FKIE_CVE-2011-3639
Vulnerability from fkie_nvd - Published: 2011-11-30 04:05 - Updated: 2025-04-11 00:51
Severity ?
Summary
The mod_proxy module in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x before 2.2.18, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers by using the HTTP/0.9 protocol with a malformed URI containing an initial @ (at sign) character. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "DAF992CB-14FF-409B-8DCD-BA967C077DDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DA66C097-3E40-4B73-814F-DDC0DECED68D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "8AC5F497-E7C4-4C65-AB39-26AC6D9AB16F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "A14055E2-3AF4-4067-B36F-2196A80630AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "877CA12A-4033-4D7A-B952-F03E4A47CDD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "C13C842A-F5C7-463C-AFEF-83CB37DDD143",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "AD5AC2F3-591D-479C-9675-4D805A518B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "3F4491F3-3444-4FDF-B5BE-2B122E85372D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "DB9F4D77-D462-4ACD-B398-C0B246743436",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "30815053-E2D2-4D80-A98F-A439A8390DAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "E1458538-C8F6-4B15-A9BC-A991FB96E58C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "5625759C-0695-44AD-BF4D-B52C8783CF7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "0559B21D-AB40-4F99-87DA-0792A198FE9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "44C1AC64-7048-4B92-A5EC-1267EB639B97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.25:*:*:*:*:*:*:*",
"matchCriteriaId": "3BC97B2F-08DD-418D-B811-DDD0B886F3B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.26:*:*:*:*:*:*:*",
"matchCriteriaId": "59503E54-2D6E-4116-A54D-857729AEFC4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.27:*:*:*:*:*:*:*",
"matchCriteriaId": "5970F4D6-D6F9-48D9-A720-C0B48946A265",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:*",
"matchCriteriaId": "EB477AFB-EA39-4892-B772-586CF6D2D235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.29:*:*:*:*:*:*:*",
"matchCriteriaId": "8FBF3D87-0F47-4EF1-BD1F-3F8AEB54D759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.30:*:*:*:*:*:*:*",
"matchCriteriaId": "DADE8586-71C7-43E7-92FA-11810376E987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.31:*:*:*:*:*:*:*",
"matchCriteriaId": "C24F551C-B514-4598-8B17-312F739402D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:*",
"matchCriteriaId": "B35906CD-038E-4243-8A95-F0A3A43F06F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.33:*:*:*:*:*:*:*",
"matchCriteriaId": "01BB22DE-1350-41BF-8C3D-B05458A45FB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.34:*:*:*:*:*:*:*",
"matchCriteriaId": "BD008916-D0D6-4FC0-AAB0-5A3F11027E46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*",
"matchCriteriaId": "B940BB85-03F5-46D7-8DC9-2E1E228D3D98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*",
"matchCriteriaId": "82139FFA-2779-4732-AFA5-4E6E19775899",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:*",
"matchCriteriaId": "B7F717E6-BACD-4C8A-A9C5-516ADA6FEE6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*",
"matchCriteriaId": "08AB120B-2FEC-4EB3-9777-135D81E809AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*",
"matchCriteriaId": "1C7FF669-12E0-4A73-BBA7-250D109148C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.40:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB7B1F1-7202-445D-9F96-135DC0AFB1E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.41:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB7EE53-187E-40A9-9865-0F3EDA2B5A4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.42:*:*:*:*:*:*:*",
"matchCriteriaId": "9D06AE8A-9BA8-4AA8-ACEA-326CD001E879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.43:*:*:*:*:*:*:*",
"matchCriteriaId": "2FC1A04B-0466-48AD-89F3-1F2EF1DEBE6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.44:*:*:*:*:*:*:*",
"matchCriteriaId": "19F34D08-430E-4331-A27D-667149425176",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.45:*:*:*:*:*:*:*",
"matchCriteriaId": "248BDF2C-3E78-49D1-BD9C-60C09A441724",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.46:*:*:*:*:*:*:*",
"matchCriteriaId": "BB0FDE3D-1509-4375-8703-0D174D70B22E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.47:*:*:*:*:*:*:*",
"matchCriteriaId": "AFE732B5-00C9-4443-97E0-1DF21475C26B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.48:*:*:*:*:*:*:*",
"matchCriteriaId": "C79C41D3-6894-4F2D-B8F8-82AB4780A824",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.49:*:*:*:*:*:*:*",
"matchCriteriaId": "449A5647-CEA6-4314-9DB8-D086F388E1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.50:*:*:*:*:*:*:*",
"matchCriteriaId": "B5A407B7-F432-48F0-916A-A49952F85CA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "6B5AC769-D07D-43C7-B252-A5A812E7D58C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "ADF4DBF6-DAF0-47E7-863B-C48DB7149A78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "F2F19D71-0A58-4B03-B351-596EB67ECF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "5EBB3FF9-CF5A-4E7B-ACE3-A198343AD485",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.55:*:*:*:*:*:*:*",
"matchCriteriaId": "D721FFB5-D6D3-4F60-8B09-B3AD07EE6D4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.56:*:*:*:*:*:*:*",
"matchCriteriaId": "97E8F32E-C2E5-44E3-A920-F09AF919D372",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.57:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF37A82-49B6-45D4-B91D-FDA2D4463A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.58:*:*:*:*:*:*:*",
"matchCriteriaId": "030D1767-2DF7-48E3-B462-4B49CA751B35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.59:*:*:*:*:*:*:*",
"matchCriteriaId": "5236DC61-5557-4C24-8F5B-F48548448588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.61:*:*:*:*:*:*:*",
"matchCriteriaId": "3B468F9B-2514-425C-9279-0FCAF73BBD18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.0.63:*:*:*:*:*:*:*",
"matchCriteriaId": "59FAFAD0-6B58-431B-BA90-CAE6C72844E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "67AD11FB-529C-404E-A13B-284F145322B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "733D62FE-180A-4AE8-9DBF-DA1DC18C1932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CCBBB7FE-35FC-4515-8393-5145339FCE4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F519633F-AB68-495A-B85E-FD41F9F752CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A894BED6-C97D-4DA4-A13D-9CB2B3306BC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "34A847D1-5AD5-4EFD-B165-7602AFC1E656",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9AF3A0F5-4E5C-4278-9927-1F94F25CCAFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "AB63EBE5-CF14-491E-ABA5-67116DFE3E5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8C2A33DE-F55F-4FD8-BB00-9C1E006CA65C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CF6394-95D9-42AF-A442-385EFF9CEFE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "02B629FB-88C8-4E85-A137-28770F1E524E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "03550EF0-DF89-42FE-BF0E-994514EBD947",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "4886CCAB-6D4E-45C7-B177-2E8DBEA15531",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "C35631AC-7C35-4F6A-A95A-3B080E5210ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "6CED2BA6-BE5E-4EF1-88EB-0DADD23D2EEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "A71F4154-AD20-4EEA-9E2E-D3385C357DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server2.0a1:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C46F0F48-193A-4885-9BC0-1BA89829DD6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server2.0a2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE2712B5-6002-43B8-81D9-4DB00BD3D502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server2.0a3:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74A571A2-3C21-4137-A099-FB50017BE7FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server2.0a4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "364B61B1-D841-459A-BDF2-9B5558768A5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server2.0a5:*:*:*:*:*:*:*:*",
"matchCriteriaId": "058B5D4F-43A3-4304-A7C3-110E964312BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server2.0a6:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D64BE04-0D98-439D-9E91-E26B466E98E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server2.0a7:*:*:*:*:*:*:*:*",
"matchCriteriaId": "38C899A1-550E-435F-A9DC-4F6846CBA2A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server2.0a8:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA768FBC-91C7-49AA-8D59-0A853A007135",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server2.0a9:*:*:*:*:*:*:*:*",
"matchCriteriaId": "197CA84D-447E-43B1-B71F-71E92A5937A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The mod_proxy module in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x before 2.2.18, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers by using the HTTP/0.9 protocol with a malformed URI containing an initial @ (at sign) character. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368."
},
{
"lang": "es",
"value": "El m\u00f3dulo mod_proxy en el servidor HTTP Apache v2.0.x hasta v2.0.64 y v2.2.x hasta v2.2.18, cuando la revisi\u00f3n 1179239 se realiza, no interact\u00faa con el uso de patrones de coincidencia (1) RewriteRule y (2) ProxyPassMatch para configuraci\u00f3n de un proxy inverso, lo que permite a atacantes remotos enviar peticiones a servidores de la intranet a trav\u00e9s de URI mal formadas que contienen el caracter \u0027@\u0027: caracter en una posici\u00f3n inv\u00e1lida. NOTA: esta vulnerabilidad existe debido a una soluci\u00f3n incompleta para CVE-2011-3368."
}
],
"id": "CVE-2011-3639",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-11-30T04:05:58.437",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0128.html"
},
{
"source": "secalert@redhat.com",
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1188745"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2012/dsa-2405"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=752080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0128.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1188745"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2012/dsa-2405"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=752080"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…