diff options
| author | Cy Schubert <cy@FreeBSD.org> | 2021-10-07 10:38:35 -0700 |
|---|---|---|
| committer | Cy Schubert <cy@FreeBSD.org> | 2021-10-07 10:38:35 -0700 |
| commit | 7a1b88f81c2266602b044d282129dbb8261eab4f (patch) | |
| tree | d225ddbe521a333ab314cc0119bd5b9960ea7857 | |
| parent | www/apache24: Update to 2.4.51 (diff) | |
security/vuxml: Only apache24 2.4.49 and 2.4.50 are vulnerable
| -rw-r--r-- | security/vuxml/vuln-2021.xml | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/security/vuxml/vuln-2021.xml b/security/vuxml/vuln-2021.xml index fda4da65b348..be64a23729d9 100644 --- a/security/vuxml/vuln-2021.xml +++ b/security/vuxml/vuln-2021.xml @@ -1,3 +1,43 @@ + <vuln vid="d001c189-2793-11ec-8fb1-206a8a720317"> + <topic>Apache httpd -- Path Traversal and Remote Code Execution</topic> + <affects> + <package> + <name>apache24</name> + <range><ge>2.4.49</ge><lt>2.4.51</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>The Apache http server project reports:</p> + <blockquote cite="https://httpd.apache.org/security/vulnerabilities_24.html"> + <p>critical: Path Traversal and Remote Code Execution in Apache HTTP + Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) + (CVE-2021-42013).</p> + <p>It was found that the fix for CVE-2021-41773 in Apache HTTP + Server 2.4.50 was insufficient. An attacker could use a path + traversal attack to map URLs to files outside the directories + configured by Alias-like directives.</p> + <p>If files outside of these directories are not protected by the + usual default configuration "require all denied", these requests + can succeed. If CGI scripts are also enabled for these aliased + pathes, this could allow for remote code execution.</p> + <p>This issue only affects Apache 2.4.49 and Apache 2.4.50 and not + earlier versions.</p> + <p>Acknowledgements: Reported by Juan Escobar from Dreamlab + Technologies, Fernando Munoz from NULL Life CTF Team, and + Shungo Kumasaka</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2021-42013</cvename> + </references> + <dates> + <discovery>2021-10-07</discovery> + <entry>2021-10-07</entry> + </dates> + </vuln> + <vuln vid="9bad457e-b396-4452-8773-15bec67e1ceb"> <topic>jenkins -- Jenkins core bundles vulnerable version of the commons-httpclient library</topic> <affects> |