Description: A security issue has been reported in Apache HTTP Server, which can be exploited by malicious, local users to bypass certain security restrictions. The security issue is caused due to an error when processing "AllowOverride" directives and certain "Options" arguments in ".htaccess" files, which can be exploited to e.g. execute commands via Server Side Includes.
This has limited impact, as there is no remote command execution.. I'd go for B3, other opinions?
Created attachment 192689 [details, diff] Patch against 2.2.11 from RedHat's bugzilla
This allows for local privilege escalation. Users can run shell commands as the apache user in environments that are configured not to allow script execution.
GLSA request filed.
shall we fix this first?
Created attachment 195624 [details] CVE-2009-1195.patch (without CHANGES) Argh. Well, we don't need to patch the CHANGES file (which fails): patch -p0 < CVE-2009-1195.patch patching file server/config.c patching file server/core.c patching file CHANGES Hunk #1 FAILED at 5. 1 out of 1 hunk FAILED -- saving rejects to file CHANGES.rej patching file modules/filters/mod_include.c Hunk #1 succeeded at 3573 (offset -1 lines). patching file include/http_core.h It looks better this way: patching file server/config.c patching file server/core.c patching file modules/filters/mod_include.c Hunk #1 succeeded at 3573 (offset -1 lines). patching file include/http_core.h
Can someone from the apache team have a look and commit this, or do you wait for 2.2.12?!
patch added to 2.2.11-r1, stabilization should probably be done in a new bug, since multiple issues have been fixed with 2.2.11-r1
Thanks, stabilization handled in 276589.
GLSA 200907-04, thanks everyone.
