scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function.

OSVersionArchitecturePackageVersionFilename
Debian12allapache2< 2.2.22-1apache2_2.2.22-1_all.deb
Debian11allapache2< 2.2.22-1apache2_2.2.22-1_all.deb
Debian10allapache2< 2.2.22-1apache2_2.2.22-1_all.deb
Debian999allapache2< 2.2.22-1apache2_2.2.22-1_all.deb
Debian13allapache2< 2.2.22-1apache2_2.2.22-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	apache2	< 2.2.22-1	apache2_2.2.22-1_all.deb
Debian	11	all	apache2	< 2.2.22-1	apache2_2.2.22-1_all.deb
Debian	10	all	apache2	< 2.2.22-1	apache2_2.2.22-1_all.deb
Debian	999	all	apache2	< 2.2.22-1	apache2_2.2.22-1_all.deb
Debian	13	all	apache2	< 2.2.22-1	apache2_2.2.22-1_all.deb

httpd 2

cve 1

veracode 1

seebug 1

prion 1

openvas 36

ubuntucve 1

zdt 1

nessus 32

suse 3

redhat 4

f5 2

ubuntu 1

fedora 2

oraclelinux 3

altlinux 3

osv 1

freebsd 1

amazon 1

debian 2

securityvulns 3

slackware 1

centos 1

kaspersky 1

gentoo 1

hackerone 1

oracle 1

httpd

Apache Httpd < 2.0.65 : scoreboard parent DoS

2011-12-30 00:00:00

Apache Httpd < 2.2.22 : scoreboard parent DoS

2011-12-30 00:00:00

cve

CVE-2012-0031

2012-01-18 20:55:00

veracode

Denial Of Service (DoS)

2020-04-10 01:10:16

seebug

Apache 2.2.x Scoreboard本地安全限制绕过漏洞

2012-01-17 00:00:00

prion

Design/Logic Flaw

2012-01-18 20:55:00

openvas

Apache HTTP Server Scoreboard Security Bypass Vulnerability - Windows

2013-08-21 00:00:00

SuSE Update for apache2 openSUSE-SU-2012:0314-1 (apache2)

2012-08-02 00:00:00

Mandriva Update for apache MDVSA-2012:012 (apache)

2012-02-03 00:00:00

ubuntucve

CVE-2012-0031

2012-01-18 00:00:00

zdt

Apache 2.2 - Scoreboard Invalid Free On Shutdown Vulnerability

2017-03-29 00:00:00

nessus

Mandriva Linux Security Advisory : apache (MDVSA-2012:012)

2012-02-03 00:00:00

SuSE 11.1 Security Update : Apache2 (SAT Patch Number 5760)

2012-02-20 00:00:00

SuSE 10 Security Update : Apache2 (ZYPP Patch Number 7972)

2012-02-29 00:00:00

suse

Security update for Apache2 (important)

2012-02-18 13:08:15

Security update for Apache2 (important)

2012-03-06 21:08:42

apache2: fixed various security bugs (important)

2012-02-28 18:08:26

redhat

(RHSA-2012:0323) Moderate: httpd security update

2012-02-21 00:00:00

(RHSA-2012:0128) Moderate: httpd security update

2012-02-13 00:00:00

(RHSA-2012:0543) Moderate: httpd security and bug fix update

2012-05-07 18:13:40

K15889 : Apache HTTP server vulnerabilities CVE-2011-3368, CVE-2011-4317, CVE-2012-0021, CVE-2012-0031, and CVE-2012-0053

2015-08-03 00:00:00

SOL15889 - Apache HTTP server vulnerabilities CVE-2011-3368, CVE-2011-4317, CVE-2012-0021, CVE-2012-0031, and CVE-2012-0053

2014-12-03 00:00:00

ubuntu

Apache HTTP Server vulnerabilities

2012-02-16 00:00:00

fedora

[SECURITY] Fedora 16 Update: httpd-2.2.22-1.fc16

2012-02-21 01:28:42

[SECURITY] Fedora 15 Update: httpd-2.2.22-1.fc15

2012-03-06 19:30:50

oraclelinux

httpd security update

2012-02-28 00:00:00

httpd security update

2012-02-13 00:00:00

httpd security, bug fix, and enhancement update

2013-02-22 00:00:00

altlinux

Security fix for the ALT Linux 8 package apache2 version 2.2.22-alt1

2012-02-02 00:00:00

Security fix for the ALT Linux 9 package apache2 version 2.2.22-alt1

2012-02-02 00:00:00

Security fix for the ALT Linux 10 package apache2 version 2.2.22-alt1

2012-02-02 00:00:00

osv

apache2 - multiple issues

2012-02-06 00:00:00

freebsd

apache -- multiple vulnerabilities

2011-10-05 00:00:00

amazon

Medium: httpd

2012-02-16 10:48:00

debian

[SECURITY] [DSA 2405-1] apache2 security update

2012-02-06 09:06:39

[SECURITY] [DSA 2405-1] apache2 security update

2012-02-06 09:06:39

securityvulns

Apache multiple security vulnerabilities

2012-02-03 00:00:00

[Announce] Apache HTTP Server 2.2.22 Released

2012-02-03 00:00:00

APPLE-SA-2012-09-19-2 OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and Security Update 2012-004

2012-09-24 00:00:00

slackware

[slackware-security] httpd

2012-02-10 17:43:57

centos

httpd, mod_ssl security update

2012-02-14 11:13:29

kaspersky

KLA10065 Multiple vulnerabilities in Apache httpd

2013-07-22 00:00:00

gentoo

Apache HTTP Server: Multiple vulnerabilities

2012-06-24 00:00:00

hackerone

U.S. Dept Of Defense: Out-of-date Version (Apache)

2016-11-24 15:09:27

oracle

Oracle Critical Patch Update - July 2012

2012-07-17 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

9.0%

JSON

Related for DEBIANCVE:CVE-2012-0031