Reverse Proxy Bypass Vulnerability (CVE-2011-3368) Scanner

Details
Stay Up To Date
Asset Type

DOMAIN,IP

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

15

Reverse Proxy Bypass Vulnerability (CVE-2011-3368) Scanner Detail

Vulnerability allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.

Scanner tests for the CVE-2011-3368 (Reverse Proxy Bypass) vulnerability in Apache HTTP server's reverse proxy mode. The script will run 3 tests:

  • the loopback test, with 3 payloads to handle different rewrite rules
  • the internal hosts test. According to Contextis, we expect a delay before a server error.
  • The external website test. This does not mean that you can reach a LAN ip, but this is a relevant issue anyway.

Some Advice for Common Problems

Upgrade your Apache to the latest version.

Community Discussions

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service