Computer Security Global Security Mag Online anti virus spywares job oofers telecom and network security
- english:
- Product Reviews:
- Business News:
- MAGIC QUADRANT :
- Market News:
- WHITE PAPER:
- Special Reports:
- Interviews:
- Opinion:
- EVENTS:
- Security Vulnerability:
- Malware Update:
- Diary:
- Guide & Podcast:
- Jobs:
- International News:
- CONTACTS:
- TRAINING :
Global Security Magazine Online antivirus
Product Reviews
Business News
MAGIC QUADRANT 
Market News
Special Reports
Opinion
EVENTS
Security Vulnerability
Malware Update
Diary
Guide & Podcast
Jobs
International News
CONTACTS
Flux RSS
| Vigil@nce: Apache httpd, bypassing AllowOverride |
| June 2009 by Vigil@nce |
| A local attacker can create a .htaccess file in order to bypass restrictions of AllowOverride. |
| Severity: 1/4 Consequences: data reading, data creation/edition Provenance: user account Means of attack: no proof of concept, no attack Ability of attacker: expert (4/4) Confidence: confirmed by the editor (5/5) Diffusion of the vulnerable configuration: high (3/3) Creation date: 16/06/2009 IMPACTED PRODUCTS
DESCRIPTION OF THE VULNERABILITY The AllowOverride directive of the Apache httpd configuration file
indicates if directives located in a .htaccess file are honoured.
For example:
Since Apache httpd version 2.2, the Option parameter of the
AllowOverride directive can restrict the list of allowed options.
For example:
However, due to a logic error, when at least one option is indicated in AllowOverride, they are all allowed (as it was the case before Apache httpd < 2.2). An attacker can therefore for example enable the "Includes" option in a .htaccess file in order to use "#exec cmd" and "#exec cgi" commands. CHARACTERISTICS Identifiers: 44262, DSA 1816-1, VIGILANCE-VUL-8798 http://vigilance.fr/vulnerability/Apache-httpd-bypassing-AllowOverride-8798 |
< previous next > |
Apache httpd
