10
CVSSv2

CVE-2010-0425

Published: 05/03/2010 Updated: 21/11/2024

Vulnerability Summary

modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 up to and including 2.0.63, 2.2.0 up to and including 2.2.14, and 2.3.x prior to 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISAPI .dll module, which allows remote malicious users to execute arbitrary code via unspecified vectors related to a crafted request, a reset packet, and "orphaned callback pointers."

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apache http server 2.3.0

apache http server 2.3.1

apache http server 2.3.2

apache http server 2.3.3

apache http server 2.3.4

apache http server 2.3.5

apache http server 2.3.6

apache http server 2.0.9

apache http server 2.0.28

apache http server 2.0.32

apache http server 2.0.34

apache http server 2.0.35

apache http server 2.0.36

apache http server 2.0.37

apache http server 2.0.38

apache http server 2.0.39

apache http server 2.0.40

apache http server 2.0.41

apache http server 2.0.42

apache http server 2.0.43

apache http server 2.0.44

apache http server 2.0.45

apache http server 2.0.46

apache http server 2.0.47

apache http server 2.0.48

apache http server 2.0.49

apache http server 2.0.50

apache http server 2.0.51

apache http server 2.0.52

apache http server 2.0.53

apache http server 2.0.54

apache http server 2.0.55

apache http server 2.0.56

apache http server 2.0.57

apache http server 2.0.58

apache http server 2.0.59

apache http server 2.0.60

apache http server 2.0.61

apache http server 2.0.63

apache http server -

apache http server 2.2.0

apache http server 2.2.1

apache http server 2.2.2

apache http server 2.2.3

apache http server 2.2.4

apache http server 2.2.6

apache http server 2.2.7

apache http server 2.2.8

apache http server 2.2.9

apache http server 2.2.10

apache http server 2.2.11

apache http server 2.2.12

apache http server 2.2.13

apache http server 2.2.14

Exploits

Apache version 2214 mod_isapi remote SYSTEM exploit Due to the nature of the vulnerability, and exploitation method, DEP should be limited to essential Windows programs and services At worst, if DEP is enabled for the Apache process, you could cause a constant DoS by looping this (since apache will automatically restart) ...
; Write-to-file Shellcode ; ; This shellcode was used in the exploit for: CVE-2010-0425 ; Supported: Windows 2000, WinXP, Server 2003, Server 2008, Vista, Windows 7 ; ; Size: 278 bytes ; //////////////////////////////////////////////////////////////////////////////// ; \x31\xc0\x31\xc9\x64\x8b\x71\x30\x8b\x76\x0c\x8b\x76\x1c\x8b\x56\x08\x8b\x7e\x20 ...
/* * Apache 2214 mod_isapi Dangling Pointer Remote SYSTEM Exploit (CVE-2010-0425) * ------------------------------------------------------------------------------ * * Advisory: wwwsenseofsecuritycomau/advisories/SOS-10-002 * * Description: * pwn-isapicpp exploits a dangling pointer vulnerabilty in Apache 2214 mod_isapi * Du ...