Back to search
CVE-2009-2699
Published: Oct 13, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
The Solaris pollset feature in the Event Port backend in poll/unix/port.c in the Apache Portable Runtime (APR) library before 1.3.9, as used in the Apache HTTP Server before 2.2.14 and other products, does not properly handle errors, which allows remote attackers to cause a denial of service (daemon hang) via unspecified HTTP requests, related to the prefork and event MPMs.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.apache.org/dist/httpd/CHANGES_2.2.14
x_refsource_CONFIRM
1022988
vdb-entry
x_refsource_SECTRACK
SSRT100782
vendor-advisory
x_refsource_HP
36596
vdb-entry
x_refsource_BID
HPSBMU02753
vendor-advisory
x_refsource_HP
apache-solaris-pollset-dos(53666)
vdb-entry
x_refsource_XF
https://issues.apache.org/bugzilla/show_bug.cgi?id=47645
x_refsource_CONFIRM
http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html
x_refsource_CONFIRM
MDVSA-2013:150
vendor-advisory
x_refsource_MANDRIVA
[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
mailing-list
x_refsource_MLIST
[httpd-cvs] 20210330 svn commit: r1888194 [6/13] - /httpd/site/trunk/content/security/json/
mailing-list
x_refsource_MLIST
[httpd-cvs] 20210330 svn commit: r1073139 [6/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now