Apache 'mod_proxy_http' 2.2.9 For Unix Timeout Handling Information Disclosure Vulnerability Network Vulnerability

Summary

Apache is prone to an information-disclosure vulnerability that affects the 'mod_proxy_http' module. Attackers can leverage this issue to gain access to sensitive information that may aid in further attacks. Apache 2.2.9 on Unix is vulnerable.

Solution

Updates are available. Please see the references for more information.

References

http://httpd.apache.org/
http://httpd.apache.org/security/vulnerabilities_22.html
http://support.avaya.com/css/P8/documents/100109771
http://svn.apache.org/viewvc?view=revision&revision=699841
https://www.securityfocus.com/bid/42102

Updated on 2017-03-28

Severity

Classification

CVE CVE-2010-2791

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Check for IIS .cnf file leakage
HTTP File Server Security Bypass and Denial of Service Vulnerabilities
CERN HTTPD access control bypass
Ecava IntegraXor Account Information Disclosure Vulnerability
BadBlue invalid null byte vulnerability