Description
The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary "error state" in the backend server) via a malformed HTTP request.
Remediation
References
Related Vulnerabilities
PHP Other Vulnerability (CVE-2004-0959)
WordPress Plugin Affiliates Manager Unspecified Vulnerability (2.7.7)
Magento Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-8156)
Squid Insufficient Verification of Data Authenticity Vulnerability (CVE-2016-4553)
PHP-Fusion Authentication Bypass by Capture-replay Vulnerability (CVE-2020-23178)