Vulnerability & Exploit Database

Displaying entries 1 - 10 of 29 in total

Results for: CVE-2011-3368 Back to search

DSA-2405-1 apache2 -- multiple issues Vulnerability

  • Severity: 5
  • Published: February 06, 2012

The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI cont...

USN-1259-1: Apache vulnerabilities Vulnerability

  • Severity: 5
  • Published: October 05, 2011

The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI cont...

SUSE Linux Security Vulnerability: CVE-2011-3368 Vulnerability

  • Severity: 5
  • Published: October 05, 2011

The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI cont...

RHSA-2012:0542: httpd security and bug fix update Vulnerability

  • Severity: 5
  • Published: October 05, 2011

Updated httpd packages that fix multiple security issues and one bug are now available for JBoss Enterprise Web Server 1.0.2 for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severi...

RHSA-2011:1392: httpd security and bug fix update Vulnerability

  • Severity: 5
  • Published: October 05, 2011

The Apache HTTP Server is a popular web server.It was discovered that the Apache HTTP Server did not properly validate therequest URI for proxied requests. In certain configurations, if a reverseproxy used the ProxyPassMatch directive, or if it used the RewriteRuledirective with the proxy flag, a remote attacker could make the proxyconne...

RHSA-2011:1391: httpd security and bug fix update Vulnerability

  • Severity: 5
  • Published: October 05, 2011

The Apache HTTP Server is a popular web server.It was discovered that the Apache HTTP Server did not properly validate therequest URI for proxied requests. In certain configurations, if a reverseproxy used the ProxyPassMatch directive, or if it used the RewriteRuledirective with the proxy flag, a remote attacker could make the proxyconne...

ELSA-2011-1392 Moderate: Oracle Linux httpd security and bug fix update Vulnerability

  • Severity: 5
  • Published: October 05, 2011

The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI cont...

IBM HTTP Server: CVE-2011-3368: Potential pattern expansion problem when mod_proxy and mod_rewrite are used together. Vulnerability

  • Severity: 5
  • Published: October 05, 2011

The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI cont...

HP System Management Homepage - HPSBMU02764 (CVE-2011-3368): Linux and Windows, Remote Cross Site Request Forgery (CSRF), Denial of Service (DoS), Execution of Arbitrary Code, Other Vulnerabilities Vulnerability

  • Severity: 5
  • Published: October 05, 2011

The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI cont...

Gentoo Linux: CVE-2011-3368: Apache HTTP Server: Multiple vulnerabilities Vulnerability

  • Severity: 5
  • Published: October 05, 2011

The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI cont...