Rapid7 Vulnerability & Exploit Database

Apache HTTPD: mod_proxy reverse proxy exposure (CVE-2011-3368)

Back to Search

Apache HTTPD: mod_proxy reverse proxy exposure (CVE-2011-3368)

Severity
5
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Published
10/05/2011
Created
07/25/2018
Added
04/12/2012
Modified
04/17/2018

Description

The affected asset is vulnerable to this vulnerability ONLY if it is running one of the following modules: mod_proxy. Review your web server configuration for validation. An exposure was found when using mod_proxy in reverse proxy mode. In certain configurations using RewriteRule with proxy flag or ProxyPassMatch, a remote attacker could cause the reverse proxy to connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to attacker. No update of 1.3 will be released. Patches will be published to https://archive.apache.org/dist/httpd/patches/apply_to_1.3.42/

Solution(s)

  • apache-httpd-cve-2011-3368-1-3-patch
  • apache-httpd-upgrade-2_0_65
  • apache-httpd-upgrade-2_2_22

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;