Oval Definition:	oval:org.mitre.oval:def:21452
Revision Date: 2014-02-24 Version: 31 Title: RHSA-2011:1391: httpd security and bug fix update (Moderate) Description: The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character. Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2011-3348 CVE-2011-3368 RHSA-2011:1391-01 Platform(s): Red Hat Enterprise Linux 6 Product(s): httpd Definition Synopsis The operating system installed on the system is Red Hat Enterprise Linux 6 AND Packages section httpd-devel is earlier than 0:2.2.15-9.el6_1.3 OR httpd-tools is earlier than 0:2.2.15-9.el6_1.3 OR httpd-manual is earlier than 0:2.2.15-9.el6_1.3 OR mod_ssl is earlier than 0:2.2.15-9.el6_1.3 OR httpd is earlier than 0:2.2.15-9.el6_1.3
BACK