cve-2010-0010
Vulnerability from cvelistv5
Published
2010-02-02 16:25
Modified
2024-08-07 00:30
Severity ?
EPSS score ?
Summary
Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c in mod_proxy in the Apache HTTP Server before 1.3.42 on 64-bit platforms allows remote origin servers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a large chunk size that triggers a heap-based buffer overflow.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:30:46.953Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2010-0240",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0240"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://httpd.apache.org/dev/dist/CHANGES_1.3.42"
},
{
"name": "SSRT090208",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:7923",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7923"
},
{
"name": "39656",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39656"
},
{
"name": "38319",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38319"
},
{
"name": "modproxy-approxysendfb-bo(55941)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55941"
},
{
"name": "20100127 Mod_proxy from apache 1.3 - Integer overflow which causes heap overflow.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0589.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.pi3.com.pl/?p=69"
},
{
"name": "20100127 Mod_proxy from apache 1.3 - Integer overflow which causes heap overflow.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/509185/100/0/threaded"
},
{
"name": "SUSE-SR:2010:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html"
},
{
"name": "HPSBOV02683",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://site.pi3.com.pl/adv/mod_proxy.txt"
},
{
"name": "37966",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37966"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.org/1001-exploits/modproxy-overflow.txt"
},
{
"name": "1023533",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023533"
},
{
"name": "ADV-2010-1001",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1001"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [6/13] - /httpd/site/trunk/content/security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [6/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [7/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-01-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c in mod_proxy in the Apache HTTP Server before 1.3.42 on 64-bit platforms allows remote origin servers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a large chunk size that triggers a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-06T10:08:32",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "ADV-2010-0240",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0240"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://httpd.apache.org/dev/dist/CHANGES_1.3.42"
},
{
"name": "SSRT090208",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:7923",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7923"
},
{
"name": "39656",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39656"
},
{
"name": "38319",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38319"
},
{
"name": "modproxy-approxysendfb-bo(55941)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55941"
},
{
"name": "20100127 Mod_proxy from apache 1.3 - Integer overflow which causes heap overflow.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0589.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.pi3.com.pl/?p=69"
},
{
"name": "20100127 Mod_proxy from apache 1.3 - Integer overflow which causes heap overflow.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/509185/100/0/threaded"
},
{
"name": "SUSE-SR:2010:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html"
},
{
"name": "HPSBOV02683",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://site.pi3.com.pl/adv/mod_proxy.txt"
},
{
"name": "37966",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37966"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.org/1001-exploits/modproxy-overflow.txt"
},
{
"name": "1023533",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023533"
},
{
"name": "ADV-2010-1001",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1001"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [6/13] - /httpd/site/trunk/content/security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [6/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [7/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-0010",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c in mod_proxy in the Apache HTTP Server before 1.3.42 on 64-bit platforms allows remote origin servers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a large chunk size that triggers a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2010-0240",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0240"
},
{
"name": "http://httpd.apache.org/dev/dist/CHANGES_1.3.42",
"refsource": "CONFIRM",
"url": "http://httpd.apache.org/dev/dist/CHANGES_1.3.42"
},
{
"name": "SSRT090208",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:7923",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7923"
},
{
"name": "39656",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39656"
},
{
"name": "38319",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38319"
},
{
"name": "modproxy-approxysendfb-bo(55941)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55941"
},
{
"name": "20100127 Mod_proxy from apache 1.3 - Integer overflow which causes heap overflow.",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0589.html"
},
{
"name": "http://blog.pi3.com.pl/?p=69",
"refsource": "MISC",
"url": "http://blog.pi3.com.pl/?p=69"
},
{
"name": "20100127 Mod_proxy from apache 1.3 - Integer overflow which causes heap overflow.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/509185/100/0/threaded"
},
{
"name": "SUSE-SR:2010:010",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html"
},
{
"name": "HPSBOV02683",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"name": "http://site.pi3.com.pl/adv/mod_proxy.txt",
"refsource": "MISC",
"url": "http://site.pi3.com.pl/adv/mod_proxy.txt"
},
{
"name": "37966",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37966"
},
{
"name": "http://packetstormsecurity.org/1001-exploits/modproxy-overflow.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1001-exploits/modproxy-overflow.txt"
},
{
"name": "1023533",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023533"
},
{
"name": "ADV-2010-1001",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1001"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [6/13] - /httpd/site/trunk/content/security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [6/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [7/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-0010",
"datePublished": "2010-02-02T16:25:00",
"dateReserved": "2009-12-14T00:00:00",
"dateUpdated": "2024-08-07T00:30:46.953Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.3.41\", \"matchCriteriaId\": \"5F5D3D03-D7FD-4A03-A5E2-866BEFA04900\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:0.8.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E80E240C-9879-48EC-AC9A-2C1FD5E2DD8E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:0.8.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AF16AF7D-9475-435F-AE36-F16CE8F45A75\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"06F3141B-2C30-4230-A425-465E235539EE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B5EA86B9-4F86-4ADA-BC6A-4F6E261848F6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA6523AC-ECC9-4A79-9387-18308FCF9A68\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BDCBCF0F-63FB-4A03-92F8-FF121083CD85\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0AB1AA4A-DF05-445A-858F-39A9CC2892A8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.2.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"911D0BDC-DE99-4E7A-B36C-78D0FB34B53C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.2.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AB26F3B0-04F8-43C1-9136-B85932F1C2F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.2.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A9B1553E-7F42-4418-9D33-862E1DB0BD8C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"28EC1F94-04F3-490A-8324-1EB60EEBAD4B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D9B12229-3F9E-469C-8AD6-7E43FA45B876\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"30D94958-0D13-4076-B6F0-61D505136789\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"691D7D29-420E-4ABC-844F-D5DD401598F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B22DA22E-54DA-46CF-B3AE-4B0900D8086A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F90F496A-5D57-448F-A46F-E15F06CBFD01\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F715F8CB-A473-4374-8CF1-E9D74EBA5E8F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7B6EE0E2-D608-4E72-A0E5-F407511405C2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"33FD6791-3B84-40CA-BCF4-B5637B172F2A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"06F447C8-15FE-44DE-86AD-5E2D496AB2A6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6DDD2F69-CFD4-4DEA-B43A-1337EEFA95A3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4955E57-9C5D-40C2-BD5F-A383FF3C33FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0A80B17D-FD66-40BD-9ADC-FE7A3944A696\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"713ADED4-CBE5-40C3-A128-99CFABF24560\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.19:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"70FA0B8E-1A90-4939-871A-38B9E93BCCC1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"83BDEAE5-29B9-48E3-93FA-F30832044C9A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.22:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2720E06-1B0E-4BFE-8C85-A17E597BB151\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.23:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3EE1DECF-36C7-4968-8B7A-7A2034C2A957\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.24:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B67BD173-8517-4E97-BC65-D9657C63601A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.25:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B392A96F-FD2F-4073-8EED-EB31E1F20FE4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.26:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E130104B-86F5-411E-8AC0-9B4B780BCA00\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.27:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0E62E621-74DA-4D99-A79C-AD2B85896A2B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.28:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C577188-BD56-4571-A61A-1684DC9E9DD9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.29:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5B3A4CD9-1E96-4D3B-938D-F2D15855B0DD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.30:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"65AD2A8B-2BCA-4CE5-A03C-BFC07DF52EDC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.31:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4058CE14-1CC8-42FD-A6BD-6869C1610E57\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.32:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0716E399-A5FE-4C49-BC48-CD97C03997A7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.33:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE672251-C99E-49B7-9526-E535E3EE313A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.34:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD08A86E-B2B6-4BE3-8514-E1940340C60A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.35:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"814644C7-EECB-4006-BBDC-9AF0AF56098B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.36:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"42941901-B01D-4F12-AB7F-48A7F9BB4800\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.37:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0028C6B6-B65C-4878-BA7E-E1ABCED5202C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.38:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"52820C56-B1AA-4D07-BC92-648EC4813D5B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.39:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"31D3FBB6-3CFE-4B34-8516-AC18FA9E6B72\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.3.40:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EA12FF1A-428B-4E71-9A03-102186EFC014\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c in mod_proxy in the Apache HTTP Server before 1.3.42 on 64-bit platforms allows remote origin servers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a large chunk size that triggers a heap-based buffer overflow.\"}, {\"lang\": \"es\", \"value\": \"Desbordamiento de enteros en la funci\\u00f3n ap_proxy_send_fb en proxy/proxy_util.c en mod_proxy en el servidor HTTP Apache anterior a v1.3.42 en plataformas de 64 bits permite a los servidores de origen remoto provocar una denegaci\\u00f3n de servicio (cuelgue del demonio) o posiblemente ejecutar c\\u00f3digo arbitrario a trav\\u00e9s de un fragmento de gran tama\\u00f1o que provoca un desbordamiento de b\\u00fafer basado en memoria din\\u00e1mica.\"}]",
"id": "CVE-2010-0010",
"lastModified": "2024-11-21T01:11:19.307",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2010-02-02T16:30:02.437",
"references": "[{\"url\": \"http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0589.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://blog.pi3.com.pl/?p=69\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://httpd.apache.org/dev/dist/CHANGES_1.3.42\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://packetstormsecurity.org/1001-exploits/modproxy-overflow.txt\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://secunia.com/advisories/38319\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/39656\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://site.pi3.com.pl/adv/mod_proxy.txt\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/archive/1/509185/100/0/threaded\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/bid/37966\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.securitytracker.com/id?1023533\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0240\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1001\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/55941\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7923\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0589.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://blog.pi3.com.pl/?p=69\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://httpd.apache.org/dev/dist/CHANGES_1.3.42\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://packetstormsecurity.org/1001-exploits/modproxy-overflow.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://secunia.com/advisories/38319\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/39656\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://site.pi3.com.pl/adv/mod_proxy.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/509185/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/37966\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.securitytracker.com/id?1023533\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0240\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1001\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/55941\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7923\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "secalert@redhat.com",
"vendorComments": "[{\"organization\": \"Red Hat\", \"comment\": \"This issue does not affect the Apache HTTP Server versions 2 and greater. This flaw does not affect any supported versions of Red Hat Enterprise Linux.\\n\\nThis flaw does affect Red Hat Network Proxy and Red Hat Network Satellite. While those products do not use this feature, we are tracking the issue with the following bug:\\nhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0010\", \"lastModified\": \"2010-02-03T00:00:00\"}]",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-189\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2010-0010\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2010-02-02T16:30:02.437\",\"lastModified\":\"2024-11-21T01:11:19.307\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c in mod_proxy in the Apache HTTP Server before 1.3.42 on 64-bit platforms allows remote origin servers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a large chunk size that triggers a heap-based buffer overflow.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de enteros en la funci\u00f3n ap_proxy_send_fb en proxy/proxy_util.c en mod_proxy en el servidor HTTP Apache anterior a v1.3.42 en plataformas de 64 bits permite a los servidores de origen remoto provocar una denegaci\u00f3n de servicio (cuelgue del demonio) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un fragmento de gran tama\u00f1o que provoca un desbordamiento de b\u00fafer basado en memoria din\u00e1mica.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-189\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.3.41\",\"matchCriteriaId\":\"5F5D3D03-D7FD-4A03-A5E2-866BEFA04900\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:0.8.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E80E240C-9879-48EC-AC9A-2C1FD5E2DD8E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:0.8.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF16AF7D-9475-435F-AE36-F16CE8F45A75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06F3141B-2C30-4230-A425-465E235539EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5EA86B9-4F86-4ADA-BC6A-4F6E261848F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA6523AC-ECC9-4A79-9387-18308FCF9A68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDCBCF0F-63FB-4A03-92F8-FF121083CD85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AB1AA4A-DF05-445A-858F-39A9CC2892A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"911D0BDC-DE99-4E7A-B36C-78D0FB34B53C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB26F3B0-04F8-43C1-9136-B85932F1C2F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9B1553E-7F42-4418-9D33-862E1DB0BD8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28EC1F94-04F3-490A-8324-1EB60EEBAD4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9B12229-3F9E-469C-8AD6-7E43FA45B876\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30D94958-0D13-4076-B6F0-61D505136789\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"691D7D29-420E-4ABC-844F-D5DD401598F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B22DA22E-54DA-46CF-B3AE-4B0900D8086A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F90F496A-5D57-448F-A46F-E15F06CBFD01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F715F8CB-A473-4374-8CF1-E9D74EBA5E8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B6EE0E2-D608-4E72-A0E5-F407511405C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33FD6791-3B84-40CA-BCF4-B5637B172F2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06F447C8-15FE-44DE-86AD-5E2D496AB2A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DDD2F69-CFD4-4DEA-B43A-1337EEFA95A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4955E57-9C5D-40C2-BD5F-A383FF3C33FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A80B17D-FD66-40BD-9ADC-FE7A3944A696\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"713ADED4-CBE5-40C3-A128-99CFABF24560\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70FA0B8E-1A90-4939-871A-38B9E93BCCC1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83BDEAE5-29B9-48E3-93FA-F30832044C9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2720E06-1B0E-4BFE-8C85-A17E597BB151\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EE1DECF-36C7-4968-8B7A-7A2034C2A957\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B67BD173-8517-4E97-BC65-D9657C63601A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B392A96F-FD2F-4073-8EED-EB31E1F20FE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E130104B-86F5-411E-8AC0-9B4B780BCA00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E62E621-74DA-4D99-A79C-AD2B85896A2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C577188-BD56-4571-A61A-1684DC9E9DD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B3A4CD9-1E96-4D3B-938D-F2D15855B0DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65AD2A8B-2BCA-4CE5-A03C-BFC07DF52EDC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4058CE14-1CC8-42FD-A6BD-6869C1610E57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0716E399-A5FE-4C49-BC48-CD97C03997A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE672251-C99E-49B7-9526-E535E3EE313A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD08A86E-B2B6-4BE3-8514-E1940340C60A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"814644C7-EECB-4006-BBDC-9AF0AF56098B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42941901-B01D-4F12-AB7F-48A7F9BB4800\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0028C6B6-B65C-4878-BA7E-E1ABCED5202C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52820C56-B1AA-4D07-BC92-648EC4813D5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31D3FBB6-3CFE-4B34-8516-AC18FA9E6B72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.3.40:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA12FF1A-428B-4E71-9A03-102186EFC014\"}]}]}],\"references\":[{\"url\":\"http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0589.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\"]},{\"url\":\"http://blog.pi3.com.pl/?p=69\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://httpd.apache.org/dev/dist/CHANGES_1.3.42\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://packetstormsecurity.org/1001-exploits/modproxy-overflow.txt\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\"]},{\"url\":\"http://secunia.com/advisories/38319\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/39656\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://site.pi3.com.pl/adv/mod_proxy.txt\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/509185/100/0/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/37966\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.securitytracker.com/id?1023533\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/0240\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1001\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/55941\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7923\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0589.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://blog.pi3.com.pl/?p=69\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://httpd.apache.org/dev/dist/CHANGES_1.3.42\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://packetstormsecurity.org/1001-exploits/modproxy-overflow.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://secunia.com/advisories/38319\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/39656\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://site.pi3.com.pl/adv/mod_proxy.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/509185/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/37966\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.securitytracker.com/id?1023533\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/0240\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1001\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/55941\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7923\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"vendorComments\":[{\"organization\":\"Red Hat\",\"comment\":\"This issue does not affect the Apache HTTP Server versions 2 and greater. This flaw does not affect any supported versions of Red Hat Enterprise Linux.\\n\\nThis flaw does affect Red Hat Network Proxy and Red Hat Network Satellite. While those products do not use this feature, we are tracking the issue with the following bug:\\nhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0010\",\"lastModified\":\"2010-02-03T00:00:00\"}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.