Summary
Apache is prone to an information-disclosure vulnerability that affects the 'mod_proxy_http' module.
Attackers can leverage this issue to gain access to sensitive information that may aid in further attacks.
Apache 2.2.9 on Unix is vulnerable.
Solution
Updates are available. Please see the references for more information.
References
Severity
Classification
-
CVE CVE-2010-2791 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Apache Tomcat 'sort' and 'orderBy' Parameters Cross Site Scripting Vulnerabilities
- IBM WebSphere Application Server Cross-Site Request Forgery Vulnerability
- GoAhead WebServer 'name' and 'address' Cross-Site Scripting Vulnerabilities
- httpdx Space Character Remote File Disclosure Vulnerability
- Acritum Femitter Server URI Directory Traversal Vulnerability