Description

The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary "error state" in the backend server) via a malformed HTTP request.

Remediation

References

CVE-2011-3348

Related Vulnerabilities

WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-20151)

Django Improper Input Validation Vulnerability (CVE-2015-5144)

WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.3)

WordPress Plugin GiveWP-Donation and Fundraising Platform PHP Object Injection (2.3.0)

Apache Tomcat Credentials Management Errors Vulnerability (CVE-2009-3548)

Severity

Medium

Classification

CVE-2011-3348 CWE-400

Tags

Missing Update Known Vulnerabilities