Apache HTTP Server: Multiple vulnerabilities

Apache HTTP Server: Multiple vulnerabilities Multiple vulnerabilities were found in Apache HTTP Server. apache June 24, 2012 June 24, 2012: 1 308049 330195 380475 382971 385859 389353 392189 398761 401081 412481 local, remote 2.2.22-r1 2.2.22-r1

Apache HTTP Server is one of the most popular web servers on the Internet.

Multiple vulnerabilities have been discovered in Apache HTTP Server. Please review the CVE identifiers referenced below for details.

A remote attacker might obtain sensitive information, gain privileges, send requests to unintended servers behind proxies, bypass certain security restrictions, obtain the values of HTTPOnly cookies, or cause a Denial of Service in various ways.

A local attacker could gain escalated privileges.

There is no known workaround at this time.

All Apache HTTP Server users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=www-servers/apache-2.2.22-r1"

CVE-2010-0408 CVE-2010-0434 CVE-2010-1452 CVE-2010-2791 CVE-2011-3192 CVE-2011-3348 CVE-2011-3368 CVE-2011-3607 CVE-2011-4317 CVE-2012-0021 CVE-2012-0031 CVE-2012-0053 CVE-2012-0883 craig keytoaster