Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2010-0425

Published: 05/03/2010 Updated: 14/02/2024
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Apache

Vulnerability Summary

modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 up to and including 2.0.63, 2.2.0 up to and including 2.2.14, and 2.3.x prior to 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISAPI .dll module, which allows remote malicious users to execute arbitrary code via unspecified vectors related to a crafted request, a reset packet, and "orphaned callback pointers."

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apache http_server 2.3.0

apache http_server 2.3.1

apache http_server 2.3.2

apache http_server 2.3.3

apache http_server 2.3.4

apache http_server 2.3.5

apache http_server 2.3.6

apache http_server 2.0.9

apache http_server 2.0.28

apache http_server 2.0.32

apache http_server 2.0.34

apache http_server 2.0.35

apache http_server 2.0.36

apache http_server 2.0.37

apache http_server 2.0.38

apache http_server 2.0.39

apache http_server 2.0.40

apache http_server 2.0.41

apache http_server 2.0.42

apache http_server 2.0.43

apache http_server 2.0.44

apache http_server 2.0.45

apache http_server 2.0.46

apache http_server 2.0.47

apache http_server 2.0.48

apache http_server 2.0.49

apache http_server 2.0.50

apache http_server 2.0.51

apache http_server 2.0.52

apache http_server 2.0.53

apache http_server 2.0.54

apache http_server 2.0.55

apache http_server 2.0.56

apache http_server 2.0.57

apache http_server 2.0.58

apache http_server 2.0.59

apache http_server 2.0.60

apache http_server 2.0.61

apache http_server 2.0.63

apache http_server -

apache http_server 2.2.0

apache http_server 2.2.1

apache http_server 2.2.2

apache http_server 2.2.3

apache http_server 2.2.4

apache http_server 2.2.6

apache http_server 2.2.7

apache http_server 2.2.8

apache http_server 2.2.9

apache http_server 2.2.10

apache http_server 2.2.11

apache http_server 2.2.12

apache http_server 2.2.13

apache http_server 2.2.14

Exploits

Exploit DB: Apache 2.2.14 mod_isapi Remote SYSTEM Exploit
Apache version 2214 mod_isapi remote SYSTEM exploit Due to the nature of the vulnerability, and exploitation method, DEP should be limited to essential Windows programs and services At worst, if DEP is enabled for the Apache process, you could cause a constant DoS by looping this (since apache will automatically restart) ...
Exploit DB: Apache 2.2.14 mod_isapi - Dangling Pointer Remote SYSTEM
/* * Apache 2214 mod_isapi Dangling Pointer Remote SYSTEM Exploit (CVE-2010-0425) * ------------------------------------------------------------------------------ * * Advisory: wwwsenseofsecuritycomau/advisories/SOS-10-002 * * Description: * pwn-isapicpp exploits a dangling pointer vulnerabilty in Apache 2214 mod_isapi * Du ...
Exploit DB: Windows/x86 - Write-to-file ('pwned' ./f.txt) + Null-Free Shellcode (278 bytes)
; Write-to-file Shellcode ; ; This shellcode was used in the exploit for: CVE-2010-0425 ; Supported: Windows 2000, WinXP, Server 2003, Server 2008, Vista, Windows 7 ; ; Size: 278 bytes ; //////////////////////////////////////////////////////////////////////////////// ; \x31\xc0\x31\xc9\x64\x8b\x71\x30\x8b\x76\x0c\x8b\x76\x1c\x8b\x56\x08\x8b\x7e\x20 ...

References

NVD-CWE-noinfohttp://svn.apache.org/viewvc?view=revision&revision=917870http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?r1=917870&r2=917869&pathrev=917870http://www.securityfocus.com/bid/38494http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/arch/win32/mod_isapi.c?r1=917870&r2=917869&pathrev=917870http://www.senseofsecurity.com.au/advisories/SOS-10-002http://httpd.apache.org/security/vulnerabilities_22.htmlhttp://www.securitytracker.com/id?1023701http://www.vupen.com/english/advisories/2010/0634http://www-01.ibm.com/support/docview.wss?uid=swg1PM09447http://www.kb.cert.org/vuls/id/280613http://httpd.apache.org/security/vulnerabilities_20.htmlhttp://secunia.com/advisories/38978http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247http://secunia.com/advisories/39628http://www.vupen.com/english/advisories/2010/0994http://lists.vmware.com/pipermail/security-announce/2010/000105.htmlhttp://www.vmware.com/security/advisories/VMSA-2010-0014.htmlhttp://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/56624https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8439https://www.exploit-db.com/exploits/11650https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3Ehttps://nvd.nist.govhttps://packetstormsecurity.com/files/86964/Apache-2.2.14-mod_isapi-Remote-SYSTEM-Exploit.htmlhttps://www.exploit-db.com/exploits/11650/https://www.kb.cert.org/vuls/id/280613
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
injectionCVE-2024-30983CVE-2023-4235CVE-2024-21338privilegeencryptionCVE-2023-4232CVE-2024-31497CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook