CVE-2011-3368 Scanner
Detects 'Reverse Proxy Bypass' vulnerability in Apache HTTP Server affects v. 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21.
Short Info
Level
Medium
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
15 seconds
Time Interval
30 days
Scan only one
Domain, IPv4, Subdomain
Toolbox
-
The Apache HTTP Server is a popular web server software used by millions of websites worldwide. It is a free, open-source software that is highly scalable and customizable, making it a preferred choice for businesses of all sizes. With features like SSL/TLS encryption, virtual hosting, and secure communication protocols, Apache HTTP Server is a reliable and secure option for delivering web content to users.
One of the vulnerabilities detected in this product is CVE-2011-3368. This vulnerability affects versions 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 of Apache HTTP Server, and it is caused by a flaw in the mod_proxy module. The module does not properly interact with the use of RewriteRule and ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.
This vulnerability can lead to various security issues for businesses. For instance, a hacker can exploit this vulnerability to gain unauthorized access to sensitive data, including financial records, personal information, and trade secrets. In addition, they can use this vulnerability to execute arbitrary code on the affected server and compromise the entire network. It is, therefore, important to take precautions to protect against this vulnerability.
Thanks to the pro features of the s4e.io platform, those who read this article can easily and quickly learn about vulnerabilities in their digital assets. The platform provides a comprehensive vulnerability assessment of websites and web applications, including the Apache HTTP Server, to identify security loopholes, and recommend remediation strategies. Users can also utilize the platform's security recommendations and best practices to strengthen their cybersecurity posture and protect their digital assets from potential attacks.
REFERENCES
- web.archiveorange.com: [announce] 20111005 Advisory: mod_proxy reverse proxy exposure (CVE-2011-3368)
- http://svn.apache.org/viewvc?view=revision&revision=1179239
- marc.info: SSRT100966
- http://www.contextis.com/research/blog/reverseproxybypass/
- seclists.org: 20111005 Context IS Advisory - Apache Reverse Proxy Bypass Vulnerability
- redhat.com: RHSA-2011:1391
- www-01.ibm.com: SE49724
- rhn.redhat.com: RHSA-2012:0543
- marc.info: HPSBOV02822
- secunia.com: 46288
- osvdb.org: 76079
- exploit-db.com: 17969
- marc.info: SSRT100772
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- securityfocus.com: 49957
- www-01.ibm.com: SE49723
- marc.info: HPSBMU02748
- rhn.redhat.com: RHSA-2012:0542
- lists.apple.com: APPLE-SA-2012-09-19-2
- http://support.apple.com/kb/HT5501
- exchange.xforce.ibmcloud.com: apache-modproxy-information-disclosure(70336)
- http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html
- https://bugzilla.redhat.com/show_bug.cgi?id=740045
- securitytracker.com: 1026144
- redhat.com: RHSA-2011:1392
- seclists.org: 20111005 Apache HTTP Server: mod_proxy reverse proxy exposure (CVE-2011-3368)
- lists.opensuse.org: openSUSE-SU-2013:0248
- mandriva.com: MDVSA-2011:144
- lists.opensuse.org: openSUSE-SU-2013:0243
- mandriva.com: MDVSA-2013:150
- secunia.com: 46414
- secunia.com: 48551
- debian.org: DSA-2405
- lists.opensuse.org: SUSE-SU-2011:1229
- http://kb.juniper.net/JSA10585
- lists.apache.org: [httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
- lists.apache.org: [httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
- lists.apache.org: [httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
- lists.apache.org: [httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
- lists.apache.org: [httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
- lists.apache.org: [httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
- lists.apache.org: [httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
- lists.apache.org: [httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
- lists.apache.org: [httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
- lists.apache.org: [httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
- lists.apache.org: [httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
- lists.apache.org: [httpd-cvs] 20210330 svn commit: r1888194 [7/13] - /httpd/site/trunk/content/security/json/
- lists.apache.org: [httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
- lists.apache.org: [httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/
- lists.apache.org: [httpd-cvs] 20210330 svn commit: r1073139 [7/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
- lists.apache.org: [httpd-cvs] 20210330 svn commit: r1073149 [8/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/
- lists.apache.org: [httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html
- lists.apache.org: [httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/
- lists.apache.org: [httpd-cvs] 20210330 svn commit: r1888222 - in /httpd/site/trunk/content/security/json: CVE-2010-2068.json CVE-2010-2791.json CVE-2011-0419.json CVE-2011-3368.json
- lists.apache.org: [httpd-cvs] 20210603 svn commit: r1075360 [1/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
- lists.apache.org: [httpd-cvs] 20210606 svn commit: r1075467 [1/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
- lists.apache.org: [httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
