CVE-2011-4317 [中] | Input Validation Bypass（Http Server）

The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an @ (at sign) character and a : (colon) character in invalid positions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.

EDB-ID	ソース	種別	公開	リンク
36352	exploit_db	edb	2011-11-24	Exploit-DB ↗
—	nvd_ref	exploit_tag		Exploit-DB ↗
—	nvd_ref	exploit_tag		Exploit-DB ↗

EDB-ID

ソース

種別

公開

リンク

36352

exploit_db

edb

2011-11-24

Exploit-DB ↗

—

nvd_ref

exploit_tag

Exploit-DB ↗

—

nvd_ref

exploit_tag

Exploit-DB ↗

#	日付	旧 EPSS スコア	新 EPSS スコア	Δ（新 − 旧）
1	2026-06-08	79.45%	77.98%	-1.47%
2	2026-05-29	81.92%	79.45%	-2.47%
3	2026-03-19	—	81.92%	—

日付

旧 EPSS スコア

新 EPSS スコア

Δ（新 − 旧）

2026-06-08

79.45%

77.98%

-1.47%

2026-05-29

81.92%

79.45%

-2.47%

2026-03-19

—

81.92%

—

ベーススコア	バージョン	深刻度	ベクトル	悪用しやすさ	影響	スコアの出典
4.3	2.0	MEDIUM	`AV:N/AC:M/Au:N/C:N/I:P/A:N` クリックして展開アクセス経路 (AV:N) ルーティング可能なネットワーク越しに、遠隔から到達・悪用しうる。アクセスの複雑さ (AC:M) 多少の有利条件は要るが、極端なレアケースではない。認証 (AU:N) 認証を経ずに攻撃を完結できる。機密性への影響 (C:N) 機密性は損なわれない。完全性への影響 (I:P) 完全性は部分的に損なわれる。可用性への影響 (A:N) 可用性は損なわれない。	8.6	2.9	[email protected]

ベーススコア

バージョン

深刻度

ベクトル

悪用しやすさ

影響

スコアの出典

4.3

2.0

MEDIUM

AV:N/AC:M/Au:N/C:N/I:P/A:N クリックして展開

アクセス経路 (AV:N): ルーティング可能なネットワーク越しに、遠隔から到達・悪用しうる。
アクセスの複雑さ (AC:M): 多少の有利条件は要るが、極端なレアケースではない。
認証 (AU:N): 認証を経ずに攻撃を完結できる。
機密性への影響 (C:N): 機密性は損なわれない。
完全性への影響 (I:P): 完全性は部分的に損なわれる。
可用性への影響 (A:N): 可用性は損なわれない。

8.6

2.9

[email protected]

CVE-2011-4317 の OS トラッカー

vendor	priority	summary	link
`debian`	not yet assigned	CVE-2011-4317 not yet assigned priority: Debian including 1 source packages (apache2), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5.	https://security-tracker.debian.org/tracker/CVE-2011-4317
`gentoo`	high	CVE-2011-4317: 1 GLSA(s) (201206-25), 1 atom(s) (www-servers/apache); latest impact high.	https://bugs.gentoo.org/buglist.cgi?quicksearch=CVE-2011-4317
`redhat`	medium	—	https://access.redhat.com/security/cve/CVE-2011-4317
`suse`	medium	CVE-2011-4317 severity moderate: SUSE including 93 source package names (apache2-2.2.12-1.28.1, apache2-2.2.12-1.38.2, …), 123 product×package rows across 25 product lines (SUSE Linux Enterprise High Performance Computing 12 SP5, SUSE Linux Enterprise Module for Server Applications 15, … (25 product lines)): Fixed 123.	https://www.suse.com/security/cve/CVE-2011-4317/
`ubuntu`	medium	CVE-2011-4317 medium priority: Ubuntu including 1 source packages (apache2), 6 status rows across 6 suites (hardy, lucid, maverick, natty, oneiric, upstream): released 5, needs-triage 1.	https://ubuntu.com/security/CVE-2011-4317

CVE-2011-4317 の影響を受けるソフトウェア／構成

ベンダー	製品	バージョン	生の CPE
apache	http_server	1.3	cpe:2.3:a:apache:http_server:1.3:::::::*
apache	http_server	1.3.0	cpe:2.3:a:apache:http_server:1.3.0:::::::*
apache	http_server	1.3.1	cpe:2.3:a:apache:http_server:1.3.1:::::::*
apache	http_server	1.3.1.1	cpe:2.3:a:apache:http_server:1.3.1.1:::::::*
apache	http_server	1.3.2	cpe:2.3:a:apache:http_server:1.3.2:::::::*
apache	http_server	1.3.3	cpe:2.3:a:apache:http_server:1.3.3:::::::*
apache	http_server	1.3.4	cpe:2.3:a:apache:http_server:1.3.4:::::::*
apache	http_server	1.3.5	cpe:2.3:a:apache:http_server:1.3.5:::::::*
apache	http_server	1.3.6	cpe:2.3:a:apache:http_server:1.3.6:::::::*
apache	http_server	1.3.7	cpe:2.3:a:apache:http_server:1.3.7:::::::*
apache	http_server	1.3.8	cpe:2.3:a:apache:http_server:1.3.8:::::::*
apache	http_server	1.3.9	cpe:2.3:a:apache:http_server:1.3.9:::::::*
apache	http_server	1.3.10	cpe:2.3:a:apache:http_server:1.3.10:::::::*
apache	http_server	1.3.11	cpe:2.3:a:apache:http_server:1.3.11:::::::*
apache	http_server	1.3.12	cpe:2.3:a:apache:http_server:1.3.12:::::::*
apache	http_server	1.3.13	cpe:2.3:a:apache:http_server:1.3.13:::::::*
apache	http_server	1.3.14	cpe:2.3:a:apache:http_server:1.3.14:::::::*
apache	http_server	1.3.15	cpe:2.3:a:apache:http_server:1.3.15:::::::*
apache	http_server	1.3.16	cpe:2.3:a:apache:http_server:1.3.16:::::::*
apache	http_server	1.3.17	cpe:2.3:a:apache:http_server:1.3.17:::::::*
apache	http_server	1.3.18	cpe:2.3:a:apache:http_server:1.3.18:::::::*
apache	http_server	1.3.19	cpe:2.3:a:apache:http_server:1.3.19:::::::*
apache	http_server	1.3.20	cpe:2.3:a:apache:http_server:1.3.20:::::::*
apache	http_server	1.3.22	cpe:2.3:a:apache:http_server:1.3.22:::::::*
apache	http_server	1.3.23	cpe:2.3:a:apache:http_server:1.3.23:::::::*
apache	http_server	1.3.24	cpe:2.3:a:apache:http_server:1.3.24:::::::*
apache	http_server	1.3.25	cpe:2.3:a:apache:http_server:1.3.25:::::::*
apache	http_server	1.3.26	cpe:2.3:a:apache:http_server:1.3.26:::::::*
apache	http_server	1.3.27	cpe:2.3:a:apache:http_server:1.3.27:::::::*
apache	http_server	1.3.28	cpe:2.3:a:apache:http_server:1.3.28:::::::*
apache	http_server	1.3.29	cpe:2.3:a:apache:http_server:1.3.29:::::::*
apache	http_server	1.3.30	cpe:2.3:a:apache:http_server:1.3.30:::::::*
apache	http_server	1.3.31	cpe:2.3:a:apache:http_server:1.3.31:::::::*
apache	http_server	1.3.32	cpe:2.3:a:apache:http_server:1.3.32:::::::*
apache	http_server	1.3.33	cpe:2.3:a:apache:http_server:1.3.33:::::::*
apache	http_server	1.3.34	cpe:2.3:a:apache:http_server:1.3.34:::::::*
apache	http_server	1.3.35	cpe:2.3:a:apache:http_server:1.3.35:::::::*
apache	http_server	1.3.36	cpe:2.3:a:apache:http_server:1.3.36:::::::*
apache	http_server	1.3.37	cpe:2.3:a:apache:http_server:1.3.37:::::::*
apache	http_server	1.3.38	cpe:2.3:a:apache:http_server:1.3.38:::::::*
apache	http_server	1.3.39	cpe:2.3:a:apache:http_server:1.3.39:::::::*
apache	http_server	1.3.41	cpe:2.3:a:apache:http_server:1.3.41:::::::*
apache	http_server	1.3.42	cpe:2.3:a:apache:http_server:1.3.42:::::::*
apache	http_server	1.3.65	cpe:2.3:a:apache:http_server:1.3.65:::::::*
apache	http_server	1.3.68	cpe:2.3:a:apache:http_server:1.3.68:::::::*
apache	http_server	2.0	cpe:2.3:a:apache:http_server:2.0:::::::*
apache	http_server	2.0.9	cpe:2.3:a:apache:http_server:2.0.9:::::::*
apache	http_server	2.0.28	cpe:2.3:a:apache:http_server:2.0.28:::::::*
apache	http_server	2.0.28	cpe:2.3:a:apache:http_server:2.0.28:beta::::::
apache	http_server	2.0.32	cpe:2.3:a:apache:http_server:2.0.32:::::::*
apache	http_server	2.0.32	cpe:2.3:a:apache:http_server:2.0.32:beta::::::
apache	http_server	2.0.34	cpe:2.3:a:apache:http_server:2.0.34:beta::::::
apache	http_server	2.0.35	cpe:2.3:a:apache:http_server:2.0.35:::::::*
apache	http_server	2.0.36	cpe:2.3:a:apache:http_server:2.0.36:::::::*
apache	http_server	2.0.37	cpe:2.3:a:apache:http_server:2.0.37:::::::*
apache	http_server	2.0.38	cpe:2.3:a:apache:http_server:2.0.38:::::::*
apache	http_server	2.0.39	cpe:2.3:a:apache:http_server:2.0.39:::::::*
apache	http_server	2.0.40	cpe:2.3:a:apache:http_server:2.0.40:::::::*
apache	http_server	2.0.41	cpe:2.3:a:apache:http_server:2.0.41:::::::*
apache	http_server	2.0.42	cpe:2.3:a:apache:http_server:2.0.42:::::::*
apache	http_server	2.0.43	cpe:2.3:a:apache:http_server:2.0.43:::::::*
apache	http_server	2.0.44	cpe:2.3:a:apache:http_server:2.0.44:::::::*
apache	http_server	2.0.45	cpe:2.3:a:apache:http_server:2.0.45:::::::*
apache	http_server	2.0.46	cpe:2.3:a:apache:http_server:2.0.46:::::::*
apache	http_server	2.0.47	cpe:2.3:a:apache:http_server:2.0.47:::::::*
apache	http_server	2.0.48	cpe:2.3:a:apache:http_server:2.0.48:::::::*
apache	http_server	2.0.49	cpe:2.3:a:apache:http_server:2.0.49:::::::*
apache	http_server	2.0.50	cpe:2.3:a:apache:http_server:2.0.50:::::::*
apache	http_server	2.0.51	cpe:2.3:a:apache:http_server:2.0.51:::::::*
apache	http_server	2.0.52	cpe:2.3:a:apache:http_server:2.0.52:::::::*
apache	http_server	2.0.53	cpe:2.3:a:apache:http_server:2.0.53:::::::*
apache	http_server	2.0.54	cpe:2.3:a:apache:http_server:2.0.54:::::::*
apache	http_server	2.0.55	cpe:2.3:a:apache:http_server:2.0.55:::::::*
apache	http_server	2.0.56	cpe:2.3:a:apache:http_server:2.0.56:::::::*
apache	http_server	2.0.57	cpe:2.3:a:apache:http_server:2.0.57:::::::*
apache	http_server	2.0.58	cpe:2.3:a:apache:http_server:2.0.58:::::::*
apache	http_server	2.0.59	cpe:2.3:a:apache:http_server:2.0.59:::::::*
apache	http_server	2.0.60	cpe:2.3:a:apache:http_server:2.0.60:::::::*
apache	http_server	2.0.61	cpe:2.3:a:apache:http_server:2.0.61:::::::*
apache	http_server	2.0.63	cpe:2.3:a:apache:http_server:2.0.63:::::::*

CVE-2011-4317 の参考情報

URL	タグ
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041
http://kb.juniper.net/JSA10585
http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html
http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html
http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html
http://marc.info/?l=bugtraq&m=133294460209056&w=2
http://marc.info/?l=bugtraq&m=134987041210674&w=2
http://rhn.redhat.com/errata/RHSA-2012-0128.html
http://secunia.com/advisories/48551
http://support.apple.com/kb/HT5501
http://thread.gmane.org/gmane.comp.apache.devel/46440	Exploit
http://www.debian.org/security/2012/dsa-2405
http://www.mandriva.com/security/advisories?name=MDVSA-2012:003
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html
http://www.securitytracker.com/id?1026353
https://bugzilla.redhat.com/show_bug.cgi?id=756483
https://community.qualys.com/blogs/securitylabs/2011/11/23/apache-reverse-proxy-bypass-issue	Exploit
https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E

URL

タグ

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041

http://kb.juniper.net/JSA10585

http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html

http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html

http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html

http://marc.info/?l=bugtraq&m=133294460209056&w=2

http://marc.info/?l=bugtraq&m=134987041210674&w=2

http://rhn.redhat.com/errata/RHSA-2012-0128.html

http://secunia.com/advisories/48551

http://support.apple.com/kb/HT5501