The Solaris pollset feature in the Event Port backend in poll/unix/port.c in the Apache Portable Runtime (APR) library prior to 1.3.9, as used in the Apache HTTP Server prior to 2.2.14 and other products, does not properly handle errors, which allows remote malicious users to cause a denial of service (daemon hang) via unspecified HTTP requests, related to the prefork and event MPMs.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
apache http_server 2.2.4 |
||
apache http_server - |
||
apache http_server 2.2.0 |
||
apache http_server 2.2 |
||
apache http_server 1.1 |
||
apache http_server 1.1.1 |
||
apache http_server 1.3.0 |
||
apache http_server 1.3.1 |
||
apache http_server 1.3.15 |
||
apache http_server 1.3.16 |
||
apache http_server 1.3.24 |
||
apache http_server 1.3.25 |
||
apache http_server 1.3.31 |
||
apache http_server 1.3.32 |
||
apache http_server 1.3.39 |
||
apache http_server 1.3.4 |
||
apache http_server 1.4.0 |
||
apache http_server 1.99 |
||
apache http_server 2.0.36 |
||
apache http_server 2.0.37 |
||
apache http_server 2.0.44 |
||
apache http_server 2.0.45 |
||
apache http_server 2.0.53 |
||
apache http_server 2.0.54 |
||
apache http_server 2.0.9 |
||
apache http_server 2.1 |
||
apache http_server 2.1.7 |
||
apache http_server |
||
apache http_server 2.2.8 |
||
apache http_server 2.2.9 |
||
apache http_server 0.8.11 |
||
apache http_server 0.8.14 |
||
apache http_server 1.2.5 |
||
apache http_server 1.2.6 |
||
apache http_server 1.3.11 |
||
apache http_server 1.3.12 |
||
apache http_server 1.3.19 |
||
apache http_server 1.3.2 |
||
apache http_server 1.3.20 |
||
apache http_server 1.3.28 |
||
apache http_server 1.3.29 |
||
apache http_server 1.3.35 |
||
apache http_server 1.3.36 |
||
apache http_server 1.3.68 |
||
apache http_server 1.3.7 |
||
apache http_server 2.0.32 |
||
apache http_server 2.0.40 |
||
apache http_server 2.0.41 |
||
apache http_server 2.0.49 |
||
apache http_server 2.0.50 |
||
apache http_server 2.0.57 |
||
apache http_server 2.0.58 |
||
apache http_server 2.1.3 |
||
apache http_server 2.1.4 |
||
apache http_server 2.2.2 |
||
apache http_server 2.2.3 |
||
apache http_server 2.2.10 |
||
apache http_server 2.2.1 |
||
apache http_server 1.0.2 |
||
apache http_server 1.0.3 |
||
apache http_server 1.0.5 |
||
apache http_server 1.2.9 |
||
apache http_server 1.3 |
||
apache http_server 1.3.13 |
||
apache http_server 1.3.14 |
||
apache http_server 1.3.22 |
||
apache http_server 1.3.23 |
||
apache http_server 1.3.3 |
||
apache http_server 1.3.30 |
||
apache http_server 1.3.37 |
||
apache http_server 1.3.38 |
||
apache http_server 1.3.8 |
||
apache http_server 1.3.9 |
||
apache http_server 2.0.34 |
||
apache http_server 2.0.35 |
||
apache http_server 2.0.42 |
||
apache http_server 2.0.43 |
||
apache http_server 2.0.51 |
||
apache http_server 2.0.52 |
||
apache http_server 2.0.59 |
||
apache http_server 2.0.60 |
||
apache http_server 2.1.5 |
||
apache http_server 2.1.6 |
||
apache http_server 2.1.8 |
||
apache http_server 2.1.9 |
||
apache http_server 2.2.6 |
||
apache http_server 2.2.7 |
||
apache http_server 2.2.11 |
||
apache http_server 2.2.12 |
||
apache http_server 1.2 |
||
apache http_server 1.2.4 |
||
apache http_server 1.3.1.1 |
||
apache http_server 1.3.10 |
||
apache http_server 1.3.17 |
||
apache http_server 1.3.18 |
||
apache http_server 1.3.26 |
||
apache http_server 1.3.27 |
||
apache http_server 1.3.33 |
||
apache http_server 1.3.34 |
||
apache http_server 1.3.5 |
||
apache http_server 1.3.6 |
||
apache http_server 1.3.65 |
||
apache http_server 2.0 |
||
apache http_server 2.0.28 |
||
apache http_server 2.0.38 |
||
apache http_server 2.0.39 |
||
apache http_server 2.0.46 |
||
apache http_server 2.0.47 |
||
apache http_server 2.0.48 |
||
apache http_server 2.0.55 |
||
apache http_server 2.0.56 |
||
apache http_server 2.1.1 |
||
apache http_server 2.1.2 |
||
apache apr 0.9.18 |
||
apache apr 0.9.7 |
||
apache apr 1.2.1 |
||
apache apr |
||
apache apr 0.9.17 |
Vulmon