Endpoint Vulnerability

Apache Httpd - moderate:mod_proxy reverse proxy exposure(CVE-2011-4317)

Description

An additional exposure was found when using mod_proxy in reverse proxy mode. In certain configurations using RewriteRule with proxy flag or ProxyPassMatch, a remote attacker could cause the reverse proxy to connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to attacker.

Affected Products

Apache Httpd

References

CVE-2011-4317,