A Watchfire whitepaper reports an vulnerability in the
Apache webserver. The vulnerability can be exploited by
malicious people causing cross site scripting, web cache
poisoining, session hijacking and most importantly the
ability to bypass web application firewall protection.
Exploiting this vulnerability requires multiple carefully
crafted HTTP requests, taking advantage of an caching server,
proxy server, web application firewall etc. This only affects
installations where Apache is used as HTTP proxy in
combination with the following web servers:
- IIS/6.0 and 5.0
- Apache 2.0.45 (as web server)
- apache 1.3.29
- WebSphere 5.1 and 5.0
- WebLogic 8.1 SP1
- Oracle9iAS web server 9.0.2
- SunONE web server 6.1 SP4