Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2012-4557HistoryNov 30, 2012 - 7:55 p.m.
CVE-2012-4557
2012-11-3019:55:00
Debian Security Bug Tracker
security-tracker.debian.org
17
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.077 Low
EPSS
Percentile
94.2%
The mod_proxy_ajp module in the Apache HTTP Server 2.2.12 through 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote attackers to cause a denial of service (worker consumption) via an expensive request.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | apache2 | < 2.2.22-1 | apache2_2.2.22-1_all.deb |
| Debian | 11 | all | apache2 | < 2.2.22-1 | apache2_2.2.22-1_all.deb |
| Debian | 10 | all | apache2 | < 2.2.22-1 | apache2_2.2.22-1_all.deb |
| Debian | 999 | all | apache2 | < 2.2.22-1 | apache2_2.2.22-1_all.deb |
| Debian | 13 | all | apache2 | < 2.2.22-1 | apache2_2.2.22-1_all.deb |
Related
ubuntucve
ubuntucve
CVE-2012-4557
2012-11-30 00:00:00
httpd
httpd
Apache Httpd < 2.2.22 : mod_proxy_ajp remote DoS
2012-10-11 00:00:00
openvas
openvas
Apache HTTP Server DoS Vulnerability (Jan 2012) - Linux
2021-11-01 00:00:00
Apache HTTP Server mod_proxy_ajp Process Timeout DoS Vulnerability - Windows
2012-12-06 00:00:00
Debian Security Advisory DSA 2579-1 (apache2)
2012-12-04 00:00:00
cve
cve
CVE-2012-4557
2012-11-30 19:55:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 04:53:00
prion
prion
Design/Logic Flaw
2012-11-30 19:55:00
securityvulns
securityvulns
Apache security vulnerabilities
2012-12-02 00:00:00
[SECURITY] [DSA 2579-1] apache2 security update
2012-12-02 00:00:00
osv
osv
apache2 - several
2012-11-30 00:00:00
nessus
nessus
Debian DSA-2579-1 : apache2 - Multiple issues
2012-12-02 00:00:00
CentOS 6 : httpd (CESA-2013:0512)
2013-03-10 00:00:00
Scientific Linux Security Update : httpd on SL6.x i386/x86_64 (20130221)
2013-03-01 00:00:00
f5
f5
SOL15894 - Apache vulnerabilities CVE-2012-4557 and CVE-2012-0021
2014-12-04 00:00:00
K15894 : Apache vulnerabilities CVE-2012-4557 and CVE-2012-0021
2014-12-05 00:00:00
debian
debian
[SECURITY] [DSA 2579-1] apache2 security update
2012-11-30 13:23:22
[SECURITY] [DSA 2579-1] apache2 security update
2012-11-30 13:22:52
redhat
redhat
(RHSA-2013:0512) Low: httpd security, bug fix, and enhancement update
2013-02-21 00:00:00
(RHSA-2011:0897) Moderate: JBoss Enterprise Web Server 1.0.2 update
2011-06-22 00:00:00
centos
centos
httpd, mod_ssl security update
2013-02-27 19:35:19
ubuntu
ubuntu
Apache HTTP Server vulnerabilities
2013-03-18 00:00:00
oraclelinux
oraclelinux
httpd security, bug fix, and enhancement update
2013-02-22 00:00:00
hackerone
hackerone
U.S. Dept Of Defense: Out-of-date Version (Apache)
2016-11-24 15:09:27
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.077 Low
EPSS
Percentile
94.2%
Related for DEBIANCVE:CVE-2012-4557