Vulnerabilities > CVE-2012-3526 - Unspecified vulnerability in Thomas Eibner MOD Rpaf 0.5/0.6

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
thomas-eibner
nessus
NVD
Published: 2012-09-05
Updated: 2024-11-21

Summary

The reverse proxy add forward module (mod_rpaf) 0.5 and 0.6 for the Apache HTTP Server allows remote attackers to cause a denial of service (server or application crash) via multiple X-Forwarded-For headers in a request.

Vulnerable Configurations

Part Description Count
Application
Thomas_Eibner
2
Application
Apache
1

Nessus

NASL familyGentoo Local Security Checks
NASL idGENTOO_GLSA-201209-20.NASL
descriptionThe remote host is affected by the vulnerability described in GLSA-201209-20 (mod_rpaf: Denial of Service) An error has been found in the way mod_rpaf handles X-Forwarded-For headers. Please review the CVE identifier referenced below for details. Impact : A remote attacker could send a specially crafted HTTP header, possibly resulting in a Denial of Service condition. Workaround : There is no known workaround at this time.
last seen2020-06-01
modified2020-06-02
plugin id62362
published2012-09-28
reporterThis script is Copyright (C) 2012-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/62362
titleGLSA-201209-20 : mod_rpaf: Denial of Service

References