Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 538
Alerts This Week
Warning Icon 1 538

Apache: Internal Access Threat Due To Reverse Proxy Misconfiguration

General Esm H446
A new reverse proxy issue affecting Apache HTTP server can be used by attackers to access internal systems if certain rules are improperly configured, a security researcher said. Prutha Parikh, vulnerability signature engineer at Qualys, blogged that she uncovered the issue while creating a QualysGuard vulnerability signature for another reverse proxy issue, detailed in CVE-2011-3368. While reviewing the patch for the older bug, she discovered it was still possible to use a crafted request to exploit a fully-patched Apache Web Server.

The link for this article located at ThreatPost is no longer available.