CVE-2011-1176 - OpenCVE

The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileges by leveraging the root uid and root gid of an mpm-itk process.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Apache	Http Server
Debian	Debian Linux
Mpm-itk Project	Mpm-itk

Configuration 1 [-]

AND

OR	cpe:2.3:a:mpm-itk_project:mpm-itk:2.2.11-01:::::::*
	cpe:2.3:a:mpm-itk_project:mpm-itk:2.2.11-02:::::::*

cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:debian:debian_linux:5.0:::::::*
	cpe:2.3:o:debian:debian_linux:6.0:::::::*
	cpe:2.3:o:debian:debian_linux:7.0:::::::*

No data.

References

Link	Providers
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=618857
http://lists.err.no/pipermail/mpm-itk/2011-March/000393.html
http://lists.err.no/pipermail/mpm-itk/2011-March/000394.html
http://openwall.com/lists/oss-security/2011/03/20/1
http://openwall.com/lists/oss-security/2011/03/21/13
http://www.debian.org/security/2011/dsa-2202
http://www.mandriva.com/security/advisories?name=MDVSA-2011:057
http://www.securityfocus.com/bid/46953
http://www.vupen.com/english/advisories/2011/0748
http://www.vupen.com/english/advisories/2011/0749
http://www.vupen.com/english/advisories/2011/0824
https://exchange.xforce.ibmcloud.com/vulnerabilities/66248

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2011-03-29T18:00:00

Updated: 2024-08-06T22:21:32.223Z

Reserved: 2011-03-03T00:00:00

Link: CVE-2011-1176

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2011-03-29T18:55:02.003

Modified: 2020-11-16T20:47:52.200

Link: CVE-2011-1176

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-03-20T00:00:00", "descriptions": [{"lang": "en", "value": "The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileges by leveraging the root uid and root gid of an mpm-itk process."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "46953", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/46953"}, {"name": "MDVSA-2011:057", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:057"}, {"name": "[mpm-itk] 20110321 mpm-itk version 2.2.17-01 released", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.err.no/pipermail/mpm-itk/2011-March/000394.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=618857"}, {"name": "apache-mtmitk-weak-security(66248)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66248"}, {"name": "ADV-2011-0824", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0824"}, {"name": "ADV-2011-0748", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0748"}, {"name": "DSA-2202", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2011/dsa-2202"}, {"name": "ADV-2011-0749", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0749"}, {"name": "[oss-security] 20110321 Re: CVE request: MPM-ITK module for Apache HTTPD", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2011/03/21/13"}, {"name": "[oss-security] 20110320 CVE request: MPM-ITK module for Apache HTTPD", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2011/03/20/1"}, {"name": "[mpm-itk] 20110321 CVE 2011-1176: Sometimes runs as root instead of the default Apache user", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.err.no/pipermail/mpm-itk/2011-March/000393.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2011-1176", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileges by leveraging the root uid and root gid of an mpm-itk process."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "46953", "refsource": "BID", "url": "http://www.securityfocus.com/bid/46953"}, {"name": "MDVSA-2011:057", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:057"}, {"name": "[mpm-itk] 20110321 mpm-itk version 2.2.17-01 released", "refsource": "MLIST", "url": "http://lists.err.no/pipermail/mpm-itk/2011-March/000394.html"}, {"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=618857", "refsource": "CONFIRM", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=618857"}, {"name": "apache-mtmitk-weak-security(66248)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66248"}, {"name": "ADV-2011-0824", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0824"}, {"name": "ADV-2011-0748", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0748"}, {"name": "DSA-2202", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2011/dsa-2202"}, {"name": "ADV-2011-0749", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0749"}, {"name": "[oss-security] 20110321 Re: CVE request: MPM-ITK module for Apache HTTPD", "refsource": "MLIST", "url": "http://openwall.com/lists/oss-security/2011/03/21/13"}, {"name": "[oss-security] 20110320 CVE request: MPM-ITK module for Apache HTTPD", "refsource": "MLIST", "url": "http://openwall.com/lists/oss-security/2011/03/20/1"}, {"name": "[mpm-itk] 20110321 CVE 2011-1176: Sometimes runs as root instead of the default Apache user", "refsource": "MLIST", "url": "http://lists.err.no/pipermail/mpm-itk/2011-March/000393.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T22:21:32.223Z"}, "title": "CVE Program Container", "references": [{"name": "46953", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/46953"}, {"name": "MDVSA-2011:057", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:057"}, {"name": "[mpm-itk] 20110321 mpm-itk version 2.2.17-01 released", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.err.no/pipermail/mpm-itk/2011-March/000394.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=618857"}, {"name": "apache-mtmitk-weak-security(66248)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66248"}, {"name": "ADV-2011-0824", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0824"}, {"name": "ADV-2011-0748", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0748"}, {"name": "DSA-2202", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2011/dsa-2202"}, {"name": "ADV-2011-0749", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0749"}, {"name": "[oss-security] 20110321 Re: CVE request: MPM-ITK module for Apache HTTPD", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2011/03/21/13"}, {"name": "[oss-security] 20110320 CVE request: MPM-ITK module for Apache HTTPD", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2011/03/20/1"}, {"name": "[mpm-itk] 20110321 CVE 2011-1176: Sometimes runs as root instead of the default Apache user", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.err.no/pipermail/mpm-itk/2011-March/000393.html"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-1176", "datePublished": "2011-03-29T18:00:00", "dateReserved": "2011-03-03T00:00:00", "dateUpdated": "2024-08-06T22:21:32.223Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mpm-itk_project:mpm-itk:2.2.11-01:*:*:*:*:*:*:*", "matchCriteriaId": "6720BE80-ADB0-4B14-BAD8-D89D9DE7A645", "vulnerable": true}, {"criteria": "cpe:2.3:a:mpm-itk_project:mpm-itk:2.2.11-02:*:*:*:*:*:*:*", "matchCriteriaId": "07684254-212B-4346-BE15-FF3767958979", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "5A6CD1F4-4C0E-4989-A2B3-DC086E8E80A3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileges by leveraging the root uid and root gid of an mpm-itk process."}, {"lang": "es", "value": "La fusi\u00f3n de configuraci\u00f3n en itk.c en el Steinar H. Gunderson mpm-itk Multi-Processing Module v2.2.11-01 y v2.2.11-02 para el Servidor Apache HTTP, no maneja adecuadamente ciertas secciones de configuraci\u00f3n que especifican NiceValue pero no AssignUserID, lo que podr\u00eda permitir a atacantes remotos obtener privilegios mediante el aprovechamiento de la UID y GID de root de un proceso mpm-itk."}], "id": "CVE-2011-1176", "lastModified": "2020-11-16T20:47:52.200", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-03-29T18:55:02.003", "references": [{"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=618857"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Third Party Advisory"], "url": "http://lists.err.no/pipermail/mpm-itk/2011-March/000393.html"}, {"source": "secalert@redhat.com", "tags": ["Release Notes", "Third Party Advisory"], "url": "http://lists.err.no/pipermail/mpm-itk/2011-March/000394.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://openwall.com/lists/oss-security/2011/03/20/1"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://openwall.com/lists/oss-security/2011/03/21/13"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2011/dsa-2202"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:057"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/46953"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0748"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0749"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0824"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66248"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}