Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2011-1392

Опубликовано: 20 окт. 2011
Источник: oracle-oval
Платформа: Oracle Linux 5

Описание

ELSA-2011-1392: httpd security and bug fix update (MODERATE)

[2.2.3-53.0.2.el5_7.3]

  • Fix mod_ssl always performing full renegotiation (orabug 12423387)
  • replace index.html with Oracle's index page oracle_index.html
  • update vstring and distro in specfile

[2.2.3-53.3]

  • add security fix for CVE-2011-3368 (#743903)
  • fix regressions in byterange handling (#736593)

Обновленные пакеты

Oracle Linux 5

Oracle Linux ia64

httpd

2.2.3-53.0.2.el5_7.3

httpd-devel

2.2.3-53.0.2.el5_7.3

httpd-manual

2.2.3-53.0.2.el5_7.3

mod_ssl

2.2.3-53.0.2.el5_7.3

Oracle Linux x86_64

httpd

2.2.3-53.0.2.el5_7.3

httpd-devel

2.2.3-53.0.2.el5_7.3

httpd-manual

2.2.3-53.0.2.el5_7.3

mod_ssl

2.2.3-53.0.2.el5_7.3

Oracle Linux i386

httpd

2.2.3-53.0.2.el5_7.3

httpd-devel

2.2.3-53.0.2.el5_7.3

httpd-manual

2.2.3-53.0.2.el5_7.3

mod_ssl

2.2.3-53.0.2.el5_7.3

Связанные CVE

CVE-2011-3368

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2011-3368

ubuntu
почти 14 лет назад

The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.

redhat логотип

CVE-2011-3368

redhat
почти 14 лет назад

The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.

nvd логотип

CVE-2011-3368

nvd
почти 14 лет назад

The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.

debian логотип

CVE-2011-3368

debian
почти 14 лет назад

The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2 ...

github логотип

GHSA-j85c-9w9v-p2p3

github
больше 3 лет назад

The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.