Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2010-2791
HistoryAug 05, 2010 - 12:00 a.m.

CVE-2010-2791

2010-08-0500:00:00
ubuntu.com
ubuntu.com
11

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

68.7%

JSON

mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does
not close the backend connection if a timeout occurs when reading a
response from a persistent connection, which allows remote attackers to
obtain a potentially sensitive response intended for a different client in
opportunistic circumstances via a normal HTTP request. NOTE: this is the
same issue as CVE-2010-2068, but for a different OS and set of affected
versions.

Notes

Author Note
mdeslaur only affected 2.2.9…got fixed in 2.2.10 introduced in http://svn.apache.org/viewvc?view=revision&revision=660936

Related

f5 2
debiancve 2
nessus 17
securityvulns 8
cve 2
openvas 14
seebug 2
prion 2
httpd 2
veracode 1
ubuntucve 1
oraclelinux 1
redhat 1
centos 1
altlinux 3
gentoo 1
oracle 2
f5
f5
SOL23332326 - Apache HTTPD vulnerability CVE-2010-2791
2015-12-29 00:00:00
K23332326 : Apache HTTPD vulnerability CVE-2010-2791
2015-12-29 00:00:00
debiancve
debiancve
CVE-2010-2791
2010-08-05 18:17:00
CVE-2010-2068
2010-06-18 16:30:00
nessus
nessus
F5 Networks BIG-IP : Apache HTTPD vulnerability (K23332326)
2015-12-30 00:00:00
Oracle Linux 5 : httpd (ELSA-2010-0659)
2013-07-12 00:00:00
Mandriva Linux Security Advisory : apache (MDVSA-2010:153)
2010-08-17 00:00:00
securityvulns
securityvulns
Apache mod_proxy_http information leak
2010-08-19 00:00:00
[ MDVSA-2010:153 ] apache
2010-08-19 00:00:00
[advisory] httpd Timeout detection flaw (mod_proxy_http) CVE-2010-2068
2010-06-14 00:00:00
cve
cve
CVE-2010-2791
2010-08-05 18:17:00
CVE-2010-2068
2010-06-18 16:30:00
openvas
openvas
F5 BIG-IP - Apache HTTPD vulnerability CVE-2010-2791 and CVE-2010-2068
2016-01-05 00:00:00
Mandriva Update for apache MDVSA-2010:153 (apache)
2010-08-20 00:00:00
Mandriva Update for apache MDVSA-2010:153 (apache)
2010-08-20 00:00:00
seebug
seebug
Unix平台Apache mod_proxy_http模块超时处理信息泄露漏洞
2010-08-03 00:00:00
Apache mod_proxy_http模块超时处理信息泄露漏洞
2010-06-21 00:00:00
prion
prion
Design/Logic Flaw
2010-08-05 18:17:00
Design/Logic Flaw
2010-06-18 16:30:00
httpd
httpd
Apache Httpd < 2.2.10 : Timeout detection flaw (mod_proxy_http)
2010-07-23 00:00:00
Apache Httpd < 2.2.16 : Timeout detection flaw (mod_proxy_http)
2010-06-09 00:00:00
veracode
veracode
Information Disclosure
2020-04-10 00:47:09
ubuntucve
ubuntucve
CVE-2010-2068
2010-06-18 00:00:00
oraclelinux
oraclelinux
httpd security and bug fix update
2010-08-30 00:00:00
redhat
redhat
(RHSA-2010:0659) Moderate: httpd security and bug fix update
2010-08-30 00:00:00
centos
centos
httpd, mod_ssl security update
2010-08-31 21:00:21
altlinux
altlinux
Security fix for the ALT Linux 10 package apache2 version 2.2.16-alt1
2010-09-16 00:00:00
Security fix for the ALT Linux 8 package apache2 version 2.2.16-alt1
2010-09-16 00:00:00
Security fix for the ALT Linux 9 package apache2 version 2.2.16-alt1
2010-09-16 00:00:00
gentoo
gentoo
Apache HTTP Server: Multiple vulnerabilities
2012-06-24 00:00:00
oracle
oracle
Oracle Critical Patch Update - April 2013
2013-04-16 00:00:00
Oracle Critical Patch Update - July 2013
2013-07-16 00:00:00

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

68.7%

JSON
Related for UB:CVE-2010-2791
f52debiancve2nessus17securityvulns8cve2openvas14seebug2prion2httpd2veracode1ubuntucve1oraclelinux1redhat1centos1altlinux3gentoo1oracle2