National Cyber Awareness System

Vulnerability Summary for CVE-2009-1195

Overview

The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring (1) Options Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC in a .htaccess file, and then inserting an exec element in a .shtml file.

Impact

CVSS Severity (version 2.0):

CVSS Version 2 Metrics:

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

External Source: CONFIRM

Name: https://bugzilla.redhat.com/show_bug.cgi?id=489436

Type: Patch Information; Exploit

Hyperlink:https://bugzilla.redhat.com/show_bug.cgi?id=489436

External Source: CONFIRM

Name: http://svn.apache.org/viewvc?view=rev&revision=772997

Type: Advisory; Patch Information; Exploit

Hyperlink:http://svn.apache.org/viewvc?view=rev&revision=772997

External Source: FEDORA

Name: FEDORA-2009-8812

Hyperlink:https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01363.html

External Source: XF

Name: apache-allowoverrides-security-bypass(50808)

Hyperlink:http://xforce.iss.net/xforce/xfdb/50808

External Source: VUPEN

Name: ADV-2009-3184

Hyperlink:http://www.vupen.com/english/advisories/2009/3184

External Source: VUPEN

Name: ADV-2009-1444

Hyperlink:http://www.vupen.com/english/advisories/2009/1444

External Source: UBUNTU

Name: USN-787-1

Hyperlink:http://www.ubuntu.com/usn/usn-787-1

External Source: SECTRACK

Name: 1022296

Hyperlink:http://www.securitytracker.com/id?1022296

External Source: BID

Name: 35115

Hyperlink:http://www.securityfocus.com/bid/35115

External Source: BUGTRAQ

Name: 20091113 rPSA-2009-0142-2 httpd mod_ssl

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/507857/100/0/threaded

External Source: BUGTRAQ

Name: 20091112 rPSA-2009-0142-1 httpd mod_ssl

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/507852/100/0/threaded

External Source: REDHAT

Name: RHSA-2009:1156

Hyperlink:http://www.redhat.com/support/errata/RHSA-2009-1156.html

External Source: REDHAT

Name: RHSA-2009:1075

Hyperlink:http://www.redhat.com/support/errata/RHSA-2009-1075.html

External Source: MANDRIVA

Name: MDVSA-2009:124

Hyperlink:http://www.mandriva.com/security/advisories?name=MDVSA-2009:124

External Source: DEBIAN

Name: DSA-1816

Hyperlink:http://www.debian.org/security/2009/dsa-1816

External Source: CONFIRM

Name: http://wiki.rpath.com/Advisories:rPSA-2009-0142

Hyperlink:http://wiki.rpath.com/Advisories:rPSA-2009-0142

External Source: CONFIRM

Name: http://support.apple.com/kb/HT3937

Hyperlink:http://support.apple.com/kb/HT3937

External Source: GENTOO

Name: GLSA-200907-04

Hyperlink:http://security.gentoo.org/glsa/glsa-200907-04.xml

External Source: SECUNIA

Name: 37152

Hyperlink:http://secunia.com/advisories/37152

External Source: SECUNIA

Name: 35721

Hyperlink:http://secunia.com/advisories/35721

External Source: SECUNIA

Name: 35453

Hyperlink:http://secunia.com/advisories/35453

External Source: SECUNIA

Name: 35395

Hyperlink:http://secunia.com/advisories/35395

External Source: SECUNIA

Name: 35264

Type: Advisory

Hyperlink:http://secunia.com/advisories/35264

External Source: SECUNIA

Name: 35261

Hyperlink:http://secunia.com/advisories/35261

External Source: OVAL

Name: oval:org.mitre.oval:def:8704

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8704

External Source: OVAL

Name: oval:org.mitre.oval:def:12377

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:12377

External Source: OVAL

Name: oval:org.mitre.oval:def:11094

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11094

External Source: OSVDB

Name: 54733

Hyperlink:http://osvdb.org/54733

External Source: HP

Name: SSRT100345

Hyperlink:http://marc.info/?l=bugtraq&m=129190899612998&w=2

External Source: HP

Name: SSRT100345

Hyperlink:http://marc.info/?l=bugtraq&m=129190899612998&w=2

External Source: MLIST

Name: [apache-httpd-dev] 20090423 Includes vs IncludesNoExec security issue - help needed

Hyperlink:http://marc.info/?l=apache-httpd-dev&m=124048996106302&w=2

External Source: SUSE

Name: SUSE-SA:2009:050

Hyperlink:http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00006.html

External Source: APPLE

Name: APPLE-SA-2009-11-09-1

Hyperlink:http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html

References to Check Content

Identifier:oval:org.mitre.oval:def:11094

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:11094

Identifier:oval:org.mitre.oval:def:8704

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:8704

Identifier:oval:org.mitre.oval:def:12377

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:12377