{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T09:49:38.542","vulnerabilities":[{"cve":{"id":"CVE-2011-2767","sourceIdentifier":"security@debian.org","published":"2018-08-26T16:29:00.230","lastModified":"2024-11-21T01:28:55.943","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"mod_perl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no configuration option that permits Perl code for the administrator's control of HTTP request processing without also permitting unprivileged users to run Perl code in the context of the user account that runs Apache HTTP Server processes."},{"lang":"es","value":"mod_perl 2.0 hasta la versión 2.0.10 permite que los atacantes ejecuten código Perl colocándolo en un archivo .htaccess propiedad del usuario, debido a que (al contrario de lo que pone en la documentación) no hay una opción de configuración que permita el código Perl para el control de administrador del procesamiento de peticiones HTTP sin permitir también que usuarios sin privilegios ejecuten código Perl en el contexto de la cuenta de usuario que ejecuta los procesos Apache HTTP Server."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:mod_perl:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0.0","versionEndIncluding":"2.0.10","matchCriteriaId":"039DC6B9-E1D3-418B-9602-7C39AB4280D3"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","matchCriteriaId":"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*","matchCriteriaId":"84FF61DF-D634-4FB5-8DF1-01F631BE1A7A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*","matchCriteriaId":"B99A2411-7F6A-457F-A7BF-EB13C630F902"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*","matchCriteriaId":"041F9200-4C01-4187-AE34-240E8277B54D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*","matchCriteriaId":"4EB48767-F095-444F-9E05-D9AC345AB803"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*","matchCriteriaId":"5F6FA12B-504C-4DBF-A32E-0548557AA2ED"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","matchCriteriaId":"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","matchCriteriaId":"9BBCD86A-E6C7-4444-9D74-F861084090F0"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","matchCriteriaId":"E5ED5807-55B7-47C5-97A6-03233F4FBC3A"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","matchCriteriaId":"8D305F7A-D159-4716-AB26-5E38BB5CD991"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","matchCriteriaId":"B5A6F2F3-4894-4392-8296-3B8DD2679084"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","matchCriteriaId":"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","matchCriteriaId":"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","matchCriteriaId":"07C312A0-CD2C-4B9C-B064-6409B25C278F"}]}]}],"references":[{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00063.html","source":"security@debian.org"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00065.html","source":"security@debian.org"},{"url":"http://www.securityfocus.com/bid/105195","source":"security@debian.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://access.redhat.com/errata/RHSA-2018:2737","source":"security@debian.org","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2018:2825","source":"security@debian.org","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2018:2826","source":"security@debian.org","tags":["Third Party Advisory"]},{"url":"https://bugs.debian.org/644169","source":"security@debian.org","tags":["Issue Tracking","Mailing List","Third Party Advisory"]},{"url":"https://lists.apache.org/thread.html/c8ebe8aad147a3ad2e7b0e8b2da45263171ab5d0fc7f8c100feaa94d%40%3Cmodperl-cvs.perl.apache.org%3E","source":"security@debian.org"},{"url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00018.html","source":"security@debian.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://mail-archives.apache.org/mod_mbox/perl-modperl/201110.mbox/raw/%3C20111004084343.GA21290%40ktnx.net%3E","source":"security@debian.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://usn.ubuntu.com/3825-1/","source":"security@debian.org","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/3825-2/","source":"security@debian.org","tags":["Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00063.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00065.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/105195","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://access.redhat.com/errata/RHSA-2018:2737","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2018:2825","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2018:2826","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://bugs.debian.org/644169","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Mailing List","Third Party Advisory"]},{"url":"https://lists.apache.org/thread.html/c8ebe8aad147a3ad2e7b0e8b2da45263171ab5d0fc7f8c100feaa94d%40%3Cmodperl-cvs.perl.apache.org%3E","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00018.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://mail-archives.apache.org/mod_mbox/perl-modperl/201110.mbox/raw/%3C20111004084343.GA21290%40ktnx.net%3E","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://usn.ubuntu.com/3825-1/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/3825-2/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}