Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2007-6750
HistoryDec 27, 2011 - 6:55 p.m.

CVE-2007-6750

2011-12-2718:55:00
CWE-399
[email protected]
web.nvd.nist.gov
1948
5
apache http server
cve-2007-6750
denial of service
mod_reqtimeout
slowloris

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7 High

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

87.8%

JSON

The Apache HTTP Server 1.x and 2.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris, related to the lack of the mod_reqtimeout module in versions before 2.2.15.

Affected configurations

NVD
Node
apachehttp_serverRange2.2.14
OR
apachehttp_serverMatch1.0
OR
apachehttp_serverMatch1.0.2
OR
apachehttp_serverMatch1.0.3
OR
apachehttp_serverMatch1.0.5
OR
apachehttp_serverMatch1.1
OR
apachehttp_serverMatch1.1.1
OR
apachehttp_serverMatch1.2
OR
apachehttp_serverMatch1.2.4
OR
apachehttp_serverMatch1.2.5
OR
apachehttp_serverMatch1.2.6
OR
apachehttp_serverMatch1.2.9
OR
apachehttp_serverMatch1.3
OR
apachehttp_serverMatch1.3.0
OR
apachehttp_serverMatch1.3.1
OR
apachehttp_serverMatch1.3.1.1
OR
apachehttp_serverMatch1.3.2
OR
apachehttp_serverMatch1.3.3
OR
apachehttp_serverMatch1.3.4
OR
apachehttp_serverMatch1.3.5
OR
apachehttp_serverMatch1.3.6
OR
apachehttp_serverMatch1.3.7
OR
apachehttp_serverMatch1.3.8
OR
apachehttp_serverMatch1.3.9
OR
apachehttp_serverMatch1.3.10
OR
apachehttp_serverMatch1.3.11
OR
apachehttp_serverMatch1.3.12
OR
apachehttp_serverMatch1.3.13
OR
apachehttp_serverMatch1.3.14
OR
apachehttp_serverMatch1.3.15
OR
apachehttp_serverMatch1.3.16
OR
apachehttp_serverMatch1.3.17
OR
apachehttp_serverMatch1.3.18
OR
apachehttp_serverMatch1.3.19
OR
apachehttp_serverMatch1.3.20
OR
apachehttp_serverMatch1.3.22
OR
apachehttp_serverMatch1.3.23
OR
apachehttp_serverMatch1.3.24
OR
apachehttp_serverMatch1.3.25
OR
apachehttp_serverMatch1.3.26
OR
apachehttp_serverMatch1.3.27
OR
apachehttp_serverMatch1.3.28
OR
apachehttp_serverMatch1.3.29
OR
apachehttp_serverMatch1.3.30
OR
apachehttp_serverMatch1.3.31
OR
apachehttp_serverMatch1.3.32
OR
apachehttp_serverMatch1.3.33
OR
apachehttp_serverMatch1.3.34
OR
apachehttp_serverMatch1.3.35
OR
apachehttp_serverMatch1.3.36
OR
apachehttp_serverMatch1.3.37
OR
apachehttp_serverMatch1.3.38
OR
apachehttp_serverMatch1.3.39
OR
apachehttp_serverMatch1.3.41
OR
apachehttp_serverMatch1.3.42
OR
apachehttp_serverMatch1.3.65
OR
apachehttp_serverMatch1.3.68
OR
apachehttp_serverMatch1.4.0
OR
apachehttp_serverMatch1.99
OR
apachehttp_serverMatch2.0
OR
apachehttp_serverMatch2.0.9
OR
apachehttp_serverMatch2.0.28
OR
apachehttp_serverMatch2.0.28beta
OR
apachehttp_serverMatch2.0.32
OR
apachehttp_serverMatch2.0.32beta
OR
apachehttp_serverMatch2.0.34beta
OR
apachehttp_serverMatch2.0.35
OR
apachehttp_serverMatch2.0.36
OR
apachehttp_serverMatch2.0.37
OR
apachehttp_serverMatch2.0.38
OR
apachehttp_serverMatch2.0.39
OR
apachehttp_serverMatch2.0.40
OR
apachehttp_serverMatch2.0.41
OR
apachehttp_serverMatch2.0.42
OR
apachehttp_serverMatch2.0.43
OR
apachehttp_serverMatch2.0.44
OR
apachehttp_serverMatch2.0.45
OR
apachehttp_serverMatch2.0.46
OR
apachehttp_serverMatch2.0.47
OR
apachehttp_serverMatch2.0.48
OR
apachehttp_serverMatch2.0.49
OR
apachehttp_serverMatch2.0.50
OR
apachehttp_serverMatch2.0.51
OR
apachehttp_serverMatch2.0.52
OR
apachehttp_serverMatch2.0.53
OR
apachehttp_serverMatch2.0.54
OR
apachehttp_serverMatch2.0.55
OR
apachehttp_serverMatch2.0.56
OR
apachehttp_serverMatch2.0.57
OR
apachehttp_serverMatch2.0.58
OR
apachehttp_serverMatch2.0.59
OR
apachehttp_serverMatch2.0.60
OR
apachehttp_serverMatch2.0.61
OR
apachehttp_serverMatch2.0.63
OR
apachehttp_serverMatch2.1
OR
apachehttp_serverMatch2.1.1
OR
apachehttp_serverMatch2.1.2
OR
apachehttp_serverMatch2.1.3
OR
apachehttp_serverMatch2.1.4
OR
apachehttp_serverMatch2.1.5
OR
apachehttp_serverMatch2.1.6
OR
apachehttp_serverMatch2.1.7
OR
apachehttp_serverMatch2.1.8
OR
apachehttp_serverMatch2.1.9
OR
apachehttp_serverMatch2.2
OR
apachehttp_serverMatch2.2.0
OR
apachehttp_serverMatch2.2.1
OR
apachehttp_serverMatch2.2.2
OR
apachehttp_serverMatch2.2.3
OR
apachehttp_serverMatch2.2.4
OR
apachehttp_serverMatch2.2.6
OR
apachehttp_serverMatch2.2.8
OR
apachehttp_serverMatch2.2.9
OR
apachehttp_serverMatch2.2.10
OR
apachehttp_serverMatch2.2.11
OR
apachehttp_serverMatch2.2.12
OR
apachehttp_serverMatch2.2.13

Social References

More

Related

ibm 3
hackerone 1
cvelist 1
nvd 1
f5 2
prion 1
nessus 11
debiancve 1
ubuntucve 1
suse 3
openvas 10
apple 2
nmap 1
gentoo 1
oracle 1
ibm
ibm
Security Bulletin: IBM Security Network Intrusion Prevention System is affected by a vulnerability in Apache (CVE-2007-6750)
2022-02-23 19:48:26
Security Bulletin: Denial of service for accessing data using HTTP protocol on IBM Storwize V7000 Unified (CVE-2007-6750)
2018-06-18 00:08:33
Security Bulletin: Denial of service for accessing data using HTTP protocol on IBM SONAS (CVE-2007-6750)
2018-06-18 00:08:32
hackerone
hackerone
Tor: solving TOR vulnerability, in other to make bruteforce difficult
2017-09-14 14:11:07
cvelist
cvelist
CVE-2007-6750
2011-12-27 18:00:00
nvd
nvd
CVE-2007-6750
2011-12-27 18:55:00
f5
f5
K12636 : Slowloris denial-of-service attack vulnerability CVE-2007-6750
2015-04-29 00:00:00
SOL12636 - Slowloris denial-of-service attack vulnerability CVE-2007-6750
2011-02-22 00:00:00
prion
prion
Code injection
2011-12-27 18:55:00
nessus
nessus
F5 Networks BIG-IP : Slowloris denial-of-service attack vulnerability (K12636)
2017-02-28 00:00:00
SuSE 11.1 Security Update : Apache2 (SAT Patch Number 5760)
2012-02-20 00:00:00
openSUSE Security Update : apache2-201202 (openSUSE-SU-2012:0314-1)
2014-06-13 00:00:00
debiancve
debiancve
CVE-2007-6750
2011-12-27 18:55:00
ubuntucve
ubuntucve
CVE-2007-6750
2011-12-27 00:00:00
suse
suse
Security update for Apache2 (important)
2012-02-18 13:08:15
apache2: fixed various security bugs (important)
2012-02-28 18:08:26
Security update for Apache2 (important)
2012-03-06 21:08:42
openvas
openvas
Apple OS X Server Denial of Service And User Enumeration Vulnerabilities
2017-04-03 00:00:00
SuSE Update for apache2 openSUSE-SU-2012:0314-1 (apache2)
2012-08-02 00:00:00
openSUSE: Security Advisory for apache2 (openSUSE-SU-2012:0314-1)
2012-08-02 00:00:00
apple
apple
About the security content of macOS Server 5.3
2017-03-27 00:00:00
About the security content of macOS Server 5.3 - Apple Support
2017-03-28 04:58:08
nmap
nmap
http-slowloris-check NSE Script
2012-08-24 09:19:30
gentoo
gentoo
Apache HTTP Server: Multiple vulnerabilities
2013-09-23 00:00:00
oracle
oracle
Oracle Critical Patch Update - January 2018
2018-01-16 00:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7 High

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

87.8%

JSON
Related for CVE-2007-6750
ibm3hackerone1cvelist1nvd1f52prion1nessus11debiancve1ubuntucve1suse3openvas10apple2nmap1gentoo1oracle1