CVE-2011-3348
Published: 20 September 2011
The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary "error state" in the backend server) via a malformed HTTP request.
Priority
Status
Package | Release | Status |
---|---|---|
apache2 Launchpad, Ubuntu, Debian |
hardy |
Released
(2.2.8-1ubuntu0.22)
|
lucid |
Released
(2.2.14-5ubuntu8.7)
|
|
maverick |
Released
(2.2.16-1ubuntu3.4)
|
|
natty |
Released
(2.2.17-1ubuntu1.4)
|
|
oneiric |
Released
(2.2.20-1ubuntu1.1)
|
|
upstream |
Released
(2.2.21)
|
|
Patches: vendor: https://rhn.redhat.com/errata/RHSA-2011-1391.html upstream: http://svn.apache.org/viewvc?view=revision&revision=1167158 |