On Sun, Aug 26, 2018 at 04:26:09PM +0200, Salvatore Bonaccorso wrote: > Hi > > Back in 2011 after this bug was reported, for the security implication > mentioned, CVE-2011-2767 was assigned. mod_perl checks .htaccess files > for <Perl> sections, and users allowed to write to .htaccess files can > run code as the user running the web server, leading to privilege > escalation. > > This can be demonstrated in situations were both mod_perl and userdir > support would be enabled, or other setups potentially leading to full > root privilege escalation. > > Jan, want to outline your finding in more detail? I just have > submitted the CVE itself to MITRE, as it was back then assigned from > the Debian pool.
This was apparently already fixed in jessie (LTS) - I've now updated the bug metadata and I'll look at applying the fix in unstable and stable. Dominic.