CVE-2009-1890

The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service (CPU consumption) via crafted requests.
References
Link Resource
http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html Broken Link Mailing List
http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00006.html Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=129190899612998&w=2 Issue Tracking Mailing List Third Party Advisory
http://osvdb.org/55553 Broken Link
http://secunia.com/advisories/35691 Not Applicable Vendor Advisory
http://secunia.com/advisories/35721 Not Applicable
http://secunia.com/advisories/35793 Not Applicable
http://secunia.com/advisories/35865 Not Applicable
http://secunia.com/advisories/37152 Not Applicable Vendor Advisory
http://secunia.com/advisories/37221 Not Applicable Vendor Advisory
http://security.gentoo.org/glsa/glsa-200907-04.xml Third Party Advisory
http://support.apple.com/kb/HT3937 Broken Link
http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?r1=790587&r2=790586&pathrev=790587 Patch Vendor Advisory
http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?revision=790587 Vendor Advisory
http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=790587&r2=790586&pathrev=790587 Patch Vendor Advisory
http://svn.apache.org/viewvc?view=rev&revision=790587 Vendor Advisory
http://wiki.rpath.com/Advisories:rPSA-2009-0142 Broken Link
http://www-01.ibm.com/support/docview.wss?uid=swg1PK91259 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1PK99480 Third Party Advisory
http://www.debian.org/security/2009/dsa-1834 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2009:149 Broken Link
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 Broken Link
http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2009-1156.html Third Party Advisory
http://www.securityfocus.com/archive/1/507852/100/0/threaded Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/507857/100/0/threaded Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/35565 Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1022509 Broken Link Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-802-1 Third Party Advisory
http://www.vupen.com/english/advisories/2009/3184 Permissions Required Vendor Advisory
https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rb33be0aa9bd8cac9536293e3821dcd4cf8180ad95a8036eedd46365e%40%3Cusers.mina.apache.org%3E
https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12330 Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8616 Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9403 Third Party Advisory
https://rhn.redhat.com/errata/RHSA-2009-1148.html Third Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01363.html Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*

Configuration 5 (hide)

OR cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:5.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:5.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*

History

13 Feb 2023, 02:20

Type Values Removed Values Added
Summary CVE-2009-1890 httpd: mod_proxy reverse proxy DoS (infinite loop) The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service (CPU consumption) via crafted requests.
References
  • {'url': 'https://access.redhat.com/security/cve/CVE-2009-1890', 'name': 'https://access.redhat.com/security/cve/CVE-2009-1890', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://access.redhat.com/errata/RHSA-2009:1160', 'name': 'https://access.redhat.com/errata/RHSA-2009:1160', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://bugzilla.redhat.com/show_bug.cgi?id=509375', 'name': 'https://bugzilla.redhat.com/show_bug.cgi?id=509375', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://access.redhat.com/errata/RHSA-2009:1155', 'name': 'https://access.redhat.com/errata/RHSA-2009:1155', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://access.redhat.com/errata/RHSA-2009:1156', 'name': 'https://access.redhat.com/errata/RHSA-2009:1156', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://access.redhat.com/errata/RHSA-2009:1148', 'name': 'https://access.redhat.com/errata/RHSA-2009:1148', 'tags': [], 'refsource': 'MISC'}

02 Feb 2023, 17:16

Type Values Removed Values Added
Summary The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service (CPU consumption) via crafted requests. CVE-2009-1890 httpd: mod_proxy reverse proxy DoS (infinite loop)
References
  • {'url': 'https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3Ccvs.httpd.apache.org%3E', 'name': '[httpd-cvs] 20210603 svn commit: r1075360 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8@%3Ccvs.httpd.apache.org%3E', 'name': '[httpd-cvs] 20210330 svn commit: r1073149 [6/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E', 'name': '[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E', 'name': '[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E', 'name': '[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E', 'name': '[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be@%3Ccvs.httpd.apache.org%3E', 'name': '[httpd-cvs] 20210330 svn commit: r1073139 [5/13] - in /websites/staging/httpd/trunk/content: ./ security/json/', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/rb33be0aa9bd8cac9536293e3821dcd4cf8180ad95a8036eedd46365e@%3Cusers.mina.apache.org%3E', 'name': '[mina-users] 20210714 CWE-189 CWE-189 Numeric Errors: CVE-2009-1890 in Apache Mina SSHD SFTP 2.7.0 library', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E', 'name': '[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E', 'name': '[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E', 'name': '[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E', 'name': '[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919@%3Ccvs.httpd.apache.org%3E', 'name': '[httpd-cvs] 20210330 svn commit: r1888194 [5/13] - /httpd/site/trunk/content/security/json/', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E', 'name': '[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'}
  • (MISC) https://access.redhat.com/security/cve/CVE-2009-1890 -
  • (MISC) https://access.redhat.com/errata/RHSA-2009:1160 -
  • (MISC) https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E -
  • (MISC) https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E -
  • (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=509375 -
  • (MISC) https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E -
  • (MISC) https://access.redhat.com/errata/RHSA-2009:1156 -
  • (MISC) https://access.redhat.com/errata/RHSA-2009:1148 -
  • (MISC) https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E -
  • (MISC) https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E -
  • (MISC) https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E -
  • (MISC) https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E -
  • (MISC) https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E -
  • (MISC) https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E -
  • (MISC) https://access.redhat.com/errata/RHSA-2009:1155 -
  • (MISC) https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E -
  • (MISC) https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E -
  • (MISC) https://lists.apache.org/thread.html/rb33be0aa9bd8cac9536293e3821dcd4cf8180ad95a8036eedd46365e%40%3Cusers.mina.apache.org%3E -
  • (MISC) https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E -
  • (MISC) https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E -

19 Sep 2022, 19:56

Type Values Removed Values Added
CWE CWE-189 CWE-400
First Time Redhat enterprise Linux Server
Fedoraproject
Fedoraproject fedora
Redhat enterprise Linux Desktop
Debian
Redhat
Debian debian Linux
Redhat enterprise Linux Workstation
Redhat enterprise Linux Server Aus
Canonical
Canonical ubuntu Linux
Redhat enterprise Linux Eus
References
  • (MLIST) https://lists.apache.org/thread.html/rb33be0aa9bd8cac9536293e3821dcd4cf8180ad95a8036eedd46365e@%3Cusers.mina.apache.org%3E - Mailing List, Vendor Advisory
References (SECUNIA) http://secunia.com/advisories/35865 - (SECUNIA) http://secunia.com/advisories/35865 - Not Applicable
References (MLIST) https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be@%3Ccvs.httpd.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be@%3Ccvs.httpd.apache.org%3E - Mailing List, Vendor Advisory
References (MLIST) https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E - Mailing List, Vendor Advisory
References (AIXAPAR) http://www-01.ibm.com/support/docview.wss?uid=swg1PK99480 - (AIXAPAR) http://www-01.ibm.com/support/docview.wss?uid=swg1PK99480 - Third Party Advisory
References (SECUNIA) http://secunia.com/advisories/37152 - Vendor Advisory (SECUNIA) http://secunia.com/advisories/37152 - Not Applicable, Vendor Advisory
References (UBUNTU) http://www.ubuntu.com/usn/USN-802-1 - (UBUNTU) http://www.ubuntu.com/usn/USN-802-1 - Third Party Advisory
References (FEDORA) https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01363.html - (FEDORA) https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01363.html - Third Party Advisory
References (REDHAT) http://www.redhat.com/support/errata/RHSA-2009-1156.html - (REDHAT) http://www.redhat.com/support/errata/RHSA-2009-1156.html - Third Party Advisory
References (VUPEN) http://www.vupen.com/english/advisories/2009/3184 - Vendor Advisory (VUPEN) http://www.vupen.com/english/advisories/2009/3184 - Permissions Required, Vendor Advisory
References (DEBIAN) http://www.debian.org/security/2009/dsa-1834 - (DEBIAN) http://www.debian.org/security/2009/dsa-1834 - Third Party Advisory
References (MLIST) https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919@%3Ccvs.httpd.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919@%3Ccvs.httpd.apache.org%3E - Mailing List, Vendor Advisory
References (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9403 - (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9403 - Third Party Advisory
References (SECUNIA) http://secunia.com/advisories/35691 - Vendor Advisory (SECUNIA) http://secunia.com/advisories/35691 - Not Applicable, Vendor Advisory
References (MLIST) https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E - Mailing List, Vendor Advisory
References (GENTOO) http://security.gentoo.org/glsa/glsa-200907-04.xml - (GENTOO) http://security.gentoo.org/glsa/glsa-200907-04.xml - Third Party Advisory
References (CONFIRM) http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?r1=790587&r2=790586&pathrev=790587 - Vendor Advisory (CONFIRM) http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?r1=790587&r2=790586&pathrev=790587 - Patch, Vendor Advisory
References (MLIST) https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E - Mailing List, Vendor Advisory
References (SECUNIA) http://secunia.com/advisories/35721 - (SECUNIA) http://secunia.com/advisories/35721 - Not Applicable
References (SECTRACK) http://www.securitytracker.com/id?1022509 - (SECTRACK) http://www.securitytracker.com/id?1022509 - Broken Link, Third Party Advisory, VDB Entry
References (MANDRIVA) http://www.mandriva.com/security/advisories?name=MDVSA-2009:149 - (MANDRIVA) http://www.mandriva.com/security/advisories?name=MDVSA-2009:149 - Broken Link
References (MLIST) https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E - Mailing List, Vendor Advisory
References (MLIST) https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3Ccvs.httpd.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3Ccvs.httpd.apache.org%3E - Mailing List, Vendor Advisory
References (MLIST) https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E - Mailing List, Vendor Advisory
References (CONFIRM) http://support.apple.com/kb/HT3937 - (CONFIRM) http://support.apple.com/kb/HT3937 - Broken Link
References (CONFIRM) http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html - (CONFIRM) http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html - Third Party Advisory
References (APPLE) http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html - (APPLE) http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html - Broken Link, Mailing List
References (SECUNIA) http://secunia.com/advisories/37221 - Vendor Advisory (SECUNIA) http://secunia.com/advisories/37221 - Not Applicable, Vendor Advisory
References (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8616 - (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8616 - Third Party Advisory
References (MLIST) https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E - Mailing List, Vendor Advisory
References (MLIST) https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E - Mailing List, Vendor Advisory
References (BUGTRAQ) http://www.securityfocus.com/archive/1/507852/100/0/threaded - (BUGTRAQ) http://www.securityfocus.com/archive/1/507852/100/0/threaded - Third Party Advisory, VDB Entry
References (MLIST) https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8@%3Ccvs.httpd.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8@%3Ccvs.httpd.apache.org%3E - Mailing List, Vendor Advisory
References (CONFIRM) http://wiki.rpath.com/Advisories:rPSA-2009-0142 - (CONFIRM) http://wiki.rpath.com/Advisories:rPSA-2009-0142 - Broken Link
References (REDHAT) https://rhn.redhat.com/errata/RHSA-2009-1148.html - (REDHAT) https://rhn.redhat.com/errata/RHSA-2009-1148.html - Third Party Advisory
References (SECUNIA) http://secunia.com/advisories/35793 - (SECUNIA) http://secunia.com/advisories/35793 - Not Applicable
References (MANDRIVA) http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 - (MANDRIVA) http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 - Broken Link
References (MLIST) https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E - Mailing List, Vendor Advisory
References (AIXAPAR) http://www-01.ibm.com/support/docview.wss?uid=swg1PK91259 - (AIXAPAR) http://www-01.ibm.com/support/docview.wss?uid=swg1PK91259 - Third Party Advisory
References (BID) http://www.securityfocus.com/bid/35565 - (BID) http://www.securityfocus.com/bid/35565 - Third Party Advisory, VDB Entry
References (BUGTRAQ) http://www.securityfocus.com/archive/1/507857/100/0/threaded - (BUGTRAQ) http://www.securityfocus.com/archive/1/507857/100/0/threaded - Third Party Advisory, VDB Entry
References (SUSE) http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00006.html - (SUSE) http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00006.html - Mailing List, Third Party Advisory
References (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12330 - (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12330 - Third Party Advisory
References (HP) http://marc.info/?l=bugtraq&m=129190899612998&w=2 - (HP) http://marc.info/?l=bugtraq&m=129190899612998&w=2 - Issue Tracking, Mailing List, Third Party Advisory
References (MLIST) https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E - Mailing List, Vendor Advisory
References (OSVDB) http://osvdb.org/55553 - (OSVDB) http://osvdb.org/55553 - Broken Link
CPE cpe:2.3:a:apache:http_server:1.3.27:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.19:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.55:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.20:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.7:*:dev:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.31:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.15:*:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.26:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.16:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.33:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.34:beta:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.48:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.15:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.40:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.32:beta:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.56:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.1.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.13:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.29:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.41:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.24:*:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.26:*:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.24:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.2:*:windows:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.22:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.6:*:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.12:*:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.35:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.1.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.28:beta:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.39:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.20:*:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:0.8.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.38:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.23:*:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.16:*:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.52:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.46:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.50:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.44:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:*:*:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.53:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.18:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.47:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.30:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.13:*:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.1.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.22:*:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.60:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.57:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.68:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.9:*:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.46:*:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.32:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.32:beta:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.18:*:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.61:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.43:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.1.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.34:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.51:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.1.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.14:*:mac_os:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.49:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.2.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.17:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.19:*:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.14:*:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.36:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.2.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.58:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.23:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.42:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.17:*:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.2.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.58:*:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:-:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.99:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.14:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.28:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:0.8.14:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.12:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.28:beta:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.25:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.54:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.34:beta:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.65:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.3:*:windows:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.45:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.11:*:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.37:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.59:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.25:*:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.1.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.1.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.4:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:5.3:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:5.3:*:*:*:*:*:*:*

06 Jun 2021, 11:15

Type Values Removed Values Added
References
  • (MLIST) https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E -

03 Jun 2021, 08:15

Type Values Removed Values Added
References
  • (MLIST) https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8@%3Ccvs.httpd.apache.org%3E -
  • (MLIST) https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3Ccvs.httpd.apache.org%3E -

30 Mar 2021, 13:15

Type Values Removed Values Added
References
  • (MLIST) https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E -
  • (MLIST) https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919@%3Ccvs.httpd.apache.org%3E -
  • (MLIST) https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E -
  • (MLIST) https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be@%3Ccvs.httpd.apache.org%3E -
  • (MLIST) https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E -
  • (MLIST) https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E -

Information

Published : 2009-07-05 16:30

Updated : 2023-12-10 10:51


NVD link : CVE-2009-1890

Mitre link : CVE-2009-1890

CVE.ORG link : CVE-2009-1890


JSON object : View

Products Affected

redhat

  • enterprise_linux_desktop
  • enterprise_linux_server_aus
  • enterprise_linux_server
  • enterprise_linux_workstation
  • enterprise_linux_eus

debian

  • debian_linux

canonical

  • ubuntu_linux

apache

  • http_server

fedoraproject

  • fedora
CWE
CWE-400

Uncontrolled Resource Consumption