Apache Web Server mod_cgid Module CGI Data Redirection Vulnerability

Apache has reported a vulnerability in the mod_cgid module when the threaded MPM is used. The problem is said to occur due to mishandling of CGI redirect paths. The condition may potentially cause CGI data to inadvertently be sent to the wrong client. Depending on the context of the data being redirected, this could potentially expose sensitive information or incorrectly grant unauthorized access.


 

Privacy Statement
Copyright 2010, SecurityFocus