Lucene search

K
ubuntuUbuntuUSN-802-1
HistoryJul 13, 2009 - 12:00 a.m.

Apache vulnerabilities

2009-07-1300:00:00
ubuntu.com
33

7.7 High

AI Score

Confidence

High

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

0.021 Low

EPSS

Percentile

88.9%

Releases

  • Ubuntu 9.04
  • Ubuntu 8.10
  • Ubuntu 8.04
  • Ubuntu 6.06

Packages

  • apache2 -

Details

It was discovered that mod_proxy_http did not properly handle a large
amount of streamed data when used as a reverse proxy. A remote attacker
could exploit this and cause a denial of service via memory resource
consumption. This issue affected Ubuntu 8.04 LTS, 8.10 and 9.04.
(CVE-2009-1890)

It was discovered that mod_deflate did not abort compressing large files
when the connection was closed. A remote attacker could exploit this and
cause a denial of service via CPU resource consumption. (CVE-2009-1891)

OSVersionArchitecturePackageVersionFilename
Ubuntu9.04noarchapache2-mpm-worker<Β 2.2.11-2ubuntu2.2UNKNOWN
Ubuntu9.04noarchapache2<Β mpm-event-2.2.11-2ubuntu2.2UNKNOWN
Ubuntu9.04noarchapache2<Β mpm-prefork-2.2.11-2ubuntu2.2UNKNOWN
Ubuntu9.04noarchapache2<Β mpm-worker-2.2.11-2ubuntu2.2UNKNOWN
Ubuntu9.04noarchapache2<Β prefork-dev-2.2.11-2ubuntu2.2UNKNOWN
Ubuntu9.04noarchapache2<Β suexec-2.2.11-2ubuntu2.2UNKNOWN
Ubuntu9.04noarchapache2<Β suexec-custom-2.2.11-2ubuntu2.2UNKNOWN
Ubuntu9.04noarchapache2<Β threaded-dev-2.2.11-2ubuntu2.2UNKNOWN
Ubuntu9.04noarchapache2<Β utils-2.2.11-2ubuntu2.2UNKNOWN
Ubuntu9.04noarchapache2.2-common<Β 2.2.11-2ubuntu2.2UNKNOWN
Rows per page:
1-10 of 461

7.7 High

AI Score

Confidence

High

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

0.021 Low

EPSS

Percentile

88.9%