Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2010-2791
HistoryAug 05, 2010 - 6:17 p.m.

CVE-2010-2791

2010-08-0518:17:00
CWE-200
[email protected]
web.nvd.nist.gov
73
apache http server
mod_proxy
cve-2010-2791
security vulnerability
http request
unix

6.2 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

68.7%

JSON

mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request. NOTE: this is the same issue as CVE-2010-2068, but for a different OS and set of affected versions.

References

Related

nessus 17
securityvulns 8
openvas 14
f5 2
ubuntucve 2
debiancve 2
seebug 2
prion 2
httpd 2
veracode 1
oraclelinux 1
redhat 1
centos 1
cve 1
gentoo 1
altlinux 3
oracle 2
nessus
nessus
F5 Networks BIG-IP : Apache HTTPD vulnerability (K23332326)
2015-12-30 00:00:00
Oracle Linux 5 : httpd (ELSA-2010-0659)
2013-07-12 00:00:00
Mandriva Linux Security Advisory : apache (MDVSA-2010:153)
2010-08-17 00:00:00
securityvulns
securityvulns
Apache mod_proxy_http information leak
2010-08-19 00:00:00
[ MDVSA-2010:153 ] apache
2010-08-19 00:00:00
[advisory] httpd Timeout detection flaw (mod_proxy_http) CVE-2010-2068
2010-06-14 00:00:00
openvas
openvas
F5 BIG-IP - Apache HTTPD vulnerability CVE-2010-2791 and CVE-2010-2068
2016-01-05 00:00:00
Mandriva Update for apache MDVSA-2010:153 (apache)
2010-08-20 00:00:00
Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability
2010-10-19 00:00:00
f5
f5
SOL23332326 - Apache HTTPD vulnerability CVE-2010-2791
2015-12-29 00:00:00
K23332326 : Apache HTTPD vulnerability CVE-2010-2791
2015-12-29 00:00:00
ubuntucve
ubuntucve
CVE-2010-2791
2010-08-05 00:00:00
CVE-2010-2068
2010-06-18 00:00:00
debiancve
debiancve
CVE-2010-2791
2010-08-05 18:17:00
CVE-2010-2068
2010-06-18 16:30:00
seebug
seebug
Unix平台Apache mod_proxy_http模块超时处理信息泄露漏洞
2010-08-03 00:00:00
Apache mod_proxy_http模块超时处理信息泄露漏洞
2010-06-21 00:00:00
prion
prion
Design/Logic Flaw
2010-08-05 18:17:00
Design/Logic Flaw
2010-06-18 16:30:00
httpd
httpd
Apache Httpd < 2.2.10 : Timeout detection flaw (mod_proxy_http)
2010-07-23 00:00:00
Apache Httpd < 2.2.16 : Timeout detection flaw (mod_proxy_http)
2010-06-09 00:00:00
veracode
veracode
Information Disclosure
2020-04-10 00:47:09
oraclelinux
oraclelinux
httpd security and bug fix update
2010-08-30 00:00:00
redhat
redhat
(RHSA-2010:0659) Moderate: httpd security and bug fix update
2010-08-30 00:00:00
centos
centos
httpd, mod_ssl security update
2010-08-31 21:00:21
cve
cve
CVE-2010-2068
2010-06-18 16:30:00
gentoo
gentoo
Apache HTTP Server: Multiple vulnerabilities
2012-06-24 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package apache2 version 2.2.16-alt1
2010-09-16 00:00:00
Security fix for the ALT Linux 8 package apache2 version 2.2.16-alt1
2010-09-16 00:00:00
Security fix for the ALT Linux 9 package apache2 version 2.2.16-alt1
2010-09-16 00:00:00
oracle
oracle
Oracle Critical Patch Update - April 2013
2013-04-16 00:00:00
Oracle Critical Patch Update - July 2013
2013-07-16 00:00:00

6.2 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

68.7%

JSON
Related for CVE-2010-2791
nessus17securityvulns8openvas14f52ubuntucve2debiancve2seebug2prion2httpd2veracode1oraclelinux1redhat1centos1cve1gentoo1altlinux3oracle2