Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2009-2699

Published: 13/10/2009 Updated: 19/09/2022
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 446
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Http Server

Vulnerability Summary

The Solaris pollset feature in the Event Port backend in poll/unix/port.c in the Apache Portable Runtime (APR) library prior to 1.3.9, as used in the Apache HTTP Server prior to 2.2.14 and other products, does not properly handle errors, which allows remote malicious users to cause a denial of service (daemon hang) via unspecified HTTP requests, related to the prefork and event MPMs.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apache http server

apache portable runtime

Github Repositories

CVE-2009-2699 The Solaris pollset feature in the Event Port backend in poll/unix/portc in the Apache Portable Runtime (APR) library before 139, as used in the Apache HTTP Server before 2214 and other products, does not properly handle errors, which allows remote attackers to cause a denial of service (daemon hang) via unspecified HTTP requests, related to the prefork and e

ReconScan

Network reconnaissance and vulnerability assessment tools.

ReconScan The purpose of this project is to develop scripts that can be useful in the pentesting workflow, be it for VulnHub VMs, CTFs, hands-on certificates, or real-world targets The project currently consists of two major components: a script invoking and aggregating the results of existing tools, and a second script for automated analysis of the aforementioned results from

ReconScan

Network reconnaissance and vulnerability assessment tools.

ReconScan The purpose of this project is to develop scripts that can be useful in the pentesting workflow, be it for VulnHub VMs, CTFs, hands-on certificates, or real-world targets The project currently consists of two major components: a script invoking and aggregating the results of existing tools, and a second script for automated analysis of the aforementioned results from

test

repository ini digunakan untuk belajar

ReconScan The purpose of this project is to develop scripts that can be useful in the pentesting workflow, be it for VulnHub VMs, CTFs, hands-on certificates, or real-world targets The project currently consists of two major components: a script invoking and aggregating the results of existing tools, and a second script for automated analysis of the aforementioned results from

ReconScan

Network reconnaissance and vulnerability assessment tools.

ReconScan The purpose of this project is to develop scripts that can be useful in the pentesting workflow, be it for VulnHub VMs, CTFs, hands-on certificates, or real-world targets The project currently consists of two major components: a script invoking and aggregating the results of existing tools, and a second script for automated analysis of the aforementioned results from

Strike A python tool to quickly analyze all IPs and see which ones have open ports and vulnerabilities Installation apt-get install python3 git clone githubcom/SecureAxom/strike cd strike pip3 install -r requirementstxt python3 strikepy Usages python3 strikepy -h python3 strikepy -t 20891

References

NVD-CWE-noinfohttp://www.securityfocus.com/bid/36596http://www.apache.org/dist/httpd/CHANGES_2.2.14http://securitytracker.com/id?1022988https://issues.apache.org/bugzilla/show_bug.cgi?id=47645http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.htmlhttp://www.mandriva.com/security/advisories?name=MDVSA-2013:150http://marc.info/?l=bugtraq&m=133355494609819&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/53666https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d@%3Ccvs.httpd.apache.org%3Ehttps://github.com/Live-Hack-CVE/CVE-2009-2699https://www.securityfocus.com/bid/36596https://nvd.nist.govhttps://github.com/RoliSoft/ReconScanhttp://tools.cisco.com/security/center/viewAlert.x?alertId=19155
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-22281CVE-2023-0617CVE-2022-31711CVE-2023-0115CVE-2022-27596privilegedosCVE-2022-47003arbitrary code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook