CVE-2010-0010
Vulnerability from cvelistv5
Published
2010-02-02 16:25
Modified
2024-08-07 00:30
Severity ?
EPSS score ?
Summary
Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c in mod_proxy in the Apache HTTP Server before 1.3.42 on 64-bit platforms allows remote origin servers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a large chunk size that triggers a heap-based buffer overflow.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T00:30:46.953Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "ADV-2010-0240", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2010/0240", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://httpd.apache.org/dev/dist/CHANGES_1.3.42", }, { name: "SSRT090208", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=130497311408250&w=2", }, { name: "oval:org.mitre.oval:def:7923", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7923", }, { name: "39656", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/39656", }, { name: "38319", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/38319", }, { name: "modproxy-approxysendfb-bo(55941)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/55941", }, { name: "20100127 Mod_proxy from apache 1.3 - Integer overflow which causes heap overflow.", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0589.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://blog.pi3.com.pl/?p=69", }, { name: "20100127 Mod_proxy from apache 1.3 - Integer overflow which causes heap overflow.", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/509185/100/0/threaded", }, { name: "SUSE-SR:2010:010", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html", }, { name: "HPSBOV02683", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=130497311408250&w=2", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://site.pi3.com.pl/adv/mod_proxy.txt", }, { name: "37966", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/37966", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.org/1001-exploits/modproxy-overflow.txt", }, { name: "1023533", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id?1023533", }, { name: "ADV-2010-1001", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2010/1001", }, { name: "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1888194 [6/13] - /httpd/site/trunk/content/security/json/", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073139 [6/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073149 [7/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210606 svn commit: r1075470 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2010-01-27T00:00:00", descriptions: [ { lang: "en", value: "Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c in mod_proxy in the Apache HTTP Server before 1.3.42 on 64-bit platforms allows remote origin servers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a large chunk size that triggers a heap-based buffer overflow.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-06-06T10:08:32", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "ADV-2010-0240", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2010/0240", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://httpd.apache.org/dev/dist/CHANGES_1.3.42", }, { name: "SSRT090208", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=130497311408250&w=2", }, { name: "oval:org.mitre.oval:def:7923", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7923", }, { name: "39656", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/39656", }, { name: "38319", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/38319", }, { name: "modproxy-approxysendfb-bo(55941)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/55941", }, { name: "20100127 Mod_proxy from apache 1.3 - Integer overflow which causes heap overflow.", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0589.html", }, { tags: [ "x_refsource_MISC", ], url: "http://blog.pi3.com.pl/?p=69", }, { name: "20100127 Mod_proxy from apache 1.3 - Integer overflow which causes heap overflow.", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/509185/100/0/threaded", }, { name: "SUSE-SR:2010:010", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html", }, { name: "HPSBOV02683", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=130497311408250&w=2", }, { tags: [ "x_refsource_MISC", ], url: "http://site.pi3.com.pl/adv/mod_proxy.txt", }, { name: "37966", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/37966", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.org/1001-exploits/modproxy-overflow.txt", }, { name: "1023533", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id?1023533", }, { name: "ADV-2010-1001", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2010/1001", }, { name: "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1888194 [6/13] - /httpd/site/trunk/content/security/json/", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073139 [6/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073149 [7/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210606 svn commit: r1075470 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2010-0010", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c in mod_proxy in the Apache HTTP Server before 1.3.42 on 64-bit platforms allows remote origin servers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a large chunk size that triggers a heap-based buffer overflow.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "ADV-2010-0240", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2010/0240", }, { name: "http://httpd.apache.org/dev/dist/CHANGES_1.3.42", refsource: "CONFIRM", url: "http://httpd.apache.org/dev/dist/CHANGES_1.3.42", }, { name: "SSRT090208", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=130497311408250&w=2", }, { name: "oval:org.mitre.oval:def:7923", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7923", }, { name: "39656", refsource: "SECUNIA", url: "http://secunia.com/advisories/39656", }, { name: "38319", refsource: "SECUNIA", url: "http://secunia.com/advisories/38319", }, { name: "modproxy-approxysendfb-bo(55941)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/55941", }, { name: "20100127 Mod_proxy from apache 1.3 - Integer overflow which causes heap overflow.", refsource: "FULLDISC", url: "http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0589.html", }, { name: "http://blog.pi3.com.pl/?p=69", refsource: "MISC", url: "http://blog.pi3.com.pl/?p=69", }, { name: "20100127 Mod_proxy from apache 1.3 - Integer overflow which causes heap overflow.", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/509185/100/0/threaded", }, { name: "SUSE-SR:2010:010", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html", }, { name: "HPSBOV02683", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=130497311408250&w=2", }, { name: "http://site.pi3.com.pl/adv/mod_proxy.txt", refsource: "MISC", url: "http://site.pi3.com.pl/adv/mod_proxy.txt", }, { name: "37966", refsource: "BID", url: "http://www.securityfocus.com/bid/37966", }, { name: "http://packetstormsecurity.org/1001-exploits/modproxy-overflow.txt", refsource: "MISC", url: "http://packetstormsecurity.org/1001-exploits/modproxy-overflow.txt", }, { name: "1023533", refsource: "SECTRACK", url: "http://www.securitytracker.com/id?1023533", }, { name: "ADV-2010-1001", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2010/1001", }, { name: "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1888194 [6/13] - /httpd/site/trunk/content/security/json/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7@%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073139 [6/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e@%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073149 [7/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d@%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210606 svn commit: r1075470 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2010-0010", datePublished: "2010-02-02T16:25:00", dateReserved: "2009-12-14T00:00:00", dateUpdated: "2024-08-07T00:30:46.953Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.3.41\", \"matchCriteriaId\": \"5F5D3D03-D7FD-4A03-A5E2-866BEFA04900\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:0.8.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E80E240C-9879-48EC-AC9A-2C1FD5E2DD8E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:0.8.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AF16AF7D-9475-435F-AE36-F16CE8F45A75\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"06F3141B-2C30-4230-A425-465E235539EE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B5EA86B9-4F86-4ADA-BC6A-4F6E261848F6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA6523AC-ECC9-4A79-9387-18308FCF9A68\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BDCBCF0F-63FB-4A03-92F8-FF121083CD85\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0AB1AA4A-DF05-445A-858F-39A9CC2892A8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.2.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"911D0BDC-DE99-4E7A-B36C-78D0FB34B53C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.2.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AB26F3B0-04F8-43C1-9136-B85932F1C2F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.2.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A9B1553E-7F42-4418-9D33-862E1DB0BD8C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"28EC1F94-04F3-490A-8324-1EB60EEBAD4B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D9B12229-3F9E-469C-8AD6-7E43FA45B876\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"30D94958-0D13-4076-B6F0-61D505136789\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"691D7D29-420E-4ABC-844F-D5DD401598F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B22DA22E-54DA-46CF-B3AE-4B0900D8086A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F90F496A-5D57-448F-A46F-E15F06CBFD01\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F715F8CB-A473-4374-8CF1-E9D74EBA5E8F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7B6EE0E2-D608-4E72-A0E5-F407511405C2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"33FD6791-3B84-40CA-BCF4-B5637B172F2A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"06F447C8-15FE-44DE-86AD-5E2D496AB2A6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6DDD2F69-CFD4-4DEA-B43A-1337EEFA95A3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4955E57-9C5D-40C2-BD5F-A383FF3C33FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0A80B17D-FD66-40BD-9ADC-FE7A3944A696\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"713ADED4-CBE5-40C3-A128-99CFABF24560\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.19:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"70FA0B8E-1A90-4939-871A-38B9E93BCCC1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"83BDEAE5-29B9-48E3-93FA-F30832044C9A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.22:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2720E06-1B0E-4BFE-8C85-A17E597BB151\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.23:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3EE1DECF-36C7-4968-8B7A-7A2034C2A957\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.24:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B67BD173-8517-4E97-BC65-D9657C63601A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.25:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B392A96F-FD2F-4073-8EED-EB31E1F20FE4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.26:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E130104B-86F5-411E-8AC0-9B4B780BCA00\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.27:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0E62E621-74DA-4D99-A79C-AD2B85896A2B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.28:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C577188-BD56-4571-A61A-1684DC9E9DD9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.29:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5B3A4CD9-1E96-4D3B-938D-F2D15855B0DD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.30:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"65AD2A8B-2BCA-4CE5-A03C-BFC07DF52EDC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.31:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4058CE14-1CC8-42FD-A6BD-6869C1610E57\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.32:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0716E399-A5FE-4C49-BC48-CD97C03997A7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.33:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE672251-C99E-49B7-9526-E535E3EE313A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.34:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD08A86E-B2B6-4BE3-8514-E1940340C60A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.35:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"814644C7-EECB-4006-BBDC-9AF0AF56098B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.36:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"42941901-B01D-4F12-AB7F-48A7F9BB4800\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.37:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0028C6B6-B65C-4878-BA7E-E1ABCED5202C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.38:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"52820C56-B1AA-4D07-BC92-648EC4813D5B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.39:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"31D3FBB6-3CFE-4B34-8516-AC18FA9E6B72\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.40:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EA12FF1A-428B-4E71-9A03-102186EFC014\"}]}]}]", descriptions: "[{\"lang\": \"en\", \"value\": \"Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c in mod_proxy in the Apache HTTP Server before 1.3.42 on 64-bit platforms allows remote origin servers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a large chunk size that triggers a heap-based buffer overflow.\"}, {\"lang\": \"es\", \"value\": \"Desbordamiento de enteros en la funci\\u00f3n ap_proxy_send_fb en proxy/proxy_util.c en mod_proxy en el servidor HTTP Apache anterior a v1.3.42 en plataformas de 64 bits permite a los servidores de origen remoto provocar una denegaci\\u00f3n de servicio (cuelgue del demonio) o posiblemente ejecutar c\\u00f3digo arbitrario a trav\\u00e9s de un fragmento de gran tama\\u00f1o que provoca un desbordamiento de b\\u00fafer basado en memoria din\\u00e1mica.\"}]", id: "CVE-2010-0010", lastModified: "2024-11-21T01:11:19.307", metrics: "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}", published: "2010-02-02T16:30:02.437", references: "[{\"url\": \"http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0589.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://blog.pi3.com.pl/?p=69\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://httpd.apache.org/dev/dist/CHANGES_1.3.42\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=130497311408250&w=2\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=130497311408250&w=2\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://packetstormsecurity.org/1001-exploits/modproxy-overflow.txt\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://secunia.com/advisories/38319\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/39656\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://site.pi3.com.pl/adv/mod_proxy.txt\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/archive/1/509185/100/0/threaded\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/bid/37966\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.securitytracker.com/id?1023533\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0240\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1001\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/55941\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7923\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0589.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://blog.pi3.com.pl/?p=69\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://httpd.apache.org/dev/dist/CHANGES_1.3.42\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=130497311408250&w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=130497311408250&w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://packetstormsecurity.org/1001-exploits/modproxy-overflow.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://secunia.com/advisories/38319\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/39656\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://site.pi3.com.pl/adv/mod_proxy.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/509185/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/37966\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.securitytracker.com/id?1023533\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0240\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1001\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/55941\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7923\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]", sourceIdentifier: "secalert@redhat.com", vendorComments: "[{\"organization\": \"Red Hat\", \"comment\": \"This issue does not affect the Apache HTTP Server versions 2 and greater. This flaw does not affect any supported versions of Red Hat Enterprise Linux.\\n\\nThis flaw does affect Red Hat Network Proxy and Red Hat Network Satellite. While those products do not use this feature, we are tracking the issue with the following bug:\\nhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0010\", \"lastModified\": \"2010-02-03T00:00:00\"}]", vulnStatus: "Modified", weaknesses: "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-189\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2010-0010\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2010-02-02T16:30:02.437\",\"lastModified\":\"2024-11-21T01:11:19.307\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c in mod_proxy in the Apache HTTP Server before 1.3.42 on 64-bit platforms allows remote origin servers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a large chunk size that triggers a heap-based buffer overflow.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de enteros en la función ap_proxy_send_fb en proxy/proxy_util.c en mod_proxy en el servidor HTTP Apache anterior a v1.3.42 en plataformas de 64 bits permite a los servidores de origen remoto provocar una denegación de servicio (cuelgue del demonio) o posiblemente ejecutar código arbitrario a través de un fragmento de gran tamaño que provoca un desbordamiento de búfer basado en memoria dinámica.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-189\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.3.41\",\"matchCriteriaId\":\"5F5D3D03-D7FD-4A03-A5E2-866BEFA04900\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:0.8.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E80E240C-9879-48EC-AC9A-2C1FD5E2DD8E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:0.8.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF16AF7D-9475-435F-AE36-F16CE8F45A75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06F3141B-2C30-4230-A425-465E235539EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5EA86B9-4F86-4ADA-BC6A-4F6E261848F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA6523AC-ECC9-4A79-9387-18308FCF9A68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDCBCF0F-63FB-4A03-92F8-FF121083CD85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AB1AA4A-DF05-445A-858F-39A9CC2892A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"911D0BDC-DE99-4E7A-B36C-78D0FB34B53C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB26F3B0-04F8-43C1-9136-B85932F1C2F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9B1553E-7F42-4418-9D33-862E1DB0BD8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28EC1F94-04F3-490A-8324-1EB60EEBAD4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9B12229-3F9E-469C-8AD6-7E43FA45B876\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30D94958-0D13-4076-B6F0-61D505136789\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"691D7D29-420E-4ABC-844F-D5DD401598F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B22DA22E-54DA-46CF-B3AE-4B0900D8086A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F90F496A-5D57-448F-A46F-E15F06CBFD01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F715F8CB-A473-4374-8CF1-E9D74EBA5E8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B6EE0E2-D608-4E72-A0E5-F407511405C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33FD6791-3B84-40CA-BCF4-B5637B172F2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06F447C8-15FE-44DE-86AD-5E2D496AB2A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DDD2F69-CFD4-4DEA-B43A-1337EEFA95A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4955E57-9C5D-40C2-BD5F-A383FF3C33FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A80B17D-FD66-40BD-9ADC-FE7A3944A696\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"713ADED4-CBE5-40C3-A128-99CFABF24560\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70FA0B8E-1A90-4939-871A-38B9E93BCCC1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83BDEAE5-29B9-48E3-93FA-F30832044C9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2720E06-1B0E-4BFE-8C85-A17E597BB151\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EE1DECF-36C7-4968-8B7A-7A2034C2A957\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B67BD173-8517-4E97-BC65-D9657C63601A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B392A96F-FD2F-4073-8EED-EB31E1F20FE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E130104B-86F5-411E-8AC0-9B4B780BCA00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E62E621-74DA-4D99-A79C-AD2B85896A2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C577188-BD56-4571-A61A-1684DC9E9DD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B3A4CD9-1E96-4D3B-938D-F2D15855B0DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65AD2A8B-2BCA-4CE5-A03C-BFC07DF52EDC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4058CE14-1CC8-42FD-A6BD-6869C1610E57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0716E399-A5FE-4C49-BC48-CD97C03997A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE672251-C99E-49B7-9526-E535E3EE313A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD08A86E-B2B6-4BE3-8514-E1940340C60A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"814644C7-EECB-4006-BBDC-9AF0AF56098B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42941901-B01D-4F12-AB7F-48A7F9BB4800\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0028C6B6-B65C-4878-BA7E-E1ABCED5202C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52820C56-B1AA-4D07-BC92-648EC4813D5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31D3FBB6-3CFE-4B34-8516-AC18FA9E6B72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.40:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA12FF1A-428B-4E71-9A03-102186EFC014\"}]}]}],\"references\":[{\"url\":\"http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0589.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\"]},{\"url\":\"http://blog.pi3.com.pl/?p=69\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://httpd.apache.org/dev/dist/CHANGES_1.3.42\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq&m=130497311408250&w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq&m=130497311408250&w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://packetstormsecurity.org/1001-exploits/modproxy-overflow.txt\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\"]},{\"url\":\"http://secunia.com/advisories/38319\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/39656\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://site.pi3.com.pl/adv/mod_proxy.txt\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/509185/100/0/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/37966\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.securitytracker.com/id?1023533\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/0240\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1001\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/55941\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7923\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0589.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://blog.pi3.com.pl/?p=69\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://httpd.apache.org/dev/dist/CHANGES_1.3.42\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=130497311408250&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=130497311408250&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://packetstormsecurity.org/1001-exploits/modproxy-overflow.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://secunia.com/advisories/38319\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/39656\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://site.pi3.com.pl/adv/mod_proxy.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/509185/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/37966\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.securitytracker.com/id?1023533\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/0240\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1001\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/55941\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7923\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"vendorComments\":[{\"organization\":\"Red Hat\",\"comment\":\"This issue does not affect the Apache HTTP Server versions 2 and greater. This flaw does not affect any supported versions of Red Hat Enterprise Linux.\\n\\nThis flaw does affect Red Hat Network Proxy and Red Hat Network Satellite. While those products do not use this feature, we are tracking the issue with the following bug:\\nhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0010\",\"lastModified\":\"2010-02-03T00:00:00\"}]}}", }, }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.