English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

CVE Kennung:CVE-2011-3368
Beschreibung:The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.
Test Kennungen: 1.3.6.1.4.1.25623.1.0.70600   1.3.6.1.4.1.25623.1.0.70451   1.3.6.1.4.1.25623.1.0.70724   1.3.6.1.4.1.25623.1.0.70737   1.3.6.1.4.1.25623.1.0.71095   1.3.6.1.4.1.25623.1.0.71125   1.3.6.1.4.1.25623.1.0.72091   1.3.6.1.4.1.25623.1.0.72001   1.3.6.1.4.1.25623.1.0.122067   1.3.6.1.4.1.25623.1.0.122068   1.3.6.1.4.1.25623.1.0.120253   1.3.6.1.4.1.25623.1.0.870631   1.3.6.1.4.1.25623.1.0.870617   1.3.6.1.4.1.25623.1.0.831523   1.3.6.1.4.1.25623.1.0.870571   1.3.6.1.4.1.25623.1.0.881089   1.3.6.1.4.1.25623.1.0.831460  
Querverweise: Common Vulnerability Exposure (CVE) ID: CVE-2011-3368
AIX APAR: SE49723
http://www-01.ibm.com/support/docview.wss?uid=nas2064c7e5f53452ff686257927003c8d42
AIX APAR: SE49724
http://www-01.ibm.com/support/docview.wss?uid=nas2b7c57b1f1035675186257927003c8d48
http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html
BugTraq ID: 49957
http://www.securityfocus.com/bid/49957
Debian Security Information: DSA-2405 (Google Search)
http://www.debian.org/security/2012/dsa-2405
http://www.exploit-db.com/exploits/17969
http://seclists.org/fulldisclosure/2011/Oct/232
http://seclists.org/fulldisclosure/2011/Oct/273
HPdes Security Advisory: HPSBMU02748
http://marc.info/?l=bugtraq&m=133294460209056&w=2
HPdes Security Advisory: HPSBOV02822
http://marc.info/?l=bugtraq&m=134987041210674&w=2
HPdes Security Advisory: SSRT100772
http://marc.info/?l=bugtraq&m=133294460209056&w=2
HPdes Security Advisory: SSRT100966
http://marc.info/?l=bugtraq&m=134987041210674&w=2
http://www.mandriva.com/security/advisories?name=MDVSA-2011:144
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
http://www.contextis.com/research/blog/reverseproxybypass/
http://web.archiveorange.com/archive/v/ZyS0hzECD5zzb2NkvQlt
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E
http://osvdb.org/76079
RedHat Security Advisories: RHSA-2011:1391
http://www.redhat.com/support/errata/RHSA-2011-1391.html
RedHat Security Advisories: RHSA-2011:1392
http://www.redhat.com/support/errata/RHSA-2011-1392.html
RedHat Security Advisories: RHSA-2012:0542
http://rhn.redhat.com/errata/RHSA-2012-0542.html
RedHat Security Advisories: RHSA-2012:0543
http://rhn.redhat.com/errata/RHSA-2012-0543.html
http://www.securitytracker.com/id?1026144
http://secunia.com/advisories/46288
http://secunia.com/advisories/46414
http://secunia.com/advisories/48551
SuSE Security Announcement: SUSE-SU-2011:1229 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html
SuSE Security Announcement: openSUSE-SU-2013:0243 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html
SuSE Security Announcement: openSUSE-SU-2013:0248 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html
XForce ISS Database: apache-modproxy-information-disclosure(70336)
https://exchange.xforce.ibmcloud.com/vulnerabilities/70336



© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.