A weakness has been reported in Apache HTTP Server, which can be exploited by malicious people to bypass certain security restrictions.
The weakness is caused due to the mod_proxy module, when configured in reverse proxy mode, incorrectly processing certain web requests. This can be exploited to send requests to an unintended server behind the proxy via a specially crafted URL.
Successful exploitation requires the use of "ProxyPassMatch" and "RewriteRule" configuration directives with a certain pattern match.
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to email@example.com