MGASA-2018-0474

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2011-2767

Published: 02 Dec 2018, 22:15

Last modified:16 Apr 2026, 06:22

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

02 Dec 2018, 22:15

Published

Vulnerability first disclosed

16 Apr 2026, 06:22

Last Modified

Vulnerability information updated

Description

Updated apache-mod_perl packages fix security vulnerability A flaw was found in mod_perl 2.0 through 2.0.10 which allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no configuration option that permits Perl code for the administrator's control of HTTP request processing without also permitting unprivileged users to run Perl code in the context of the user account that runs Apache HTTP Server processes (CVE-2011-2767).

Affected Systems

mageia•apache-mod_perl
< 2.0.10-1.1.mga6

MGASA-2018-0474

Vulnerability Summary

Timeline

Description

Affected Systems

References (3)