Vulnerability Database

290,020

Total vulnerabilities in the database

CVE-2011-3368

The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.

  • Published: Oct 6, 2011
  • Updated: Apr 13, 2023
  • CVE: CVE-2011-3368
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

Software From Fixed in
apache / http_server 1.3.38 1.3.38.x
apache / http_server 1.3.23 1.3.23.x
apache / http_server 1.3.27 1.3.27.x
apache / http_server 1.3.10 1.3.10.x
apache / http_server 1.3.33 1.3.33.x
apache / http_server 1.3.8 1.3.8.x
apache / http_server 1.3.36 1.3.36.x
apache / http_server 1.3.16 1.3.16.x
apache / http_server 1.3.1 1.3.1.x
apache / http_server 1.3.25 1.3.25.x
apache / http_server 1.3.28 1.3.28.x
apache / http_server 1.3.19 1.3.19.x
apache / http_server 1.3.31 1.3.31.x
apache / http_server 1.3.68 1.3.68.x
apache / http_server 1.3.24 1.3.24.x
apache / http_server 1.3.5 1.3.5.x
apache / http_server 1.3.20 1.3.20.x
apache / http_server 1.3.35 1.3.35.x
apache / http_server 1.3.6 1.3.6.x
apache / http_server 1.3.2 1.3.2.x
apache / http_server 1.3.34 1.3.34.x
apache / http_server 1.3.4 1.3.4.x
apache / http_server 1.3.13 1.3.13.x
apache / http_server 1.3.39 1.3.39.x
apache / http_server 1.3.30 1.3.30.x
apache / http_server 1.3.18 1.3.18.x
apache / http_server 1.3.65 1.3.65.x
apache / http_server 1.3.0 1.3.0.x
apache / http_server 1.3 1.3.x
apache / http_server 1.3.12 1.3.12.x
apache / http_server 1.3.3 1.3.3.x
apache / http_server 1.3.17 1.3.17.x
apache / http_server 1.3.1.1 1.3.1.1.x
apache / http_server 1.3.26 1.3.26.x
apache / http_server 1.3.9 1.3.9.x
apache / http_server 1.3.32 1.3.32.x
apache / http_server 1.3.15 1.3.15.x
apache / http_server 1.3.14 1.3.14.x
apache / http_server 1.3.42 1.3.42.x
apache / http_server 1.3.29 1.3.29.x
apache / http_server 1.3.22 1.3.22.x
apache / http_server 1.3.37 1.3.37.x
apache / http_server 1.3.11 1.3.11.x
apache / http_server 1.3.7 1.3.7.x
apache / http_server 1.3.41 1.3.41.x
apache / http_server 2.0.42 2.0.42.x
apache / http_server 2.0.64 2.0.64.x
apache / http_server 2.0.58 2.0.58.x
apache / http_server 2.0.47 2.0.47.x
apache / http_server 2.0.56 2.0.56.x
apache / http_server 2.0.50 2.0.50.x
apache / http_server 2.0.35 2.0.35.x
apache / http_server 2.0.37 2.0.37.x
apache / http_server 2.0.55 2.0.55.x
apache / http_server 2.0.44 2.0.44.x
apache / http_server 2.0.39 2.0.39.x
apache / http_server 2.0.52 2.0.52.x
apache / http_server 2.0.53 2.0.53.x
apache / http_server 2.0.57 2.0.57.x
apache / http_server 2.0.51 2.0.51.x
apache / http_server 2.0.28-beta 2.0.28-beta.x
apache / http_server 2.0.63 2.0.63.x
apache / http_server 2.0.41 2.0.41.x
apache / http_server 2.0.49 2.0.49.x
apache / http_server 2.0.9 2.0.9.x
apache / http_server 2.0.34-beta 2.0.34-beta.x
apache / http_server 2.0.61 2.0.61.x
apache / http_server 2.0.32 2.0.32.x
apache / http_server 2.0.38 2.0.38.x
apache / http_server 2.0.48 2.0.48.x
apache / http_server 2.0.45 2.0.45.x
apache / http_server 2.0.40 2.0.40.x
apache / http_server 2.0.36 2.0.36.x
apache / http_server 2.0.46 2.0.46.x
apache / http_server 2.0.54 2.0.54.x
apache / http_server 2.0.43 2.0.43.x
apache / http_server 2.0.59 2.0.59.x
apache / http_server 2.0.28 2.0.28.x
apache / http_server 2.0 2.0.x
apache / http_server 2.0.32-beta 2.0.32-beta.x
apache / http_server 2.0.60 2.0.60.x
apache / http_server 2.2.11 2.2.11.x
apache / http_server 2.2.0 2.2.0.x
apache / http_server 2.2.10 2.2.10.x
apache / http_server 2.2.13 2.2.13.x
apache / http_server 2.2.2 2.2.2.x
apache / http_server 2.2.4 2.2.4.x
apache / http_server 2.2.16 2.2.16.x
apache / http_server 2.2.21 2.2.21.x
apache / http_server 2.2.8 2.2.8.x
apache / http_server 2.2.14 2.2.14.x
apache / http_server 2.2.6 2.2.6.x
apache / http_server 2.2.19 2.2.19.x
apache / http_server 2.2.9 2.2.9.x
apache / http_server 2.2.18 2.2.18.x
apache / http_server 2.2.12 2.2.12.x
apache / http_server 2.2.3 2.2.3.x
apache / http_server 2.2.15 2.2.15.x
apache / http_server 2.2.20 2.2.20.x
apache / http_server 2.2.1 2.2.1.x