Intrusion Prevention

Apache.mod_proxy.Mode.Security.Bypass

Description

This indicates an attack attempt to exploit a Resource Explosure vulnerability in Apache Server.
The vulnerability is located in the "mod_proxy" module, which does not properly interact with "RewriteRule" and "ProxyPassMatch" pattern matches for configuration of a reverse proxy. It may allow remote attackers to access any intranet resources via a crafted URI.

Affected Products

Apache HTTP Server 1.3.x through 1.3.42
Apache HTTP Server 2.0.x through 2.0.64
Apache HTTP Server 2.2.x through 2.2.21

Impact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

Recommended Actions

Currently we are not aware of any vendor supplied patch for this issue.

CVE References

CVE-2011-4317