4.3
CVSSv2

CVE-2012-0053

Published: 28/01/2012 Updated: 14/09/2022
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 439
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Vulnerability Summary

protocol.c in the Apache HTTP Server 2.2.x up to and including 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote malicious users to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apache http server

debian debian linux 5.0

debian debian linux 7.0

debian debian linux 6.0

opensuse opensuse 11.4

suse linux enterprise software development kit 10

suse linux enterprise server 10

redhat enterprise linux desktop 6.0

redhat enterprise linux server 6.0

redhat enterprise linux workstation 6.0

redhat storage 2.0

redhat enterprise linux eus 6.2

redhat jboss_enterprise_web_server 1.0.0

Vendor Advisories

Synopsis Moderate: httpd security update Type/Severity Security Advisory: Moderate Topic Updated httpd packages that fix multiple security issues are now availablefor Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as having moderatesecurity impact Common Vulnerability S ...
Synopsis Moderate: httpd security and bug fix update Type/Severity Security Advisory: Moderate Topic Updated httpd packages that fix multiple security issues and one bug arenow available for JBoss Enterprise Web Server 102 for Red Hat EnterpriseLinux 5 and 6The Red Hat Security Response Team has rated th ...
Synopsis Moderate: httpd security update Type/Severity Security Advisory: Moderate Topic Updated httpd packages that fix multiple security issues are now availablefor Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as having moderatesecurity impact Common Vulnerability S ...
Several security issues were fixed in the Apache HTTP Server ...
It was discovered that the fix for CVE-2011-3368 did not completely address the problem An attacker could bypass the fix and make a reverse proxy connect to an arbitrary server not directly accessible to the attacker by sending an HTTP version 09 request, or by using a specially-crafted URI (CVE-2011-3639, CVE-2011-4317) The httpd server include ...
<!-- content goes here --> Oracle Critical Patch Update Advisory - January 2015 Description A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisor ...

Exploits

// Source: gistgithubcom/1955a1c28324d4724b7b/7fe51f2a66c1d4a40a736540b3ad3fde02b7fb08 // Most browsers limit cookies to 4k characters, so we need multiple function setCookies (good) { // Construct string for cookie value var str = ""; for (var i=0; i&lt; 819; i++) { str += "x"; } // Set cookies for (i = 0; ...

Github Repositories

xss_payloads Payloads for practical exploitation of cross site scripting Usage Find XSS vuln in your app Get PoC exploit: alert(1) etc Host these payloads somewhere Use vuln to pull one of these payloads into the app &lt;script src="attackerip/filejs"&gt;&lt;/script&gt; Profit js vs php files Some of the files are plain JavaScript js files,

xss_payloads Payloads for practical exploitation of cross site scripting Usage Find XSS vuln in your app Get PoC exploit: alert(1) etc Host these payloads somewhere Use vuln to pull one of these payloads into the app &lt;script src="attackerip/filejs"&gt;&lt;/script&gt; Profit js vs php files Some of the files are plain JavaScript js files,

Demo of Apache httpOnly Cookie Disclosure Exploit CVE2012 0053

CVE20120053Demo Demo of Apache httpOnly Cookie Disclosure Exploit CVE2012 0053 This demo desmostrates the vunerability of apache registered at CVE: 2012-0053 More info at: accessredhatcom/security/cve/CVE-2012-0053 The code of exploit can be found here: wwwexploit-dbcom/exploits/18442/ The video of this demo can found at Youtube: youtube/Hrt32bPuxBA

Exploitation for XSS

xss_payloads Payloads for practical exploitation of cross site scripting Usage Find XSS vuln in your app Get PoC exploit: alert(1) etc Host these payloads somewhere Use vuln to pull one of these payloads into the app &lt;script src="attackerip/filejs"&gt;&lt;/script&gt; Profit js vs php files Some of the files are plain JavaScript js files,

Pentest Scripts for Apache Vulnerabilities

Apache-Vulns Pentest Scripts for Apache Vulnerabilities apacheScanpy The purpose of this script is to enable pentesters to quickly check which CVE-IDs apply to a particular Apache version apacheScan comes with a text file which contains all CVE-IDs taken from [httpdapacheorg] (httpdapacheorg) The python script simply retrieves the CVE-IDs that apply

Cheetsheet Pentest Reconocimiento Información básica Con herramientas como whatweb podemos hacer un reconocimiento inicial del sitio web para obtener información como la IP, el SO del servidor, en que país está este alojado o alguna vulnerabilidad básica, como XSS └─$ whatweb &lt;URL&gt; 3522724107/d6a05ac5cf/ [20

Network reconnaissance and vulnerability assessment tools.

ReconScan The purpose of this project is to develop scripts that can be useful in the pentesting workflow, be it for VulnHub VMs, CTFs, hands-on certificates, or real-world targets The project currently consists of two major components: a script invoking and aggregating the results of existing tools, and a second script for automated analysis of the aforementioned results from

Network reconnaissance and vulnerability assessment tools.

ReconScan The purpose of this project is to develop scripts that can be useful in the pentesting workflow, be it for VulnHub VMs, CTFs, hands-on certificates, or real-world targets The project currently consists of two major components: a script invoking and aggregating the results of existing tools, and a second script for automated analysis of the aforementioned results from

Network reconnaissance and vulnerability assessment tools.

ReconScan The purpose of this project is to develop scripts that can be useful in the pentesting workflow, be it for VulnHub VMs, CTFs, hands-on certificates, or real-world targets The project currently consists of two major components: a script invoking and aggregating the results of existing tools, and a second script for automated analysis of the aforementioned results from

repository ini digunakan untuk belajar

ReconScan The purpose of this project is to develop scripts that can be useful in the pentesting workflow, be it for VulnHub VMs, CTFs, hands-on certificates, or real-world targets The project currently consists of two major components: a script invoking and aggregating the results of existing tools, and a second script for automated analysis of the aforementioned results from

pigat ( Passive Intelligence Gathering Aggregation Tool ) 被动信息收集聚合工具

Pigat:一款被动信息收集聚合工具 前言 Pigat(Passive Intelligence Gathering Aggregation Tool)被动信息收集聚合工具,该工具通过爬取目标URL在第三方网站比如备案查询网站、子域名查询网站的结果来对目标进行被动信息收集。 开发此工具的初衷就是平时在使用一些第三方的网站进行目标信息收

Strike A python tool to quickly analyze all IPs and see which ones have open ports and vulnerabilities Installation apt-get install python3 git clone githubcom/SecureAxom/strike cd strike pip3 install -r requirementstxt python3 strikepy Usages python3 strikepy -h python3 strikepy -t 20891

Pigat:一款被动信息收集聚合工具 前言 Pigat(Passive Intelligence Gathering Aggregation Tool)被动信息收集聚合工具,该工具通过爬取目标URL在第三方网站比如备案查询网站、子域名查询网站的结果来对目标进行被动信息收集。 开发此工具的初衷就是平时在使用一些第三方的网站进行目标信息收

References

NVD-CWE-noinfohttp://httpd.apache.org/security/vulnerabilities_22.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=785069http://svn.apache.org/viewvc?view=revision&revision=1235454http://www.securityfocus.com/bid/51706http://rhn.redhat.com/errata/RHSA-2012-0128.htmlhttp://lists.opensuse.org/opensuse-security-announce/2012-02/msg00026.htmlhttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.htmlhttp://secunia.com/advisories/48551http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.htmlhttp://support.apple.com/kb/HT5501http://marc.info/?l=bugtraq&m=136441204617335&w=2http://kb.juniper.net/JSA10585http://www.mandriva.com/security/advisories?name=MDVSA-2013:150http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.htmlhttp://marc.info/?l=bugtraq&m=133494237717847&w=2http://marc.info/?l=bugtraq&m=133951357207000&w=2http://www.debian.org/security/2012/dsa-2405http://rhn.redhat.com/errata/RHSA-2012-0543.htmlhttp://rhn.redhat.com/errata/RHSA-2012-0542.htmlhttp://marc.info/?l=bugtraq&m=133294460209056&w=2http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00002.htmlhttp://www.mandriva.com/security/advisories?name=MDVSA-2012:012https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3Ehttps://github.com/hhjjj75/xss.github.iohttps://github.com/jonathansp/CVE20120053Demohttps://nvd.nist.govhttps://www.exploit-db.com/exploits/18442/https://www.securityfocus.com/bid/51706https://access.redhat.com/errata/RHSA-2012:0323https://usn.ubuntu.com/1368-1/