PT-2011-4546 · Apache+4 · Apache Http Server+4

Halfdog

Published

2011-11-02

Updated

2024-06-15

CVE-2011-3607

CVSS v2.0

4.4

Medium

Vector

AV:L/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.0.x through 2.0.64 Apache HTTP Server versions 2.2.x through 2.2.21

Description The issue is related to an integer overflow in the ap pregsub function, which can be exploited when the mod setenvif module is enabled. This allows local users to gain privileges via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, leading to a heap-based buffer overflow.

Recommendations For Apache HTTP Server versions 2.0.x through 2.0.64, update to a version where this issue is fixed. For Apache HTTP Server versions 2.2.x through 2.2.21, update to a version where this issue is fixed. As a temporary workaround, consider disabling the mod setenvif module until a patch is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-189

Related Identifiers

CESA-2012_0128

CVE-2011-3607

DSA-2405-1

HPSBUX02761

OPENSUSE-SU-2024:10268-1

RHSA-2012:0128

RHSA-2012:0323

RHSA-2012:0542

RHSA-2012_0128

RHSA-2012_0323

Affected Products

Apache Http Server

Centos

Hp-Ux

Red Hat

Suse

PT-2011-4546 · Apache+4 · Apache Http Server+4

CVE-2011-3607

Weakness Enumeration

Related Identifiers

Affected Products

References · 150