Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2009-3095

Опубликовано: 08 сент. 2009
Источник: nvd
CVSS2: 5
EPSS Низкий

Описание

The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
Версия от 2.0.35 (включая) до 2.0.64 (исключая)
cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
Версия от 2.2.0 (включая) до 2.2.14 (исключая)
Конфигурация 2

Одно из

cpe:2.3:o:fedoraproject:fedora:10:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
Конфигурация 4

Одно из

cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:10:sp2:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:10:sp3:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:10:sp2:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:-:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:*
Конфигурация 5
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
Версия до 10.6.3 (исключая)

EPSS

Процентиль: 88%
0.03989
Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

ubuntu логотип

CVE-2009-3095

ubuntu
почти 16 лет назад

The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11.

redhat логотип

CVE-2009-3095

redhat
почти 16 лет назад

The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11.

debian логотип

CVE-2009-3095

debian
почти 16 лет назад

The mod_proxy_ftp module in the Apache HTTP Server allows remote attac ...

github логотип

GHSA-w532-9px6-hv54

github
около 3 лет назад

The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11.

oracle-oval логотип

ELSA-2009-1579

oracle-oval
больше 15 лет назад

ELSA-2009-1579: httpd security update (MODERATE)

EPSS

Процентиль: 88%
0.03989
Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other