Lucene search

K
archlinuxArchLinuxASA-202110-1
HistoryOct 21, 2021 - 12:00 a.m.

[ASA-202110-1] apache: directory traversal

2021-10-2100:00:00
security.archlinux.org
45

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.975

Percentile

100.0%

Arch Linux Security Advisory ASA-202110-1

Severity: Critical
Date : 2021-10-21
CVE-ID : CVE-2021-42013
Package : apache
Type : directory traversal
Remote : Yes
Link : https://security.archlinux.org/AVG-2450

Summary

The package apache before version 2.4.51-1 is vulnerable to directory
traversal.

Resolution

Upgrade to 2.4.51-1.

pacman -Syu “apache>=2.4.51-1”

The problem has been fixed upstream in version 2.4.51.

Workaround

None.

Description

It was found that the fix for CVE-2021-41773 in Apache HTTP Server
2.4.50 was insufficient. An attacker could use a path traversal attack
to map URLs to files outside the directories configured by Alias-like
directives. If files outside of these directories are not protected by
the usual default configuration “require all denied”, these requests
can succeed. If CGI scripts are also enabled for these aliased pathes,
this could allow for remote code execution. This issue only affects
Apache 2.4.49 and Apache 2.4.50 and not earlier versions.

Impact

A remote attacker could trick the HTTP server into executing arbitrary
executables in its file system through path traversal.

References

https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2021-42013
https://twitter.com/roman_soft/status/1446252280597078024
https://github.com/icing/blog/blob/main/httpd-2.4.50.md
https://svn.apache.org/viewvc?view=revision&revision=1893971
https://security.archlinux.org/CVE-2021-42013

OSVersionArchitecturePackageVersionFilename
ArchLinuxanyanyapache< 2.4.51-1UNKNOWN

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.975

Percentile

100.0%