Summary
Apache is prone to an information-disclosure vulnerability that affects the 'mod_proxy_http' module.
Attackers can leverage this issue to gain access to sensitive information that may aid in further attacks.
Apache 2.2.9 on Unix is vulnerable.
Solution
Updates are available. Please see the references for more information.
References
Severity
Classification
-
CVE CVE-2010-2791 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- CA ARCserver D2D GWT RPC Request Multiple Vulnerabilities
- GoAhead Webserver Multiple Stored Cross Site Scripting Vulnerabilities
- IBM WebSphere Application Server Admin Console Cross-site Scripting Vulnerability
- Lighttpd Trailing Slash Information Disclosure Vulnerability
- Apache Tomcat Multiple Vulnerabilities January 2010