Lucene search
UbuntuUSN-1021-1HistoryNov 25, 2010 - 12:00 a.m.
Apache vulnerabilities
2010-11-2500:00:00
ubuntu.com
37
6.7 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.425 Medium
EPSS
Percentile
97.3%
Releases
- Ubuntu 10.10
- Ubuntu 10.04
- Ubuntu 9.10
- Ubuntu 8.04
- Ubuntu 6.06
Packages
- apache2 -
Details
It was discovered that Apache’s mod_cache and mod_dav modules incorrectly
handled requests that lacked a path. A remote attacker could exploit this
with a crafted request and cause a denial of service. This issue affected
Ubuntu 6.06 LTS, 8.04 LTS, 9.10 and 10.04 LTS. (CVE-2010-1452)
It was discovered that Apache did not properly handle memory when
destroying APR buckets. A remote attacker could exploit this with crafted
requests and cause a denial of service via memory exhaustion. This issue
affected Ubuntu 6.06 LTS and 10.10. (CVE-2010-1623)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 9.10 | noarch | apache2.2-common | < 2.2.12-1ubuntu2.4 | UNKNOWN |
| Ubuntu | 9.10 | noarch | apache2-prefork-dev | < 2.2.12-1ubuntu2.4 | UNKNOWN |
| Ubuntu | 9.10 | noarch | apache2-suexec | < 2.2.12-1ubuntu2.4 | UNKNOWN |
| Ubuntu | 9.10 | noarch | apache2-suexec-custom | < 2.2.12-1ubuntu2.4 | UNKNOWN |
| Ubuntu | 9.10 | noarch | apache2-threaded-dev | < 2.2.12-1ubuntu2.4 | UNKNOWN |
| Ubuntu | 9.10 | noarch | apache2-utils | < 2.2.12-1ubuntu2.4 | UNKNOWN |
| Ubuntu | 9.10 | noarch | apache2.2-bin | < 2.2.12-1ubuntu2.4 | UNKNOWN |
| Ubuntu | 8.04 | noarch | apache2.2-common | < 2.2.8-1ubuntu0.19 | UNKNOWN |
| Ubuntu | 8.04 | noarch | apache2-mpm-event | < 2.2.8-1ubuntu0.19 | UNKNOWN |
| Ubuntu | 8.04 | noarch | apache2-mpm-prefork | < 2.2.8-1ubuntu0.19 | UNKNOWN |
Related
openvas
openvas
Ubuntu Update for apache2 vulnerabilities USN-1021-1
2010-12-02 00:00:00
Ubuntu Update for apache2 vulnerabilities USN-1021-1
2010-12-02 00:00:00
Fedora Update for httpd FEDORA-2010-12478
2010-08-16 00:00:00
nessus
nessus
slackware
slackware
[slackware-security] httpd
2010-08-28 16:52:27
[slackware-security] apr-util
2011-02-11 01:16:50
[slackware-security] httpd
2011-02-11 01:17:26
httpd
httpd
Apache Httpd < 2.2.16 : mod_cache and mod_dav DoS
2010-05-04 00:00:00
Apache Httpd < 2.0.64 : apr_bridage_split_line DoS
2010-03-03 00:00:00
Apache Httpd < 2.0.64 : mod_cache and mod_dav DoS
2010-05-04 00:00:00
ubuntucve
ubuntucve
debian
debian
[SECURITY] [DSA-2117-1] New apr-util packages fix denial of service
2010-10-04 21:35:18
[SECURITY] [DSA-2117-1] New apr-util packages fix denial of service
2010-10-04 21:35:18
[SECURITY] [DSA 2298-2] apache2 regression fix
2011-09-05 19:20:44
centos
centos
apr security update
2011-01-27 08:46:39
httpd, mod_ssl security update
2010-08-31 21:00:21
fedora
fedora
[SECURITY] Fedora 13 Update: apr-util-1.3.10-1.fc13
2010-10-28 05:47:25
[SECURITY] Fedora 12 Update: apr-util-1.3.10-1.fc12
2010-10-28 05:58:28
[SECURITY] Fedora 13 Update: httpd-2.2.16-1.fc13
2010-08-13 21:20:54
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:51:33
Denial Of Service (DoS)
2020-04-10 00:47:09
redhat
redhat
(RHSA-2010:0950) Moderate: apr-util security update
2010-12-07 00:00:00
(RHSA-2010:0659) Moderate: httpd security and bug fix update
2010-08-30 00:00:00
(RHSA-2011:0897) Moderate: JBoss Enterprise Web Server 1.0.2 update
2011-06-22 00:00:00
f5
f5
K15902 : Apache vulnerability CVE-2010-1623
2015-09-16 00:00:00
SOL15902 - Apache vulnerability CVE-2010-1623
2014-12-11 00:00:00
oraclelinux
oraclelinux
apr-util security update
2010-12-07 00:00:00
httpd security and bug fix update
2010-08-30 00:00:00
prion
prion
Design/Logic Flaw
2010-10-04 21:00:00
Path traversal
2010-07-28 20:00:00
cve
cve
CVE-2010-1623
2010-10-04 21:00:00
CVE-2010-1452
2010-07-28 20:00:00
ubuntu
ubuntu
APR-util vulnerability
2010-11-25 00:00:00
debiancve
debiancve
CVE-2010-1452
2010-07-28 20:00:00
CVE-2010-1623
2010-10-04 21:00:00
freebsd
freebsd
apache -- Remote DoS bug in mod_cache and mod_dav
2010-07-21 00:00:00
apr -- multiple vunerabilities
2010-10-02 00:00:00
suse
suse
Security update for Apache 2 (important)
2011-11-04 09:08:32
Security update for Apache (important)
2011-09-06 07:08:21
Security update for apache2 (important)
2011-11-09 19:08:34
osv
osv
apache2 - denial of service
2011-09-05 00:00:00
securityvulns
securityvulns
[ MDVSA-2010:153 ] apache
2010-08-19 00:00:00
Apple Mac OS X multiple security vulnerabilities
2011-03-23 00:00:00
About the security content of Mac OS X v10.6.7 and Security Update 2011-001
2011-03-23 00:00:00
kaspersky
kaspersky
KLA10066 Multiple vulnerabilities in Apache httpd
2010-10-19 00:00:00
gentoo
gentoo
Apache Portable Runtime, APR Utility Library: Denial of service
2014-05-18 00:00:00
Apache HTTP Server: Multiple vulnerabilities
2012-06-24 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package apache2 version 2.2.16-alt1
2010-09-16 00:00:00
Security fix for the ALT Linux 8 package apache2 version 2.2.16-alt1
2010-09-16 00:00:00
Security fix for the ALT Linux 9 package apache2 version 2.2.16-alt1
2010-09-16 00:00:00
hackerone
hackerone
U.S. Dept Of Defense: Out-of-date Version (Apache)
2016-11-24 15:09:27
6.7 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.425 Medium
EPSS
Percentile
97.3%
Related for USN-1021-1