Apache 'mod_proxy_http' 2.2.9 For Unix Timeout Handling Information Disclosure Vulnerability Network Vulnerability

Summary

Apache is prone to an information-disclosure vulnerability that affects the 'mod_proxy_http' module. Attackers can leverage this issue to gain access to sensitive information that may aid in further attacks. Apache 2.2.9 on Unix is vulnerable.

Solution

Updates are available. Please see the references for more information.

References

http://httpd.apache.org/
http://httpd.apache.org/security/vulnerabilities_22.html
http://support.avaya.com/css/P8/documents/100109771
http://svn.apache.org/viewvc?view=revision&revision=699841
https://www.securityfocus.com/bid/42102

Updated on 2017-03-28

Severity

Classification

CVE CVE-2010-2791

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

httpdx Space Character Remote File Disclosure Vulnerability
Apache HTTP Server Scoreboard Security Bypass Vulnerability (Windows)
Apache Tomcat Multiple Vulnerabilities January 2010
Authentication bypassing in Lotus Domino
IBM WebSphere Application Server (WAS) XSS and CSRF Vulnerabilities