Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2009-1191

mod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server 2.2.11 allows remote attackers to obtain sensitive response data, intended for a client that sent an earlier POST request with no request body, via an HTTP request.

Related bugs and status

CVE-2009-1191 (Candidate) is related to these bugs:

Bug #379061: Please merge apache2((2.2.11-4)(main) from debian unstable(main)

Summary				In	Importance	Status
	379061	Please merge apache2((2.2.11-4)(main) from debian unstable(main)		apache2 (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://www.securitytra...
MISC: http://www.securityfoc...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://osvdb.org/53921
MISC: http://www.vupen.com/e...
MISC: http://www.vupen.com/e...
MISC: http://lists.apple.com...
MISC: http://security.gentoo...
MISC: http://www.mandriva.co...
MISC: http://www.mandriva.co...
MISC: http://www.ubuntu.com/...
MISC: https://lists.apache.o...
MISC: https://lists.apache.o...
MISC: https://lists.apache.o...
MISC: https://lists.apache.o...
MISC: https://lists.apache.o...
MISC: https://lists.apache.o...
MISC: https://lists.apache.o...
MISC: https://lists.apache.o...
MISC: https://lists.apache.o...
MISC: https://lists.apache.o...
MISC: https://lists.apache.o...
MISC: https://lists.apache.o...
MISC: https://lists.apache.o...
MISC: https://exchange.xforc...
MISC: http://support.apple.c...
MISC: http://svn.apache.org/...
MISC: http://www.apache.org/...
MISC: http://www.oracle.com/...
MISC: https://issues.apache....
MISC: https://oval.cisecurit...