Apache 'mod_proxy_http' Timeout Handling Information Disclosure VulnerabilityDeprecated |
ID: oval:org.mitre.oval:def:11491 | Date: (C)2010-07-27 (M)2023-03-29 |
Class: VULNERABILITY | Family: windows |
mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request.
Platform: |
Microsoft Windows Server 2022 |
Microsoft Windows 11 |
Microsoft Windows Server 2019 |
Microsoft Windows 2000 |
Microsoft Windows 7 |
Microsoft Windows 10 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows 8 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2016 |
Microsoft Windows 8.1 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Vista |
Microsoft Windows XP |
Product: |
Apache HTTP Server |