Security Bypass vulnerability has been found in the Apache mod_rewrite.
The vulnerability allows an attacker to execute arbitrary command when viewing the log file by the server administrator.
In the module mod_rewrite of the HTTP-server Apache 2.2.x series vulnerability has been discovered (CVE-2013-1862), which allows an attacker to execute arbitrary command when viewing the log file by the server administrator.
Through specially crafted requests to the web-server, an attacker can write to a log file, for example, system commands, as mod_rewrite when writing to the log file does not escape special characters. Proper manipulation of sequences allows you to run arbitrary commands as the user performing the scan log (usually these log files are readable only by the user root).
Patch to fix the vulnerability is available. RHEL and CentOS developers have fixed the current problem in their products. In Debian aware of current vulnerabilities, but does not regard it as a serious threat.
Detailed description of vulnerability
Security Bypass Apache mod_rewrite
Danger level: Low
The presence of fixes: Yes
The number of vulnerabilities: 1
CVE ID: CVE-2013-1862
Vector of operation: Remote
Impact: Privilege escalation
CWE ID: CWE-78: OS Command Execution
Affected products: Apache 2.4.x
Affected versions: Apache HTTP Server 2.4.x
The vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability is due to the fact that the mod_rewrite correctly filters the data when logging RewriteLog. This can be exploited to execute arbitrary commands in the context of the user’s session, which looks log-files.
Manufacturer URL: http://www.apache.org/
Solution: To resolve the vulnerability establish patch from a site of the manufacturer.