Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:19828
HistoryJun 21, 2010 - 12:00 a.m.

Apache mod_proxy_http模块超时处理信息泄露漏洞

2010-06-2100:00:00
Root
www.seebug.org
74

0.006 Low

EPSS

Percentile

75.6%

JSON

BUGTRAQ ID: 40827
CVE ID: CVE-2010-2068

Apache HTTP Server是一款流行的Web服务器。

Apache HTTP Server的mod_proxy_http模块中的mod_proxy_http.c文件没有正确地检测超时,在某些超时情况下服务器可能返回属于其他用户的响应,导致泄漏敏感信息。仅有可触发使用代理worker池的配置才受影响。

Apache 2.2.x
厂商补丁:

Apache Group

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://httpd.apache.org/security/vulnerabilities_22.html

Related

httpd 1
securityvulns 8
prion 2
ubuntucve 2
debiancve 2
cve 2
f5 2
nessus 14
seebug 1
openvas 7
altlinux 3
oracle 2
httpd
httpd
Apache Httpd < 2.2.16 : Timeout detection flaw (mod_proxy_http)
2010-06-09 00:00:00
securityvulns
securityvulns
[advisory] httpd Timeout detection flaw &#40;mod_proxy_http&#41; CVE-2010-2068
2010-06-14 00:00:00
Apache mod_proxy_http information leak
2010-08-19 00:00:00
[ MDVSA-2010:153 ] apache
2010-08-19 00:00:00
prion
prion
Design/Logic Flaw
2010-06-18 16:30:00
Design/Logic Flaw
2010-08-05 18:17:00
ubuntucve
ubuntucve
CVE-2010-2068
2010-06-18 00:00:00
CVE-2010-2791
2010-08-05 00:00:00
debiancve
debiancve
CVE-2010-2068
2010-06-18 16:30:00
CVE-2010-2791
2010-08-05 18:17:00
cve
cve
CVE-2010-2068
2010-06-18 16:30:00
CVE-2010-2791
2010-08-05 18:17:00
f5
f5
SOL23332326 - Apache HTTPD vulnerability CVE-2010-2791
2015-12-29 00:00:00
K23332326 : Apache HTTPD vulnerability CVE-2010-2791
2015-12-29 00:00:00
nessus
nessus
Apache 2.2 < 2.2.16 Multiple Vulnerabilities
2010-07-27 00:00:00
F5 Networks BIG-IP : Apache HTTPD vulnerability (K23332326)
2015-12-30 00:00:00
Apache 2.2.x < 2.2.16 Multiple Vulnerabilities
2010-07-30 00:00:00
seebug
seebug
Unix平台Apache mod_proxy_http模块超时处理信息泄露漏洞
2010-08-03 00:00:00
openvas
openvas
F5 BIG-IP - Apache HTTPD vulnerability CVE-2010-2791 and CVE-2010-2068
2016-01-05 00:00:00
Mandriva Update for apache MDVSA-2010:153 (apache)
2010-08-20 00:00:00
Mandriva Update for apache MDVSA-2010:153 (apache)
2010-08-20 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package apache2 version 2.2.16-alt1
2010-09-16 00:00:00
Security fix for the ALT Linux 8 package apache2 version 2.2.16-alt1
2010-09-16 00:00:00
Security fix for the ALT Linux 9 package apache2 version 2.2.16-alt1
2010-09-16 00:00:00
oracle
oracle
Oracle Critical Patch Update - July 2013
2013-07-16 00:00:00
Oracle Critical Patch Update - April 2013
2013-04-16 00:00:00

0.006 Low

EPSS

Percentile

75.6%

JSON
Related for SSV:19828
httpd1securityvulns8prion2ubuntucve2debiancve2cve2f52nessus14seebug1openvas7altlinux3oracle2