Mantis - Resin
Viewing Issue Advanced Details
2950 major always 09-19-08 03:06 09-23-08 13:59
Pieter Schoenmakers  
ferg  
normal  
closed 3.0.24  
fixed  
none    
none 3.0.25  
0002950: mod_caucho open proxy and DOS
mod_caucho can be turned into an open proxy. Luckily, it shoots itself in the foot in the process, turning the abuse into a mere DOS attack.

Environment:
Resin Pro 3.0.24 (licensed)
Red Hat Enterprise Linux
Sun JDK 1.5.0.16
Apache 2.0.51

Hello,

I would like to report a problem with mod_caucho. As it is a security problem, I do not want to disclose details here.

I tried to find an e-mailadres where to report the issue, but could not find any. I assume this bug tracking system to be more appropriate than sales@caucho.com. />
Please contact me by e-mail; use the e-mail address associated with this account.

Regards,
Pieter Schoenmakers

Notes
(0003474)
ferg   
09-23-08 13:59   
Applies to 3.0.25, 3.1.8, and 3.2.1.