Apache 2.2 < 2.2.21 mod_proxy_ajp DoS
High Log Correlation Engine Plugin ID 800559
SynopsisThe remote web server is vulnerable to a denial of service attack.
DescriptionVersions of Apache 2.2 earlier than 2.2.21 are potentially affected by a denial of service vulnerability. An error exists in the mod_proxy_ajp module that can allow specially crafted HTTP requests to cause a backend server to temporarily enter an error state. This vulnerability only occurs when mod_proxy_ajp is used along with mod_proxy_balancer.
SolutionUpgrade to Apache version 2.2.21 or later.