Title: Apache Satisfy Directive Access Control Bypass Vulnerability
Severity: MODERATE
Description:
Apache Web Server is reportedly affected by an access control bypass vulnerability. This issue presents itself due to an unspecified error in the merging of the 'Satisfy' directive, which is used to specify several criteria when granting access to resources. As a result, a remote attacker may bypass access controls and gain unauthorized access to restricted resources.
It is reported that this issue only affects Apache 2.0.51.
Due to a lack of details, further information is not available at the moment. This BID will be updated as more information becomes available.
Affected Products:
- Apache Software Foundation Apache 2.0.51
- HP HP-UX B.11.00
- HP HP-UX B.11.11
- HP HP-UX B.11.22
- HP HP-UX B.11.23
- HP Tru64 UNIX Compaq Secure Web Server 4.0.0 f
- HP Tru64 UNIX Compaq Secure Web Server 4.0.0 g
- HP Tru64 UNIX Compaq Secure Web Server 5.0.0 a
- HP Tru64 UNIX Compaq Secure Web Server 5.1.0
- HP Tru64 UNIX Compaq Secure Web Server 5.1.0 a
- HP Tru64 UNIX Compaq Secure Web Server 5.8.1
- HP Tru64 UNIX Compaq Secure Web Server 5.8.2
- HP Tru64 UNIX Compaq Secure Web Server 5.9.1
- HP Tru64 UNIX Compaq Secure Web Server 5.9.2
- HP Tru64 UNIX Compaq Secure Web Server 6.3.0
- RedHat Fedora Core1
- RedHat Fedora Core2
References:
- Apache Software Foundation: Apache 2.0.x Latest Release Information Page
- Apache Software Foundation: Apache Homepage
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
