https://issues.apache.org/bugzilla/show_bug.cgi?id=51698
--- Comment #3 from Edward Quick edwardqu...@hotmail.com 2011-09-02 10:35:50
UTC ---
Hi there, I was testing this out to see if my site was vulnerable and got the
following results. I'm not sure looking at the code comments in
https://issues.apache.org/bugzilla/show_bug.cgi?id=51698
--- Comment #4 from Mark Thomas ma...@apache.org 2011-09-02 10:49:16 UTC ---
Bugzilla is not a support forum. Please use the users mailing list.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You
https://issues.apache.org/bugzilla/show_bug.cgi?id=51698
--- Comment #5 from Edward Quick edwardqu...@hotmail.com 2011-09-02 13:04:04
UTC ---
Sorry about that. Will do.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because:
https://issues.apache.org/bugzilla/show_bug.cgi?id=51698
Mark Thomas ma...@apache.org changed:
What|Removed |Added
Status|NEW |RESOLVED
https://issues.apache.org/bugzilla/show_bug.cgi?id=51698
--- Comment #1 from zhh zhh200...@gmail.com 2011-08-20 07:55:51 UTC ---
Created attachment 27417
-- https://issues.apache.org/bugzilla/attachment.cgi?id=27417
ajp Forward-Request packet forgery
second example: ajp Forward-Request packet