|
|
CVE Reference: CVE-2007-1862 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-1862 |
|
|
Description: The recall_headers function in mod_mem_cache in Apache 2.2.4 does not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously used data, which could be used by remote attackers to obtain potentially sensitive information. |
|
|
CVE Status: Candidate |
|
|
References: SAID Secunia Advisory: SA26273 Secunia Advisory: SA26842 Secunia Advisory: SA27563 OSVDB 38641 MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:127 GENTOO http://security.gentoo.org/glsa/glsa-200711-06.xml FEDORA http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=186219 http://httpd.apache.org/security/vulnerabilities_22.html http://people.apache.org/~covener/2.2.x-mod_memcache-poolmgmt.diff http://issues.apache.org/bugzilla/show_bug.cgi?id=41551 BID 24553 |
|
| Return to the previous page. |
