Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2011-4415Improper Input Validation in Apache Http Server

CWE-20Improper Input Validation8 documents8 sources
Severity
1.2LOWNVD
CNA4.4OSV4.4
EPSS
0.5%
top 36.18%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Apache Http Server
Timeline
PublishedNov 8
Latest updateMay 17

Description

The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, does not restrict the size of values of environment variables, which allows local users to cause a denial of service (memory consumption or NULL pointer dereference) via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, related to (1) the "len +=" statement and (2) the apr_pcalloc function c

CVSS vector

AV:L/AC:H/C:N/I:N/A:PExploitability: 1.9 | Impact: 2.9

Affected Packages1 packages

NVDapache/http_server53 versions+52

Patches

Patch: www.halfdog.netPatch: www.halfdog.net

🔴Vulnerability Details

3
GHSA
GHSA-43r8-mvrp-6q9c: The ap_pregsub function in server/util2022-05-17
CVEList
CVE-2011-4415: The ap_pregsub function in server/util2011-11-08
OSV
CVE-2011-4415: The ap_pregsub function in server/util2011-11-08

💥Exploits & PoCs

1
Exploit-DB
Apache < 2.0.64 / < 2.2.21 mod_setenvif - Integer Overflow2011-11-02

📋Vendor Advisories

2
Red Hat
httpd: SetEnvIf resource exhaustion2011-11-02
Debian
CVE-2011-4415: apache2 - The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through...2011

💬Community

1
Bugzilla
CVE-2011-4415 httpd: SetEnvIf resource exhaustion2011-11-02
CVE-2011-4415 — Improper Input Validation in Apache | cvebase