QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2009-3095

Back to search

CVE-2009-3095

Published: Sep 8, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11.

VendorProductVersions

n/a

n/a

affected
n/a

References

SUSE-SA:2009:050
vendor-advisory
x_refsource_SUSE
oval:org.mitre.oval:def:8662
vdb-entry
signature
x_refsource_OVAL
HPSBUX02531
vendor-advisory
x_refsource_HP
SSRT090208
vendor-advisory
x_refsource_HP
SSRT090244
vendor-advisory
x_refsource_HP
HPSBOV02506
vendor-advisory
x_refsource_HP
37152
third-party-advisory
x_refsource_SECUNIA
APPLE-SA-2010-03-29-1
vendor-advisory
x_refsource_APPLE
DSA-1934
vendor-advisory
x_refsource_DEBIAN
20091124 rPSA-2009-0155-1 httpd mod_ssl
mailing-list
x_refsource_BUGTRAQ
SSRT100782
vendor-advisory
x_refsource_HP
HPSBMU02753
vendor-advisory
x_refsource_HP
FEDORA-2009-12604
vendor-advisory
x_refsource_FEDORA
HPSBOV02683
vendor-advisory
x_refsource_HP
oval:org.mitre.oval:def:9363
vdb-entry
signature
x_refsource_OVAL
SSRT100108
vendor-advisory
x_refsource_HP
FEDORA-2009-12606
vendor-advisory
x_refsource_FEDORA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now
CVE-2009-3095 - Security Vulnerability | QwikSec