Linux Distros Unpatched Vulnerability : CVE-2022-2053

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When a POST request comes through AJP and the request exceeds the max-post-size limit maxEntitySize, Undertow's AjpServerRequestConduit implementation closes a...

SUSE CVE-2007-6420

Cross-site request forgery CSRF vulnerability in the balancer-manager in modproxybalancer for Apache HTTP Server 2.2.x allows remote attackers to gain privileges via unspecified vectors...

SUSE CVE-2007-6421

Cross-site scripting XSS vulnerability in balancer-manager in modproxybalancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the 1 ss, 2 wr, or 3 rr parameters, or 4 the URL...

SUSE CVE-2011-3348

The modproxyajp module in the Apache HTTP Server before 2.2.21, when used with modproxybalancer in certain configurations, allows remote attackers to cause a denial of service temporary "error state" in the backend server via a malformed HTTP request...

CVE-2022-2053

When a POST request comes through AJP and the request exceeds the max-post-size limit maxEntitySize, Undertow's AjpServerRequestConduit implementation closes a connection without sending any response to the client/proxy. This behavior results in that a front-end proxy marking the backend worker...

DEBIAN-CVE-2022-2053

When a POST request comes through AJP and the request exceeds the max-post-size limit maxEntitySize, Undertow's AjpServerRequestConduit implementation closes a connection without sending any response to the client/proxy. This behavior results in that a front-end proxy marking the backend worker...

httpd: XSS flaw in mod_proxy_balancer manager interface

Multiple cross-site scripting XSS vulnerabilities in the balancerhandler function in the manager interface in modproxybalancer.c in the modproxybalancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML vi...

httpd: XSS flaw in mod_proxy_balancer manager interface

Multiple cross-site scripting XSS vulnerabilities in the balancerhandler function in the manager interface in modproxybalancer.c in the modproxybalancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML vi...

httpd: mod_proxy_ajp remote temporary DoS

The modproxyajp module in the Apache HTTP Server before 2.2.21, when used with modproxybalancer in certain configurations, allows remote attackers to cause a denial of service temporary "error state" in the backend server via a malformed HTTP request...

Fedora 15 : httpd-2.2.21-1.fc15 (2011-12715)

This update includes the latest stable release of the Apache HTTP Server, version 2.2.21. Two security issues have been fixed : modproxyajp when combined with modproxybalancer: Prevents unrecognized HTTP methods from marking ajp: balancer members in an error state, avoiding denial of service...

apache mod-proxy-balancer 2.2.6 跨站脚本漏洞

No description provided by source...

apache mod-proxy-balancer 2.2.6 跨站脚本漏洞

No description provided by source...

No title provided

A cross-site request forgery issue was found in the modproxybalancer module. A remote attacker could cause a denial of service if modproxybalancer is enabled and an authenticated user is targeted. CVE-2007-6420...

httpd mod_proxy_balancer cross-site scripting

Cross-site scripting XSS vulnerability in balancer-manager in modproxybalancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the 1 ss, 2 wr, or 3 rr parameters, or 4 the URL...

httpd mod_proxy_balancer cross-site scripting

Cross-site scripting XSS vulnerability in balancer-manager in modproxybalancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the 1 ss, 2 wr, or 3 rr parameters, or 4 the URL...

DEBIAN-CVE-2007-6420

Cross-site request forgery CSRF vulnerability in the balancer-manager in modproxybalancer for Apache HTTP Server 2.2.x allows remote attackers to gain privileges via unspecified vectors...

PT-2008-1556 · Apache · Apache Http Server

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions 2.2.x before 2.2.7-dev Description: The issue is related to an unspecified vulnerability in mod proxy balancer for Apache HTTP Server when running on Windows. It allows remote attackers to trigger memory corruption...

DEBIAN-CVE-2007-6421

Cross-site scripting XSS vulnerability in balancer-manager in modproxybalancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the 1 ss, 2 wr, or 3 rr parameters, or 4 the URL...

CVE-2007-6422

The balancerhandler function in modproxybalancer in the Apache HTTP Server 2.2.0 through 2.2.6, when a threaded Multi-Processing Module is used, allows remote authenticated users to cause a denial of service child process crash via an invalid bb variable...