HTTP: Apache HTTPD mod_proxy Security Bypass

This signature detects attempts to exploit a known flaw in the Apache HTTP Server's reverse proxy module mod_proxy. A successful attack can lead to exposure of internal servers and their resources to outside users.

Extended Description

Apache HTTP Server is prone to an information disclosure vulnerability. An attacker can exploit this vulnerability to gain access to sensitive information.

Affected Products

Fujitsu interstage_application_server_web-j_edition

References

BugTraq: 49957

CVE: CVE-2011-3368

Short Name
HTTP:APACHE:MOD-PROXY-SECBYPASS
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Apache Bypass CVE-2011-3368 HTTPD Security bid:49957 mod_proxy
Release Date
01/09/2013
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3375
False Positive
Unknown
Vendors

Apache_software_foundation

Red_hat

Ibm

Gentoo

Hp

Avaya

Mandriva

Fujitsu

Slackware

Ubuntu

Oracle

Debian

CVSS Score

5.0

Found a potential security threat?