The host is installed with Apache HTTP Server 1.3.x through 1.3.42 or 2.0.x through 2.0.64 or 2.2.x through 2.2.21 and is prone to information disclosure vulnerability. A flaw is present in the application, which is caused by an error in mod_proxy when configured in reverse proxy mode and using the RewriteRule or ProxyPassMatch directives with a pattern match. Successful exploitation allows remote attackers to gain unauthorized access to internal servers to obtain sensitive information.