vulnerability

Ubuntu: (Multiple Advisories) (CVE-2011-2767): mod_perl vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
10	(AV:N/AC:L/Au:N/C:C/I:C/A:C)	Aug 26, 2018	Nov 30, 2018	Aug 18, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published

Aug 26, 2018

Added

Nov 30, 2018

Modified

Aug 18, 2025

Description

mod_perl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no configuration option that permits Perl code for the administrator's control of HTTP request processing without also permitting unprivileged users to run Perl code in the context of the user account that runs Apache HTTP Server processes.

Solution

ubuntu-upgrade-libapache2-mod-perl2

References

CVE-2011-2767
https://attackerkb.com/topics/CVE-2011-2767
CWE-94
NVD-CVE-2011-2767
UBUNTU-USN-3825-1
UBUNTU-USN-3825-2

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today