Bug 1866559 (CVE-2020-11985) - CVE-2020-11985 httpd: IP address spoofing when proxying using mod_remoteip and mod_rewrite
Summary: CVE-2020-11985 httpd: IP address spoofing when proxying using mod_remoteip an...
Keywords:
Status: NEW
Alias: CVE-2020-11985
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On: 1867471 1867472 1867473 1868147
Blocks: 1866566
TreeView+ depends on / blocked
 
Reported: 2020-08-05 21:54 UTC by Pedro Sampaio
Modified: 2024-03-25 16:15 UTC (History)
20 users (show)

Fixed In Version: httpd 2.4.24
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in the mod_remoteip module shipped with the httpd package. This flaw allows an attacker to spoof the IP address, resulting in the bypass of a mod_rewrite rule. The highest threat from this vulnerability is to integrity.
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description Pedro Sampaio 2020-08-05 21:54:16 UTC
A flaw was found in httpd before version 2.4.24. When proxying using mod_remoteip and mod_rewrite its possible to spoof IP addresses.

Upstream patch:

https://svn.apache.org/viewvc?view=revision&revision=1767483

Comment 1 Pedro Sampaio 2020-08-05 21:54:20 UTC
Acknowledgments:

Name: the Apache project

Comment 3 Ted Jongseok Won 2020-08-06 00:16:33 UTC
This vulnerability is out of security support scope for the following product:
 * Red Hat JBoss Enterprise Web Server 2

Please refer to https://access.redhat.com/support/policy/updates/jboss_notes for more details.

Comment 7 Guilherme de Almeida Suckevicz 2020-08-11 19:45:42 UTC
Created httpd tracking bugs for this issue:

Affects: fedora-all [bug 1868147]

Comment 9 Huzaifa S. Sidhpurwala 2020-08-16 09:52:27 UTC
Statement:

This issue only affects httpd-2.4.x, therefore, httpd packages shipped with Red Hat Enterprise Linux 6 are not affected by this flaw.

Comment 10 Huzaifa S. Sidhpurwala 2020-08-16 10:03:05 UTC
External References:

https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11985


Note You need to log in before you can comment on or make changes to this bug.