Description

The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary "error state" in the backend server) via a malformed HTTP request.

Remediation

References

CVE-2011-3348

Related Vulnerabilities

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-7982)

Python Other Vulnerability (CVE-2006-1542)

ReviveAdserver URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-5433)

MediaWiki URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-10959)

WordPress Plugin WordPress Download Manager Cross-Site Scripting (2.9.51)

Severity

Medium

Classification

CVE-2011-3348 CWE-400

Tags

Missing Update Known Vulnerabilities