RHEL 7 : rh-perl526-mod_perl (RHSA-2018:2825)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2825 advisory. Modperl incorporates a Perl interpreter into the Apache web server, such that the Apache HTTP server can directly execute Perl code. Security Fixes:...

RHEL 5 : mod_perl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - modperl: arbitrary Perl code execution in the context of the user account via a user-owned .htaccess CVE-2011-2767...

RHEL 6 / 7 : rh-perl524-mod_perl (RHSA-2018:2826)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2826 advisory. - modperl: arbitrary Perl code execution in the context of the user account via a user-owned .htaccess CVE-2011-2767 Note that Nessus has not...

K21766035: mod_perl vulnerability CVE-2011-2767

Security Advisory Description modperl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because contrary to the documentation there is no configuration option that permits Perl code for the administrator's control of HTTP request...

Mageia: Security Advisory (MGASA-2018-0474)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES11 Security Update : apache2-mod_perl (SUSE-SU-2020:14266-1)

The remote SUSE Linux SLES11 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2020:14266-1 advisory. - modperl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because contrary to the...

SUSE: Security Advisory (SUSE-SU-2020:14266-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:3213-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : apache2-mod_perl (openSUSE-2019-2549)

This update for apache2-modperl to version 2.0.11 fixes the following issues : Security issue fixed : - CVE-2011-2767: Fixed a vulnerability which could have allowed perl code execution in the context of user account bsc1156944. Other issue addressed : - Restore process name after svsetpvmg call...

Security update for apache2-mod_perl (moderate)

openSUSE Security Update: Security update for apache2-modperl Announcement ID: openSUSE-SU-2019:2558-1 Rating: moderate References: 1091625 1156944 Cross-References: CVE-2011-2767 Affected Products: openSUSE Backports SLE-15-SP1 openSUSE Backports SLE-15 An update that solves one vulnerability an...

openSUSE: Security Advisory for apache2-mod_perl (openSUSE-SU-2019:2549-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2019:2549-1 Security update for apache2-mod_perl

This update for apache2-modperl to version 2.0.11 fixes the following issues: Security issue fixed: - CVE-2011-2767: Fixed a vulnerability which could have allowed perl code execution in the context of user account bsc1156944. Other issue addressed: - Restore process name after svsetpvmg call...

Security update for apache2-mod_perl (moderate)

openSUSE Security Update: Security update for apache2-modperl Announcement ID: openSUSE-SU-2019:2549-1 Rating: moderate References: 1091625 1156944 Cross-References: CVE-2011-2767 Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 An update that solves one vulnerability and has one errata i...

NewStart CGSL MAIN 4.05 : mod_perl Vulnerability (NS-SA-2019-0134)

The remote NewStart CGSL host, running version MAIN 4.05, has modperl packages installed that are affected by a vulnerability: - modperl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because contrary to the documentation there is ...

Fedora 29 : mod_perl (2018-f6a5b71464)

This release fixes CVE-2011-2767 vulnerability an arbitrary Perl code execution in the context of the httpd server by disabling sections in non-server-level configuration. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system...

Fedora 28 : mod_perl (2018-0ddef94854)

This release fixes CVE-2011-2767 vulnerability an arbitrary Perl code execution in the context of the httpd server by disabling sections in non-server-level configuration. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system...

Updated apache-mod_perl packages fix security vulnerability

A flaw was found in modperl 2.0 through 2.0.10 which allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because contrary to the documentation there is no configuration option that permits Perl code for the administrator's control of HTTP request processi...

Ubuntu: Security Advisory (USN-3825-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux AMI : mod_perl / mod24_perl (ALAS-2018-1085)

modperl allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because contrary to the documentation there is no configuration option that permits Perl code for the administrator's control of HTTP request processing without also permitting unprivileged users...

Important: mod_perl, mod24_perl

Issue Overview: modperl allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because contrary to the documentation there is no configuration option that permits Perl code for the administrator's control of HTTP request processing without also permitting...