Description
The mod_proxy module in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x before 2.2.18, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers by using the HTTP/0.9 protocol with a malformed URI containing an initial @ (at sign) character. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Tomas Hoger · textremotelinux
https://www.exploit-db.com/exploits/36663
References (4)
Core 4
Core References
Patch x_refsource_confirm
http://svn.apache.org/viewvc?view=revision&revision=1188745
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=752080
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2012-0128.html
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2012/dsa-2405
Scores
EPSS
0.0976
EPSS Percentile
93.0%
Details
CWE
CWE-20
Status
published
Products (50)
apache/http_server
2.0.11
apache/http_server
2.0.12
apache/http_server
2.0.13
apache/http_server
2.0.14
apache/http_server
2.0.15
apache/http_server
2.0.16
apache/http_server
2.0.17
apache/http_server
2.0.18
apache/http_server
2.0.19
apache/http_server
2.0.20
... and 40 more
Published
Nov 30, 2011
Tracked Since
Feb 18, 2026