Unix平台Apache mod_proxy_http模块超时处理信息泄露漏洞

BUGTRAQ ID: 42102 CVECAN ID: CVE-2010-2791 Apache HTTP Server是一款流行的Web服务器。 Apache HTTP Server的modproxyhttp模块中的modproxyhttp.c文件没有正确地检测超时，在某些超时情况下服务器可能返回属于其他用户的响应，导致泄漏敏感信息。仅有可触发使用代理worker池的配置才受影响。 该漏洞与CVE-2010-2068中所述漏洞相同，但影响的是Unix系统上的httpd。 Apache 2.2.9 厂商补丁： Apache Group ------------...

CVE-2010-2068

modproxyhttp.c in modproxyhttp in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive...

CVE-2010-2068

modproxyhttp.c in modproxyhttp in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive...

CVE-2010-2068

CVE-2010-2068 affects Apache HTTP ServerAffected: mod_proxy_http.c in Apache HTTP Server 2.2.9–2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, OS/2 in certain proxy worker pool configurations.Root cause: timeout handling in mod_proxy_http did not correctly detect timeouts, allowing a re...

Apache HTTP Server 'mod_proxy_http.c' Denial Of Service Vulnerability

Apache HTTP Server is prone to a Denial of Service vulnerability. Copyright C 2009 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

Apache 'mod_proxy_http.c' Denial Of Service Vulnerability

This host is running Apache HTTP Server and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: gbapachemodproxydosvuln.nasl 7176 2017-09-18 12:01:01Z cfischer $ Apache 'modproxyhttp.c' Denial Of Service Vulnerability Authors: Sharath S Copyright: Copyright c 2009 Greenbo...