what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Red Hat Security Advisory 2012-1166-01 https://packetstormsecurity.com/files/115461/RHSA-2012-1166-01.txt https://packetstormsecurity.com/files/115461/RHSA-2012-1166-01.txt https://packetstormsecurity.com/files/115461/Red-Hat-Security-Advisory-2012-1166-01.html Tue, 14 Aug 2012 01:05:08 GMT Red Hat Security Advisory 2012-1166-01 - mod_cluster is an Apache HTTP Server based load balancer that forwards requests from httpd to application server nodes. It can use the AJP, HTTP, or HTTPS protocols for communication with application server nodes. The RHSA-2012:0035 update for JBoss Enterprise Web Server 1.0.2 introduced a regression, causing mod_cluster to register and expose the root context of a server by default, even when "ROOT" was in the "excludedContexts" list in the mod_cluster configuration. If an application was deployed on the root context, a remote attacker could use this flaw to bypass intended access restrictions and gain access to that application.

Related Files

No related files
packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close