CVE-2009-3095

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server (affected versions not specified)

Description: The issue allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server. This is achieved by embedding commands in the Authorization HTTP header. In a reverse proxy configuration, a remote attacker could use this flaw to bypass access restrictions by creating a carefully-crafted HTTP Authorization header.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.