Apache mod_mem_cache information leak
Published:		20.06.2007
Source:		BUGTRAQ
SecurityVulns ID:		7829
Type:		remote
Level:		4/10
Description:		Under some conditions data from previsously sent server reply headers may be leaked.

Affected:		APACHE : Apache 2.2
CVE:		CVE-2007-1862 (The recall_headers function in mod_mem_cache in Apache 2.2.4 does not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously used data, which could be used by remote attackers to obtain potentially sensitive information.)

Original document

MANDRIVA, [ MDKSA-2007:127 ] - Updated apache packages fix mod_mem_cache issue (20.06.2007)

Discuss:

Read or add your comments to this news (0 comments)