Apache Subrequest Handling Information Disclosure Vulnerability

Apache is prone to an information-disclosure vulnerability.

Attackers can leverage this issue to gain access to sensitive information; attacks may also result in denial-of-service conditions.

Apache versions prior to 2.2.15 are affected.

NOTE: This issue was previously described in BID 38494 (Apache Multiple Security Vulnerabilities), but has been assigned its own record to better document the vulnerability.


Privacy Statement
Copyright 2010, SecurityFocus