Описание
In Apache httpd 2.4.0 to 2.4.29, the expression specified in could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are are externally blocked, but only by matching the trailing portion of the filename.
Отчет
The "FilesMatch" directive is not enabled in the default httpd configuration as shipped with Red Hat Enterprise Linux, and needs to be explicitly enabled. Therefore this flaw has no impact on the default versions of the httpd package as shipped with Red Hat Enterprise Linux. Red Hat Satellite 6 uses Red Hat Enterprise Linux 7's httpd package, and enables the "FilesMatch" directive. However, this is not believed to have an impact on security, as, in the context of a Satellite, no one is expected to have the ability to modify file names in the concerned directories. This is not considered as a vector for attack.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | httpd | Not affected | ||
| Red Hat Enterprise Linux 6 | httpd | Will not fix | ||
| Red Hat Enterprise Linux 8 | httpd | Not affected | ||
| Red Hat JBoss Enterprise Web Server 2 | httpd | Will not fix | ||
| Red Hat JBoss Web Server 3 | httpd | Not affected | ||
| Red Hat Mobile Application Platform 4 | rhmap-httpd-docker | Not affected | ||
| JBoss Core Services on RHEL 6 | jbcs-httpd24 | Fixed | RHSA-2019:0367 | 18.02.2019 |
| JBoss Core Services on RHEL 6 | jbcs-httpd24-apache-commons-daemon-jsvc | Fixed | RHSA-2019:0367 | 18.02.2019 |
| JBoss Core Services on RHEL 6 | jbcs-httpd24-apr | Fixed | RHSA-2019:0367 | 18.02.2019 |
| JBoss Core Services on RHEL 6 | jbcs-httpd24-apr-util | Fixed | RHSA-2019:0367 | 18.02.2019 |
Показывать по
Дополнительная информация
Статус:
EPSS
3.7 Low
CVSS3
Связанные уязвимости
In Apache httpd 2.4.0 to 2.4.29, the expression specified in <FilesMatch> could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are are externally blocked, but only by matching the trailing portion of the filename.
In Apache httpd 2.4.0 to 2.4.29, the expression specified in <FilesMatch> could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are are externally blocked, but only by matching the trailing portion of the filename.
In Apache httpd 2.4.0 to 2.4.29, the expression specified in <FilesMat ...
In Apache httpd 2.4.0 to 2.4.29, the expression specified in <FilesMatch> could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are are externally blocked, but only by matching the trailing portion of the filename.
Уязвимость компонента <FilesMatch> веб-сервера Apache HTTP Server, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
EPSS
3.7 Low
CVSS3