Lucene search
UbuntuUSN-908-1HistoryMar 10, 2010 - 12:00 a.m.
Apache vulnerabilities
2010-03-1000:00:00
ubuntu.com
36
9.6 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.112 Low
EPSS
Percentile
95.1%
Releases
- Ubuntu 9.10
- Ubuntu 9.04
- Ubuntu 8.10
- Ubuntu 8.04
- Ubuntu 6.06
Packages
- apache2 -
Details
It was discovered that mod_proxy_ajp did not properly handle errors when
a client doesnât send a request body. A remote attacker could exploit this
with a crafted request and cause a denial of service. This issue affected
Ubuntu 8.04 LTS, 8.10, 9.04 and 9.10. (CVE-2010-0408)
It was discovered that Apache did not properly handle headers in
subrequests under certain conditions. A remote attacker could exploit this
with a crafted request and possibly obtain sensitive information from
previous requests. (CVE-2010-0434)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 9.10 | noarch | apache2.2-common | <Â 2.2.12-1ubuntu2.2 | UNKNOWN |
| Ubuntu | 9.10 | noarch | apache2-prefork-dev | <Â 2.2.12-1ubuntu2.2 | UNKNOWN |
| Ubuntu | 9.10 | noarch | apache2-suexec | <Â 2.2.12-1ubuntu2.2 | UNKNOWN |
| Ubuntu | 9.10 | noarch | apache2-suexec-custom | <Â 2.2.12-1ubuntu2.2 | UNKNOWN |
| Ubuntu | 9.10 | noarch | apache2-threaded-dev | <Â 2.2.12-1ubuntu2.2 | UNKNOWN |
| Ubuntu | 9.10 | noarch | apache2-utils | <Â 2.2.12-1ubuntu2.2 | UNKNOWN |
| Ubuntu | 9.10 | noarch | apache2.2-bin | <Â 2.2.12-1ubuntu2.2 | UNKNOWN |
| Ubuntu | 9.04 | noarch | apache2.2-common | <Â 2.2.11-2ubuntu2.6 | UNKNOWN |
| Ubuntu | 9.04 | noarch | apache2 | <Â mpm-event-2.2.11-2ubuntu2.6 | UNKNOWN |
| Ubuntu | 9.04 | noarch | apache2 | <Â mpm-prefork-2.2.11-2ubuntu2.6 | UNKNOWN |
Related
debian
debian
[SECURITY] [DSA-2035-1] New apache2 packages fix several issues
2010-04-17 20:58:14
[SECURITY] [DSA-2035-1] New apache2 packages fix several issues
2010-04-17 20:58:14
osv
osv
apache2 - several issues
2010-04-17 00:00:00
nessus
nessus
Scientific Linux Security Update : httpd on SL5.x i386/x86_64
2012-08-01 00:00:00
RHEL 5 : httpd (RHSA-2010:0168)
2010-05-11 00:00:00
openSUSE Security Update : apache2 (openSUSE-SU-2010:0165-1)
2010-04-27 00:00:00
redhat
redhat
(RHSA-2010:0396) Moderate: httpd and httpd22 security and enhancement update
2010-05-05 00:00:00
(RHSA-2010:0168) Moderate: httpd security and enhancement update
2010-03-25 00:00:00
(RHSA-2010:0175) Low: httpd security, bug fix, and enhancement update
2010-03-25 00:00:00
openvas
openvas
Ubuntu Update for apache2 vulnerabilities USN-908-1
2010-03-12 00:00:00
RedHat Update for httpd RHSA-2010:0168-01
2010-03-31 00:00:00
Oracle: Security Advisory (ELSA-2010-0168)
2015-10-06 00:00:00
centos
centos
httpd, mod_ssl security update
2010-03-28 15:40:00
httpd, mod_ssl security update
2010-03-28 20:51:15
oraclelinux
oraclelinux
httpd security and enhancement update
2010-03-25 00:00:00
httpd security, bug fix, and enhancement update
2010-03-25 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: httpd-2.2.15-1.fc12.2
2010-05-31 18:25:29
[SECURITY] Fedora 11 Update: httpd-2.2.15-1.fc11.1
2010-05-04 06:06:43
[SECURITY] Fedora 13 Update: httpd-2.2.15-1.fc13
2010-04-22 22:51:41
veracode
veracode
Information Disclosure
2020-04-10 00:47:47
Denial Of Service (DoS)
2020-04-10 00:47:47
seebug
seebug
Apache 2.2.xĺ诡ćąĺ¤ç俥ćŻćłé˛ćźć´
2010-03-23 00:00:00
ubuntucve
ubuntucve
CVE-2010-0434
2010-03-05 00:00:00
CVE-2010-0408
2010-03-05 00:00:00
prion
prion
Design/Logic Flaw
2010-03-05 19:30:00
Design/Logic Flaw
2010-03-05 16:30:00
httpd
httpd
Apache Httpd < 2.2.15 : Subrequest handling of request headers (mod_headers)
2009-12-09 00:00:00
Apache Httpd < 2.0.64 : Subrequest handling of request headers (mod_headers)
2009-12-09 00:00:00
Apache Httpd < 2.2.15 : mod_proxy_ajp DoS
2010-02-02 00:00:00
securityvulns
securityvulns
[ MDVSA-2010:057 ] apache
2010-03-09 00:00:00
Apache HTTPD information leak
2010-03-09 00:00:00
Apple Mac OS X and QuickTime multiple security vulnerabilities
2013-11-18 00:00:00
kaspersky
kaspersky
KLA10386 Multiple vulnerabilities in VMware
2010-09-23 00:00:00
KLA10066 Multiple vulnerabilities in Apache httpd
2010-10-19 00:00:00
f5
f5
K40284849 : Apache vulnerability CVE-2010-0434
2015-12-23 00:00:00
SOL40284849 - Apache vulnerability CVE-2010-0434
2015-12-23 00:00:00
K52470083 : Apache vulnerability CVE-2010-0408
2015-12-23 00:00:00
debiancve
debiancve
CVE-2010-0434
2010-03-05 19:30:00
CVE-2010-0408
2010-03-05 16:30:00
cve
cve
CVE-2010-0434
2010-03-05 19:30:00
CVE-2010-0408
2010-03-05 16:30:00
slackware
slackware
[slackware-security] httpd
2010-03-08 22:39:33
gentoo
gentoo
Apache HTTP Server: Multiple vulnerabilities
2012-06-24 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package apache2 version 2.2.16-alt1
2010-09-16 00:00:00
Security fix for the ALT Linux 8 package apache2 version 2.2.16-alt1
2010-09-16 00:00:00
Security fix for the ALT Linux 9 package apache2 version 2.2.16-alt1
2010-09-16 00:00:00
vmware
vmware
VMware Workstation, Player, and ACE address several security issues.
2010-09-23 00:00:00
VMware Workstation, Player, and ACE address several security issues.
2010-09-23 00:00:00
oracle
oracle
Oracle Critical Patch Update - July 2013
2013-07-16 00:00:00
Oracle Critical Patch Update - April 2013
2013-04-16 00:00:00
9.6 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.112 Low
EPSS
Percentile
95.1%
Related for USN-908-1