Hi Nick,
Thanks for the reply!
On Tue, Oct 5, 2021 at 3:02 PM Nick Kew wrote:
>
>
>
> > On 5 Oct 2021, at 16:39, Matt Zagrabelny wrote:
> >
> > I am trying to configure a reverse proxy and am following the config file:
>
> What you've described looks basically OK (the complexity may or may not
> On 5 Oct 2021, at 16:39, Matt Zagrabelny wrote:
>
> I am trying to configure a reverse proxy and am following the config file:
What you've described looks basically OK (the complexity may or may not be
necessary). The debug output from your log doesn't obviously indicate a
problem.
> """
Greetings,
Running:
dpkg -l apache2 | grep ii
ii apache22.4.48-3.1+deb11u1 amd64Apache HTTP Server
I am trying to configure a reverse proxy and am following the config file:
/etc/apache2/mods-available/proxy_html.conf
and the website:
http://www.apachetutor.org/admin/reversepr
Severity: important
Description:
A flaw was found in a change made to path normalization in Apache HTTP Server
2.4.49. An attacker could use a path traversal attack to map URLs to files
outside the expected document root.
If files outside of the document root are not protected by "require al
Severity: moderate
Description:
While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected
during HTTP/2 request processing,
allowing an external source to DoS the server. This requires a specially
crafted request.
The vulnerability was recently introduced in version 2.4.49.
