{"containers": {"cna": {"affected": [{"product": "mod_perl 2.0 through 2.0.10", "vendor": "n/a", "versions": [{"status": "affected", "version": "mod_perl 2.0 through 2.0.10"}]}], "datePublic": "2018-08-26T00:00:00", "descriptions": [{"lang": "en", "value": "mod_perl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no configuration option that permits Perl code for the administrator's control of HTTP request processing without also permitting unprivileged users to run Perl code in the context of the user account that runs Apache HTTP Server processes."}], "problemTypes": [{"descriptions": [{"description": "code execution", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-11-24T12:07:02", "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "shortName": "debian"}, "references": [{"name": "[debian-lts-announce] 20180918 [SECURITY] [DLA 1507-1] libapache2-mod-perl2 security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00018.html"}, {"name": "105195", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/105195"}, {"name": "USN-3825-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3825-1/"}, {"tags": ["x_refsource_MISC"], "url": "https://bugs.debian.org/644169"}, {"name": "RHSA-2018:2826", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:2826"}, {"tags": ["x_refsource_MISC"], "url": "https://mail-archives.apache.org/mod_mbox/perl-modperl/201110.mbox/raw/%3C20111004084343.GA21290%40ktnx.net%3E"}, {"name": "RHSA-2018:2825", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:2825"}, {"name": "RHSA-2018:2737", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:2737"}, {"name": "USN-3825-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3825-2/"}, {"name": "[perl-modperl-cvs] 20190924 svn commit: r1867470 - /perl/modperl/trunk/src/modules/perl/mod_perl.c", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/c8ebe8aad147a3ad2e7b0e8b2da45263171ab5d0fc7f8c100feaa94d%40%3Cmodperl-cvs.perl.apache.org%3E"}, {"name": "openSUSE-SU-2019:2549", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00063.html"}, {"name": "openSUSE-SU-2019:2558", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00065.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@debian.org", "ID": "CVE-2011-2767", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "mod_perl 2.0 through 2.0.10", "version": {"version_data": [{"version_value": "mod_perl 2.0 through 2.0.10"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "mod_perl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no configuration option that permits Perl code for the administrator's control of HTTP request processing without also permitting unprivileged users to run Perl code in the context of the user account that runs Apache HTTP Server processes."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "code execution"}]}]}, "references": {"reference_data": [{"name": "[debian-lts-announce] 20180918 [SECURITY] [DLA 1507-1] libapache2-mod-perl2 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00018.html"}, {"name": "105195", "refsource": "BID", "url": "http://www.securityfocus.com/bid/105195"}, {"name": "USN-3825-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3825-1/"}, {"name": "https://bugs.debian.org/644169", "refsource": "MISC", "url": "https://bugs.debian.org/644169"}, {"name": "RHSA-2018:2826", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2826"}, {"name": "https://mail-archives.apache.org/mod_mbox/perl-modperl/201110.mbox/raw/%3C20111004084343.GA21290%40ktnx.net%3E", "refsource": "MISC", "url": "https://mail-archives.apache.org/mod_mbox/perl-modperl/201110.mbox/raw/%3C20111004084343.GA21290%40ktnx.net%3E"}, {"name": "RHSA-2018:2825", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2825"}, {"name": "RHSA-2018:2737", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2737"}, {"name": "USN-3825-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3825-2/"}, {"name": "[perl-modperl-cvs] 20190924 svn commit: r1867470 - /perl/modperl/trunk/src/modules/perl/mod_perl.c", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/c8ebe8aad147a3ad2e7b0e8b2da45263171ab5d0fc7f8c100feaa94d@%3Cmodperl-cvs.perl.apache.org%3E"}, {"name": "openSUSE-SU-2019:2549", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00063.html"}, {"name": "openSUSE-SU-2019:2558", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00065.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T23:15:30.814Z"}, "title": "CVE Program Container", "references": [{"name": "[debian-lts-announce] 20180918 [SECURITY] [DLA 1507-1] libapache2-mod-perl2 security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00018.html"}, {"name": "105195", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/105195"}, {"name": "USN-3825-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3825-1/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugs.debian.org/644169"}, {"name": "RHSA-2018:2826", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:2826"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://mail-archives.apache.org/mod_mbox/perl-modperl/201110.mbox/raw/%3C20111004084343.GA21290%40ktnx.net%3E"}, {"name": "RHSA-2018:2825", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:2825"}, {"name": "RHSA-2018:2737", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:2737"}, {"name": "USN-3825-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3825-2/"}, {"name": "[perl-modperl-cvs] 20190924 svn commit: r1867470 - /perl/modperl/trunk/src/modules/perl/mod_perl.c", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/c8ebe8aad147a3ad2e7b0e8b2da45263171ab5d0fc7f8c100feaa94d%40%3Cmodperl-cvs.perl.apache.org%3E"}, {"name": "openSUSE-SU-2019:2549", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00063.html"}, {"name": "openSUSE-SU-2019:2558", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00065.html"}]}]}, "cveMetadata": {"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "assignerShortName": "debian", "cveId": "CVE-2011-2767", "datePublished": "2018-08-26T16:00:00", "dateReserved": "2011-07-19T00:00:00", "dateUpdated": "2024-08-06T23:15:30.814Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:mod_perl:*:*:*:*:*:*:*:*", "matchCriteriaId": "039DC6B9-E1D3-418B-9602-7C39AB4280D3", "versionEndIncluding": "2.0.10", "versionStartIncluding": "2.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*", "matchCriteriaId": "84FF61DF-D634-4FB5-8DF1-01F631BE1A7A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "B99A2411-7F6A-457F-A7BF-EB13C630F902", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "041F9200-4C01-4187-AE34-240E8277B54D", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*", "matchCriteriaId": "4EB48767-F095-444F-9E05-D9AC345AB803", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "5F6FA12B-504C-4DBF-A32E-0548557AA2ED", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "matchCriteriaId": "07C312A0-CD2C-4B9C-B064-6409B25C278F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "mod_perl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no configuration option that permits Perl code for the administrator's control of HTTP request processing without also permitting unprivileged users to run Perl code in the context of the user account that runs Apache HTTP Server processes."}, {"lang": "es", "value": "mod_perl 2.0 hasta la versi\u00f3n 2.0.10 permite que los atacantes ejecuten c\u00f3digo Perl coloc\u00e1ndolo en un archivo .htaccess propiedad del usuario, debido a que (al contrario de lo que pone en la documentaci\u00f3n) no hay una opci\u00f3n de configuraci\u00f3n que permita el c\u00f3digo Perl para el control de administrador del procesamiento de peticiones HTTP sin permitir tambi\u00e9n que usuarios sin privilegios ejecuten c\u00f3digo Perl en el contexto de la cuenta de usuario que ejecuta los procesos Apache HTTP Server."}], "id": "CVE-2011-2767", "lastModified": "2023-11-07T02:07:45.910", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-08-26T16:29:00.230", "references": [{"source": "security@debian.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00063.html"}, {"source": "security@debian.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00065.html"}, {"source": "security@debian.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/105195"}, {"source": "security@debian.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:2737"}, {"source": "security@debian.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:2825"}, {"source": "security@debian.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:2826"}, {"source": "security@debian.org", "tags": ["Issue Tracking", "Mailing List", "Third Party Advisory"], "url": "https://bugs.debian.org/644169"}, {"source": "security@debian.org", "url": "https://lists.apache.org/thread.html/c8ebe8aad147a3ad2e7b0e8b2da45263171ab5d0fc7f8c100feaa94d%40%3Cmodperl-cvs.perl.apache.org%3E"}, {"source": "security@debian.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00018.html"}, {"source": "security@debian.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://mail-archives.apache.org/mod_mbox/perl-modperl/201110.mbox/raw/%3C20111004084343.GA21290%40ktnx.net%3E"}, {"source": "security@debian.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3825-1/"}, {"source": "security@debian.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3825-2/"}], "sourceIdentifier": "security@debian.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2018:2737", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "mod_perl-0:2.0.4-12.el6_10", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2018-09-24T00:00:00Z"}, {"advisory": "RHSA-2018:2826", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el6", "package": "rh-perl524-mod_perl-0:2.0.9-10.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6", "release_date": "2018-09-27T00:00:00Z"}, {"advisory": "RHSA-2018:2826", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el6", "package": "rh-perl524-mod_perl-0:2.0.9-10.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS", "release_date": "2018-09-27T00:00:00Z"}, {"advisory": "RHSA-2018:2825", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-perl526-mod_perl-0:2.0.10-10.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2018-09-27T00:00:00Z"}, {"advisory": "RHSA-2018:2826", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-perl524-mod_perl-0:2.0.9-10.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2018-09-27T00:00:00Z"}, {"advisory": "RHSA-2018:2825", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-perl526-mod_perl-0:2.0.10-10.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.3 EUS", "release_date": "2018-09-27T00:00:00Z"}, {"advisory": "RHSA-2018:2826", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-perl524-mod_perl-0:2.0.9-10.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.3 EUS", "release_date": "2018-09-27T00:00:00Z"}, {"advisory": "RHSA-2018:2825", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-perl526-mod_perl-0:2.0.10-10.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS", "release_date": "2018-09-27T00:00:00Z"}, {"advisory": "RHSA-2018:2826", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-perl524-mod_perl-0:2.0.9-10.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS", "release_date": "2018-09-27T00:00:00Z"}, {"advisory": "RHSA-2018:2825", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-perl526-mod_perl-0:2.0.10-10.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.5 EUS", "release_date": "2018-09-27T00:00:00Z"}, {"advisory": "RHSA-2018:2826", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-perl524-mod_perl-0:2.0.9-10.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.5 EUS", "release_date": "2018-09-27T00:00:00Z"}], "bugzilla": {"description": "mod_perl: arbitrary Perl code execution in the context of the user account via a user-owned .htaccess", "id": "1623265", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1623265"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.3", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "status": "verified"}, "cwe": "CWE-266", "details": ["mod_perl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no configuration option that permits Perl code for the administrator's control of HTTP request processing without also permitting unprivileged users to run Perl code in the context of the user account that runs Apache HTTP Server processes."], "mitigation": {"lang": "en:us", "value": "Disabling the UserDir directive and also setting AllowOverride None should prevent the processing of perl in user .htaccess files."}, "name": "CVE-2011-2767", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "mod_perl", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "mod_perl", "product_name": "Red Hat Enterprise Linux 8"}], "public_date": "2011-10-03T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2011-2767\nhttps://nvd.nist.gov/vuln/detail/CVE-2011-2767"], "statement": "The default configurations shipped in Red Hat Enterprise Linux 6 and Red Hat Software Collections are not vulnerable to to this flaw. The UserDir option needs to be enabled as well as AllowOverride being set to values other than \"None\" for this to potentially pose a threat.", "threat_severity": "Important"}