Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2010-0408
HistoryMar 05, 2010 - 12:00 a.m.

CVE-2010-0408

2010-03-0500:00:00
ubuntu.com
ubuntu.com
12

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.112 Low

EPSS

Percentile

95.1%

JSON

The ap_proxy_ajp_request function in mod_proxy_ajp.c in mod_proxy_ajp in
the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain
situations in which a client sends no request body, which allows remote
attackers to cause a denial of service (backend server outage) via a
crafted request, related to use of a 500 error code instead of the
appropriate 400 error code.

Notes

Author Note
mdeslaur Apache 2.0 doesn’t have mod_proxy_ajp
OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchapache2< 2.2.8-1ubuntu0.15UNKNOWN
ubuntu8.10noarchapache2< 2.2.9-7ubuntu3.6UNKNOWN
ubuntu9.04noarchapache2< 2.2.11-2ubuntu2.6UNKNOWN
ubuntu9.10noarchapache2< 2.2.12-1ubuntu2.2UNKNOWN

Related

prion 1
debiancve 1
httpd 1
openvas 26
nessus 23
f5 2
veracode 1
cve 1
centos 1
osv 1
debian 2
redhat 2
oraclelinux 1
ubuntu 1
fedora 3
slackware 1
altlinux 3
gentoo 1
securityvulns 3
oracle 1
prion
prion
Design/Logic Flaw
2010-03-05 16:30:00
debiancve
debiancve
CVE-2010-0408
2010-03-05 16:30:00
httpd
httpd
Apache Httpd < 2.2.15 : mod_proxy_ajp DoS
2010-02-02 00:00:00
openvas
openvas
Mandriva Update for apache MDVSA-2010:053 (apache)
2010-03-12 00:00:00
Mandriva Update for mmc-wizard MDVA-2010:053 (mmc-wizard)
2010-02-15 00:00:00
Mandriva Update for mmc-wizard MDVA-2010:053 (mmc-wizard)
2010-02-15 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : apache (MDVSA-2010:053)
2010-03-03 00:00:00
SuSE 11 Security Update : Apache 2 (SAT Patch Number 2293)
2010-12-02 00:00:00
Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : apache2 vulnerabilities (USN-908-1)
2010-03-11 00:00:00
f5
f5
K52470083 : Apache vulnerability CVE-2010-0408
2015-12-23 00:00:00
SOL52470083 - Apache vulnerability CVE-2010-0408
2015-12-23 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:47:47
cve
cve
CVE-2010-0408
2010-03-05 16:30:00
centos
centos
httpd, mod_ssl security update
2010-03-28 15:40:00
osv
osv
apache2 - several issues
2010-04-17 00:00:00
debian
debian
[SECURITY] [DSA-2035-1] New apache2 packages fix several issues
2010-04-17 20:58:27
[SECURITY] [DSA-2035-1] New apache2 packages fix several issues
2010-04-17 20:58:14
redhat
redhat
(RHSA-2010:0396) Moderate: httpd and httpd22 security and enhancement update
2010-05-05 00:00:00
(RHSA-2010:0168) Moderate: httpd security and enhancement update
2010-03-25 00:00:00
oraclelinux
oraclelinux
httpd security and enhancement update
2010-03-25 00:00:00
ubuntu
ubuntu
Apache vulnerabilities
2010-03-10 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: httpd-2.2.15-1.fc12.2
2010-05-31 18:25:29
[SECURITY] Fedora 11 Update: httpd-2.2.15-1.fc11.1
2010-05-04 06:06:43
[SECURITY] Fedora 13 Update: httpd-2.2.15-1.fc13
2010-04-22 22:51:41
slackware
slackware
[slackware-security] httpd
2010-03-08 22:39:33
altlinux
altlinux
Security fix for the ALT Linux 8 package apache2 version 2.2.16-alt1
2010-09-16 00:00:00
Security fix for the ALT Linux 9 package apache2 version 2.2.16-alt1
2010-09-16 00:00:00
Security fix for the ALT Linux 10 package apache2 version 2.2.16-alt1
2010-09-16 00:00:00
gentoo
gentoo
Apache HTTP Server: Multiple vulnerabilities
2012-06-24 00:00:00
securityvulns
securityvulns
Apple Mac OS X and QuickTime multiple security vulnerabilities
2013-11-18 00:00:00
About the security content of Mac OS X v10.6.5 and Security Update 2010-007
2010-11-18 00:00:00
Oracle / Sun / MySQL / PeopleSoft multiple applications security vulnerabilities
2013-05-04 00:00:00
oracle
oracle
Oracle Critical Patch Update - April 2013
2013-04-16 00:00:00

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.112 Low

EPSS

Percentile

95.1%

JSON
Related for UB:CVE-2010-0408
prion1debiancve1httpd1openvas26nessus23f52veracode1cve1centos1osv1debian2redhat2oraclelinux1ubuntu1fedora3slackware1altlinux3gentoo1securityvulns3oracle1