Candidate: CVE-2009-1191
PublicDate: 2009-04-23 17:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191
 https://ubuntu.com/security/notices/USN-787-1
Description:
 mod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server
 2.2.11 allows remote attackers to obtain sensitive response data, intended
 for a client that sent an earlier POST request with no request body, via an
 HTTP request.
Ubuntu-Description:
Notes:
 jdstrand> affected code only in 2.2.11 (Ubuntu 9.04)
Bugs:
Priority: low
Discovered-by:
Assigned-to: jdstrand
CVSS: 

Patches_apache2:
upstream_apache2: released (2.2.11-4)
dapper_apache2: not-affected
hardy_apache2: not-affected
intrepid_apache2: not-affected (2.2.9-7ubuntu3)
jaunty_apache2: released (2.2.11-2ubuntu2.1)
devel_apache2: not-affected (2.2.11-6ubuntu1)