CVE-2007-1862
CVE-2007-1862
The recall_headers function in mod_mem_cache in Apache 2.2.4 does not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously used data, which could be used by remote attackers to obtain potentially sensitive information.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://bugs.gentoo.org/show_bug.cgi?id=186219http://httpd.apache.org/security/vulnerabilities_22.htmlhttp://issues.apache.org/bugzilla/show_bug.cgi?id=41551http://osvdb.org/38641http://people.apache.org/~covener/2.2.x-mod_memcache-poolmgmt.diffhttp://secunia.com/advisories/26273http://secunia.com/advisories/26842http://secunia.com/advisories/27563http://security.gentoo.org/glsa/glsa-200711-06.xmlhttps://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E