CVE-2011-3639
Apache 2.2.15 mod_proxy - Reverse Proxy Security Bypass
Severity Score
4.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The mod_proxy module in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x before 2.2.18, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers by using the HTTP/0.9 protocol with a malformed URI containing an initial @ (at sign) character. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.
El módulo mod_proxy en el servidor HTTP Apache v2.0.x hasta v2.0.64 y v2.2.x hasta v2.2.18, cuando la revisión 1179239 se realiza, no interactúa con el uso de patrones de coincidencia (1) RewriteRule y (2) ProxyPassMatch para configuración de un proxy inverso, lo que permite a atacantes remotos enviar peticiones a servidores de la intranet a través de URI mal formadas que contienen el caracter '@': caracter en una posición inválida. NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2011-3368.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2011-09-21 CVE Reserved
- 2011-11-30 CVE Published
- 2012-02-06 First Exploit
- 2024-08-06 CVE Updated
- 2024-09-08 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-20: Improper Input Validation
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://svn.apache.org/viewvc?view=revision&revision=1188745 | X_refsource_confirm |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/36663 | 2012-02-06 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2012-0128.html | 2023-11-07 | |
| http://www.debian.org/security/2012/dsa-2405 | 2023-11-07 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=752080 | 2012-02-21 | |
| https://access.redhat.com/security/cve/CVE-2011-3639 | 2012-02-21 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.11 Search vendor "Apache" for product "Http Server" and version "2.0.11" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.12 Search vendor "Apache" for product "Http Server" and version "2.0.12" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.13 Search vendor "Apache" for product "Http Server" and version "2.0.13" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.14 Search vendor "Apache" for product "Http Server" and version "2.0.14" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.15 Search vendor "Apache" for product "Http Server" and version "2.0.15" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.16 Search vendor "Apache" for product "Http Server" and version "2.0.16" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.17 Search vendor "Apache" for product "Http Server" and version "2.0.17" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.18 Search vendor "Apache" for product "Http Server" and version "2.0.18" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.19 Search vendor "Apache" for product "Http Server" and version "2.0.19" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.20 Search vendor "Apache" for product "Http Server" and version "2.0.20" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.21 Search vendor "Apache" for product "Http Server" and version "2.0.21" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.22 Search vendor "Apache" for product "Http Server" and version "2.0.22" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.23 Search vendor "Apache" for product "Http Server" and version "2.0.23" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.24 Search vendor "Apache" for product "Http Server" and version "2.0.24" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.25 Search vendor "Apache" for product "Http Server" and version "2.0.25" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.26 Search vendor "Apache" for product "Http Server" and version "2.0.26" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.27 Search vendor "Apache" for product "Http Server" and version "2.0.27" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.28 Search vendor "Apache" for product "Http Server" and version "2.0.28" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.29 Search vendor "Apache" for product "Http Server" and version "2.0.29" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.30 Search vendor "Apache" for product "Http Server" and version "2.0.30" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.31 Search vendor "Apache" for product "Http Server" and version "2.0.31" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.32 Search vendor "Apache" for product "Http Server" and version "2.0.32" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.33 Search vendor "Apache" for product "Http Server" and version "2.0.33" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.34 Search vendor "Apache" for product "Http Server" and version "2.0.34" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.35 Search vendor "Apache" for product "Http Server" and version "2.0.35" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.36 Search vendor "Apache" for product "Http Server" and version "2.0.36" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.37 Search vendor "Apache" for product "Http Server" and version "2.0.37" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.38 Search vendor "Apache" for product "Http Server" and version "2.0.38" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.39 Search vendor "Apache" for product "Http Server" and version "2.0.39" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.40 Search vendor "Apache" for product "Http Server" and version "2.0.40" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.41 Search vendor "Apache" for product "Http Server" and version "2.0.41" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.42 Search vendor "Apache" for product "Http Server" and version "2.0.42" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.43 Search vendor "Apache" for product "Http Server" and version "2.0.43" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.44 Search vendor "Apache" for product "Http Server" and version "2.0.44" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.45 Search vendor "Apache" for product "Http Server" and version "2.0.45" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.46 Search vendor "Apache" for product "Http Server" and version "2.0.46" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.47 Search vendor "Apache" for product "Http Server" and version "2.0.47" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.48 Search vendor "Apache" for product "Http Server" and version "2.0.48" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.49 Search vendor "Apache" for product "Http Server" and version "2.0.49" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.50 Search vendor "Apache" for product "Http Server" and version "2.0.50" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.51 Search vendor "Apache" for product "Http Server" and version "2.0.51" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.52 Search vendor "Apache" for product "Http Server" and version "2.0.52" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.53 Search vendor "Apache" for product "Http Server" and version "2.0.53" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.54 Search vendor "Apache" for product "Http Server" and version "2.0.54" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.55 Search vendor "Apache" for product "Http Server" and version "2.0.55" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.56 Search vendor "Apache" for product "Http Server" and version "2.0.56" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.57 Search vendor "Apache" for product "Http Server" and version "2.0.57" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.58 Search vendor "Apache" for product "Http Server" and version "2.0.58" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.59 Search vendor "Apache" for product "Http Server" and version "2.0.59" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.61 Search vendor "Apache" for product "Http Server" and version "2.0.61" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.0.63 Search vendor "Apache" for product "Http Server" and version "2.0.63" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.2.0 Search vendor "Apache" for product "Http Server" and version "2.2.0" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.2.1 Search vendor "Apache" for product "Http Server" and version "2.2.1" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.2.2 Search vendor "Apache" for product "Http Server" and version "2.2.2" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.2.3 Search vendor "Apache" for product "Http Server" and version "2.2.3" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.2.4 Search vendor "Apache" for product "Http Server" and version "2.2.4" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.2.6 Search vendor "Apache" for product "Http Server" and version "2.2.6" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.2.8 Search vendor "Apache" for product "Http Server" and version "2.2.8" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.2.9 Search vendor "Apache" for product "Http Server" and version "2.2.9" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.2.10 Search vendor "Apache" for product "Http Server" and version "2.2.10" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.2.11 Search vendor "Apache" for product "Http Server" and version "2.2.11" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.2.12 Search vendor "Apache" for product "Http Server" and version "2.2.12" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.2.13 Search vendor "Apache" for product "Http Server" and version "2.2.13" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.2.14 Search vendor "Apache" for product "Http Server" and version "2.2.14" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.2.15 Search vendor "Apache" for product "Http Server" and version "2.2.15" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.2.16 Search vendor "Apache" for product "Http Server" and version "2.2.16" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | 2.2.17 Search vendor "Apache" for product "Http Server" and version "2.2.17" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server2.0a1 Search vendor "Apache" for product "Http Server2.0a1" | * | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server2.0a2 Search vendor "Apache" for product "Http Server2.0a2" | * | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server2.0a3 Search vendor "Apache" for product "Http Server2.0a3" | * | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server2.0a4 Search vendor "Apache" for product "Http Server2.0a4" | * | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server2.0a5 Search vendor "Apache" for product "Http Server2.0a5" | * | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server2.0a6 Search vendor "Apache" for product "Http Server2.0a6" | * | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server2.0a7 Search vendor "Apache" for product "Http Server2.0a7" | * | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server2.0a8 Search vendor "Apache" for product "Http Server2.0a8" | * | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Http Server2.0a9 Search vendor "Apache" for product "Http Server2.0a9" | * | - |
Affected
| ||||||