|Subject:||[ CVE-2011-2767] Arbitrary Perl code execution in the context of the user account via a user-owned .htaccess|
There is a vulnerability in mod_perl (tested with 2.0.10) that allows an ordinar user to execute any arbitrary code in the httpd process with the credentials of the https process owner by injecting a <Perl> section into his (=user's) .htaccess file. For example this code in ~/public_html/.htaccess: <Perl> warn "HIT"; </Perl> appends following line into /var/log/httpd/error_log: HIT at /home/test/public_html/.htaccess line 2. Debian tracks this vulnerability <> since 2011-10-03 but. This vulnerability was assigned CVE-2011-2767 identifier. The Debian bug report also provides a fix < . The fix restricts the <Perl> section to server configuration scope only. This is in line with mod_perl documentation < .