Innovation factory security po information disclosure vulnerability A and solution-vulnerability warning-the black bar safety net

ID MYHACK58:62201132245
Type myhack58
Reporter 佚名
Modified 2011-11-03T00:00:00


Brief description:

CDN most afraid of leaking the user's original server address, once leaked, the so-called security services is non-existent.

Safe treasure the presence of multiple information disclosure vulnerabilities, the first report of the series!

Detailed description:

Information disclosure vulnerability in one, according to the characteristics of the application determine the service side of the real environment.

Vulnerability to prove:

Determine the safety of the treasure used is nginx/0.7.67 reverse proxy.

The interpretation of the security treasure real application server environment Apache Tomcat/6.0.28

Repair solutions:

Such vulnerability is too much, slowly repair.

Author: rayh4c@clouds