Apache 7.0.x mod_proxy - Reverse Proxy Security Bypass

EDB-ID:

36352




Platform:

Linux

Date:

2011-11-24


source: https://www.securityfocus.com/bid/50802/info

Apache HTTP Server is prone to a security-bypass vulnerability.

Successful exploits will allow attackers to bypass certain security restrictions and obtain sensitive information about running web applications. 

The following example patterns are available:

RewriteRule ^(.*) http://www.example.com$1
ProxyPassMatch ^(.*) http://www.example.com$1