mod_auth_any for Apache Metacharacter Remote Command Execution

High Nessus Plugin ID 11481


Arbitrary code may be run on the remote host.


The remote host seems to be running mod_auth_any, an Apache Module which allows the use of third-party authentication programs.

This module does not properly escape shell characters when a username is supplied, and therefore an attacker may use this module to :
- Execute arbitrary commands on the remote host
- Bypass the authentication process completely


Patch mod_auth_any or disable it.

See Also

Plugin Details

Severity: High

ID: 11481

File Name: mod_auth_any.nasl

Version: $Revision: 1.27 $

Type: remote

Family: Web Servers

Published: 2003/03/26

Modified: 2016/11/28

Dependencies: 67257, 10107, 10386

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

Vulnerability Information

Required KB Items: www/apache

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 2003/02/10

Reference Information

CVE: CVE-2003-0084

BID: 7448

OSVDB: 13640

RHSA: 2003:113-01