Security Bypass in the Apache mod_rewrite

Posted: May 16, 2013 in Vulnerability News
Tags: , ,

Apache VulnerabilitySecurity Bypass vulnerability has been found in the Apache mod_rewrite.

The vulnerability allows an attacker to execute arbitrary command when viewing the log file by the server administrator.

In the module mod_rewrite of the HTTP-server Apache 2.2.x series vulnerability has been discovered (CVE-2013-1862), which allows an attacker to execute arbitrary command when viewing the log file by the server administrator.

Through specially crafted requests to the web-server, an attacker can write to a log file, for example, system commands, as mod_rewrite when writing to the log file does not escape special characters. Proper manipulation of sequences allows you to run arbitrary commands as the user performing the scan log (usually these log files are readable only by the user root).

Patch to fix the vulnerability is available. RHEL and CentOS developers have fixed the current problem in their products. In Debian aware of current vulnerabilities, but does not regard it as a serious threat.

Detailed description of vulnerability

Security Bypass Apache mod_rewrite

Danger level: Low
The presence of fixes: Yes
The number of vulnerabilities: 1

CVE ID: CVE-2013-1862
Vector of operation: Remote
Impact: Privilege escalation
CWE ID: CWE-78: OS Command Execution

Affected products: Apache 2.4.x

Affected versions: Apache HTTP Server 2.4.x

Description:

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability is due to the fact that the mod_rewrite correctly filters the data when logging RewriteLog. This can be exploited to execute arbitrary commands in the context of the user’s session, which looks log-files.

Manufacturer URL: http://www.apache.org/

Solution: To resolve the vulnerability establish patch from a site of the manufacturer.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s