Published: 23/04/2009 Updated: 13/02/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Subscribe to Http Server

mod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server 2.2.11 allows remote malicious users to obtain sensitive response data, intended for a client that sent an earlier POST request with no request body, via an HTTP request.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apache http server 2.2.11
canonical ubuntu linux 9.04
canonical ubuntu linux 8.10
canonical ubuntu linux 8.04
canonical ubuntu linux 6.06

Synopsis Important: httpd security update Type/Severity Security Advisory: Important Topic Updated httpd packages that fix a security issue in mod_proxy_ajp are nowavailable for JBoss Enterprise Web Server 100This update has been rated as having important security impact by the RedHat Security Response T ...

Matthew Palmer discovered an underflow flaw in apr-util as included in Apache An attacker could cause a denial of service via application crash in Apache using a crafted SVNMasterURI directive, htaccess file, or when using mod_apreq2 This issue only affected Ubuntu 606 LTS (CVE-2009-0023) ...

NVD-CWE-noinfo http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?r1=766938&r2=767089 http://www.securityfocus.com/bid/34663 http://secunia.com/advisories/34827 http://www.apache.org/dist/httpd/patches/apply_to_2.2.11/PR46949.diff https://issues.apache.org/bugzilla/show_bug.cgi?id=46949 http://osvdb.org/53921 http://www.vupen.com/english/advisories/2009/1147 http://www.mandriva.com/security/advisories?name=MDVSA-2009:102 http://www.securitytracker.com/id?1022264 http://www.ubuntu.com/usn/usn-787-1 http://secunia.com/advisories/35395 http://security.gentoo.org/glsa/glsa-200907-04.xml http://secunia.com/advisories/35721 http://support.apple.com/kb/HT3937 http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html http://www.vupen.com/english/advisories/2009/3184 http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 https://exchange.xforce.ibmcloud.com/vulnerabilities/50059 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8261 https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E https://access.redhat.com/errata/RHSA-2009:1058 https://usn.ubuntu.com/787-1/https://nvd.nist.gov

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook