CVE-2009-1195
Published: 28 May 2009
The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring (1) Options Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC in a .htaccess file, and then inserting an exec element in a .shtml file.
Notes
Author | Note |
---|---|
jdstrand | the RedHat patch broke mod_perl. Be sure to use all the upstream patches to avoid https://qa.mandriva.com/show_bug.cgi?id=51554 Ubuntu 6.06 LTS is not affected because it doesn't have per-Option AllowOverrides logic (see http://marc.info/?l=apache-httpd-dev&m=124092657628747&w=2) apache 2.2.8 and under also need r652885 |
Priority
Status
Package | Release | Status |
---|---|---|
apache2 Launchpad, Ubuntu, Debian |
dapper |
Not vulnerable
(2.0.55-4ubuntu2.4)
|
hardy |
Released
(2.2.8-1ubuntu0.8)
|
|
intrepid |
Released
(2.2.9-7ubuntu3.1)
|
|
jaunty |
Released
(2.2.11-2ubuntu2.1)
|
|
upstream |
Released
(2.2.11-6)
|
|
Patches: vendor: https://bugzilla.redhat.com/attachment.cgi?id=343605 upstream: http://svn.apache.org/viewvc?view=rev&revision=773881 upstream: http://svn.apache.org/viewvc?view=rev&revision=779472 upstream: http://people.apache.org/~trawick/mod_perl_more_compat.txt upstream: http://svn.apache.org/viewvc?view=rev&revision=652885 |