Hi, all I have an Apache reverse proxy server (v2.2.21) redirects traffic from http to https for a back end web server. I don't know the exact version of the back end Apache web server because Oracle changed the version number but I am sure it is below v2.2.21. Our vulnerability scan shows that the web site has:
Apache httpd Range header remote DoS (CVE-2011-3192) (apache-httpd-cve-2011-3192) My question is that front end of Apache reverse proxy hide the back end web server problem, isn't it? If not, how do I fix the problem besides to upgrade the version of back end Apache web server? Thanks. Ryan Jiang Liz Claiborne, Inc. This message (including any attachments) is intended solely for the specific individual(s) or entity(ies) named above, and may contain legally privileged and confidential information. If you are not the intended recipient, please notify the sender immediately by replying to this message and then delete it. Any disclosure, copying, or distribution of this message, or the taking of any action based on it, by other than the intended recipient, is strictly prohibited.
