vulnerability

SUSE: CVE-2011-2767: SUSE Linux Security Advisory

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
10	(AV:N/AC:L/Au:N/C:C/I:C/A:C)	Aug 26, 2018	Aug 9, 2024	Aug 9, 2024

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published

Aug 26, 2018

Added

Aug 9, 2024

Modified

Aug 9, 2024

Description

mod_perl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no configuration option that permits Perl code for the administrator's control of HTTP request processing without also permitting unprivileged users to run Perl code in the context of the user account that runs Apache HTTP Server processes.

Solutions

suse-upgrade-apache2-mod_perlsuse-upgrade-apache2-mod_perl-devel

References

BID-105195
CVE-2011-2767
https://attackerkb.com/topics/CVE-2011-2767
REDHAT-RHSA-2018:2737
REDHAT-RHSA-2018:2825
REDHAT-RHSA-2018:2826

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report