vulnerability

Red Hat: CVE-2011-2767: Important: mod_perl security update (RHSA-2018:2737)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
10	(AV:N/AC:L/Au:N/C:C/I:C/A:C)	2018-08-26	2018-09-25	2021-03-03

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published

2018-08-26

Added

2018-09-25

Modified

2021-03-03

Description

mod_perl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no configuration option that permits Perl code for the administrator's control of HTTP request processing without also permitting unprivileged users to run Perl code in the context of the user account that runs Apache HTTP Server processes.

Solution(s)

redhat-upgrade-mod_perlredhat-upgrade-mod_perl-debuginforedhat-upgrade-mod_perl-devel

References

BID-105195
NVD-CVE-2011-2767
REDHAT-RHSA-2018:2737
REDHAT-RHSA-2018:2825
REDHAT-RHSA-2018:2826

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today