Apache 'mod_proxy_http' 2.2.9 For Unix Timeout Handling Information Disclosure Vulnerability Network Vulnerability

Summary

Apache is prone to an information-disclosure vulnerability that affects the 'mod_proxy_http' module. Attackers can leverage this issue to gain access to sensitive information that may aid in further attacks. Apache 2.2.9 on Unix is vulnerable.

Solution

Updates are available. Please see the references for more information.

References

http://httpd.apache.org/
http://httpd.apache.org/security/vulnerabilities_22.html
http://support.avaya.com/css/P8/documents/100109771
http://svn.apache.org/viewvc?view=revision&revision=699841
https://www.securityfocus.com/bid/42102

Updated on 2017-03-28

Severity

Classification

CVE CVE-2010-2791
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Apache Tomcat 'sort' and 'orderBy' Parameters Cross Site Scripting Vulnerabilities
IBM WebSphere Application Server Cross-Site Request Forgery Vulnerability
GoAhead WebServer 'name' and 'address' Cross-Site Scripting Vulnerabilities
httpdx Space Character Remote File Disclosure Vulnerability
Acritum Femitter Server URI Directory Traversal Vulnerability

Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability

Take action and discover your vulnerabilities