Summary
Apache is prone to an information-disclosure vulnerability that affects the 'mod_proxy_http' module.
Attackers can leverage this issue to gain access to sensitive information that may aid in further attacks.
Apache 2.2.9 on Unix is vulnerable.
Solution
Updates are available. Please see the references for more information.
References
Severity
Classification
-
CVE CVE-2010-2791 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- GoAhead Webserver Multiple Stored Cross Site Scripting Vulnerabilities
- Authentication bypassing in Lotus Domino
- Jetty Cross Site Scripting and Information Disclosure Vulnerabilities
- httpdx Space Character Remote File Disclosure Vulnerability
- Apache HTTP Server mod_proxy_ajp Process Timeout DoS Vulnerability (Windows)