Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections: Developer - High Performance - Infrastructure - IT Management - Security - Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs

Partner Sites
JustLinux.com
Linux Planet
PHPBuilder
Technology Jobs

Top White Papers

Current Newswire:

More on LinuxToday

Applications Management Engineer Sr (NYC)
Next Step Systems
US-NY-New York

Justtechjobs.com Post A Job | Post A Resume

Apache Server Hit by Reverse Proxy Flaw

Nov 28, 2011, 21:00 (1 Talkback[s])

"The open source Apache HTTP Web Server is at risk from a reverse proxy flaw that is currently unpatched. The flaw was disclosed Qualys security researcher Purtha Parikh late last week and is related to a flaw that Apache first attempted to fix in October.

"While reviewing the patch for the older issue CVE-2011-3368, it appeared that it was still possible to make use of a crafted request that could exploit a fully patched Apache Web Server (Apache 2.2.21 with CVE-2011-3368 patch applied) to allow access to internal systems if the reverse proxy rules are configured incorrectly, Parikh reported.

Complete Story

Related Stories: