability
advisories | CVE-2011-0419, CVE-2011-1928, CVE-2011-3192, CVE-2011-3368, CVE-2011-3607, CVE-2011-4317, CVE-2012-0031
SHA-256 | 21c104d295b4ae2e63eb3ca4f8927d747e86151bd3754aa34134f75312b342b7
Apple Security Advisory 2012-09-19-2
Posted Sep 22, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-09-19-2 - OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and Security Update 2012-004 are now available and address Apache, BIND, CoreText, Data Security, and many other vulnerabilities.

tags | advisory, vulnerability
systems | apple, osx
advisories | CVE-2011-3026, CVE-2011-3048, CVE-2011-3368, CVE-2011-3389, CVE-2011-3607, CVE-2011-4313, CVE-2011-4317, CVE-2011-4599, CVE-2012-0021, CVE-2012-0031, CVE-2012-0053, CVE-2012-0643, CVE-2012-0650, CVE-2012-0652, CVE-2012-0668, CVE-2012-0670, CVE-2012-0671, CVE-2012-0831, CVE-2012-1172, CVE-2012-1173, CVE-2012-1667, CVE-2012-1823, CVE-2012-2143, CVE-2012-2311, CVE-2012-2386, CVE-2012-2688, CVE-2012-3716, CVE-2012-3718
SHA-256 | 40b0db811b217e85fb6806b53d13edb126d8f6537576e1fb80a6d9e6c2266a62
Gentoo Linux Security Advisory 201206-25
Posted Jun 24, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201206-25 - Multiple vulnerabilities were found in Apache HTTP Server. Versions less than 2.2.22-r1 are affected.

tags | advisory, web, vulnerability
systems | linux, gentoo
advisories | CVE-2010-0408, CVE-2010-0434, CVE-2010-1452, CVE-2010-2791, CVE-2011-3192, CVE-2011-3348, CVE-2011-3368, CVE-2011-3607, CVE-2011-4317, CVE-2012-0021, CVE-2012-0031, CVE-2012-0053, CVE-2012-0883
SHA-256 | 384b2487f5f9cd58a858736f481966a3ddea24b706867ab02a3f57c4c6800e0f
Red Hat Security Advisory 2012-0542-01
Posted May 7, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0542-01 - The Apache HTTP Server is the namesake project of The Apache Software Foundation. It was discovered that the Apache HTTP Server did not properly validate the request URI for proxied requests. In certain configurations, if a reverse proxy used the ProxyPassMatch directive, or if it used the RewriteRule directive with the proxy flag, a remote attacker could make the proxy connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to the attacker.

tags | advisory, remote, web, arbitrary
systems | linux, redhat
advisories | CVE-2011-3348, CVE-2011-3368, CVE-2011-3607, CVE-2012-0021, CVE-2012-0031, CVE-2012-0053
SHA-256 | 8b3987f6e40fef85052bc1517ccdd155b8785e42c315e04f9e426c3eaf558929
Red Hat Security Advisory 2012-0543-01
Posted May 7, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0543-01 - The Apache HTTP Server is the namesake project of The Apache Software Foundation. It was discovered that the Apache HTTP Server did not properly validate the request URI for proxied requests. In certain configurations, if a reverse proxy used the ProxyPassMatch directive, or if it used the RewriteRule directive with the proxy flag, a remote attacker could make the proxy connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to the attacker.

tags | advisory, remote, web, arbitrary
systems | linux, redhat
advisories | CVE-2011-3348, CVE-2011-3368, CVE-2011-3607, CVE-2012-0021, CVE-2012-0031, CVE-2012-0053
SHA-256 | 376715e8712ee30354e348ebd39de77f32d1502ee20f1d7c87fee06fdef8376b
HP Security Bulletin HPSBMU02748 SSRT100772
Posted Mar 29, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02748 SSRT100772 - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM) running Apache HTTP Server. The vulnerabilities could be exploited remotely resulting in unauthorized disclosure of information, unauthorized modification, or Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, web, denial of service, vulnerability
advisories | CVE-2011-3368, CVE-2011-3607, CVE-2011-4317, CVE-2012-0021, CVE-2012-0031, CVE-2012-0053
SHA-256 | 7fae2700afe344be38de57d49ac19bea29b89131596241416dbf472e479b30dc
Slackware Security Advisory - httpd Updates
Posted Feb 13, 2012
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New httpd packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues. The apr-util package has also been updated to the latest version.

tags | advisory
systems | linux, slackware
advisories | CVE-2011-3368, CVE-2011-3607, CVE-2011-4317, CVE-2012-0021, CVE-2012-0031, CVE-2012-0053
SHA-256 | d918adbd8e8a933420c61087ab85772332adaaf1a957177ead0deb868b6d1325
Debian Security Advisory 2405-1
Posted Feb 7, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2405-1 - Several vulnerabilities have been found in the Apache HTTPD Server.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2011-3607, CVE-2011-3368, CVE-2011-3639, CVE-2011-4317, CVE-2012-0031, CVE-2012-0053
SHA-256 | b0c6203ca4497541242454515790d9cfda365dfb81c65448ab664a3e143985e1
Apache 2.2.22 Multiple Updates
Posted Feb 2, 2012
Site httpd.apache.org

Apache HTTP Server version 2.2.22 has been released. It addresses a wide array of vulnerabilities ranging from denial of service to integer overflow issues.

tags | advisory, web, denial of service, overflow, vulnerability
advisories | CVE-2011-3368, CVE-2011-3607, CVE-2011-4317, CVE-2012-0021, CVE-2012-0031, CVE-2012-0053
SHA-256 | 85672817e23c25e72bd6c9922fb22ec525d83fee8b06bd7f90f95794e0e9561d
Ubuntu Security Notice USN-1259-1
Posted Nov 11, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1259-1 - It was discovered that the mod_proxy module in Apache did not properly interact with the RewriteRule and ProxyPassMatch pattern matches in the configuration of a reverse proxy. This could allow remote attackers to contact internal webservers behind the proxy that were not intended for external exposure. Stefano Nichele discovered that the mod_proxy_ajp module in Apache when used with mod_proxy_balancer in certain configurations could allow remote attackers to cause a denial of service via a malformed HTTP request. Various other issues were also addressed.

tags | advisory, remote, web, denial of service
systems | linux, ubuntu
advisories | CVE-2011-1176, CVE-2011-3348, CVE-2011-3368
SHA-256 | 7bef884df5589e1fd12588b714aa616b41b6f836aa2d49c1baa9c3029d8685d0
Red Hat Security Advisory 2011-1392-01
Posted Oct 20, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1392-01 - The Apache HTTP Server is a popular web server. It was discovered that the Apache HTTP Server did not properly validate the request URI for proxied requests. In certain configurations, if a reverse proxy used the ProxyPassMatch directive, or if it used the RewriteRule directive with the proxy flag, a remote attacker could make the proxy connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to the attacker.

tags | advisory, remote, web, arbitrary
systems | linux, redhat
advisories | CVE-2011-3368
SHA-256 | 38d5d3cdd137a8ddd27f61f26b4d6bd80a8be345b51f7fcd45471eb5bb0f29ba
Red Hat Security Advisory 2011-1391-01
Posted Oct 20, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1391-01 - The Apache HTTP Server is a popular web server. It was discovered that the Apache HTTP Server did not properly validate the request URI for proxied requests. In certain configurations, if a reverse proxy used the ProxyPassMatch directive, or if it used the RewriteRule directive with the proxy flag, a remote attacker could make the proxy connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to the attacker. It was discovered that mod_proxy_ajp incorrectly returned an "Internal Server Error" response when processing certain malformed HTTP requests, which caused the back-end server to be marked as failed in configurations where mod_proxy was used in load balancer mode. A remote attacker could cause mod_proxy to not send requests to back-end AJP servers for the retry timeout period or until all back-end servers were marked as failed.

tags | advisory, remote, web, arbitrary
systems | linux, redhat
advisories | CVE-2011-3348, CVE-2011-3368
SHA-256 | fa52da6f043cacb48e73017394b763ecd084cb2327279a656bc387db875101fc
Apache mod_proxy Proof Of Concept
Posted Oct 11, 2011
Authored by Rodrigo Marcos | Site secforce.co.uk

The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character. This is a proof of concept exploit that demonstrates this vulnerability.

tags | exploit, remote, web, proof of concept
advisories | CVE-2011-3368
SHA-256 | 75f36dfa842b3b7a95c175cb265cef819693d09f8c78a6ec91fe76cb8705da9e
Mandriva Linux Security Advisory 2011-144
Posted Oct 9, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-144 - The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial \@ character.

tags | advisory, remote, web
systems | linux, mandriva
advisories | CVE-2011-3368
SHA-256 | 0398641523906dd465280a2065f7651a540f0b837cf29816dc29705635f4b67e
Apache Reverse Proxy Bypass
Posted Oct 6, 2011
Authored by Michael Jordon, Context Information Security Ltd, David Robinson | Site contextis.co.uk

Context discovered a security vulnerability which allows for Apache in reverse proxy mode to be used to access internal/DMZ systems due to a weakness in its handling of URLs being processed by mod_rewrite. Versions 1.3 and 2.x are affected.

tags | exploit
advisories | CVE-2011-3368
SHA-256 | cc7c3ff195e475a2b7ec8ea66d98deaebf0cf9dedd7ae209991e3d3c5d4274d8
Apache mod_proxy Reverse Proxy Exposure
Posted Oct 6, 2011
Site apache.org

The Apache mod_proxy module suffers from a reverse proxy exposure vulnerability.

tags | advisory
advisories | CVE-2011-3368
SHA-256 | 99c1b40cb499bb7230f6dcb7690b190f0ac5434e9e581f118b4b1969c1691dbb
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    0 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    0 Files
  • 9
    Nov 9th
    0 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close