CVE-2009-2699

The Solaris pollset feature in the Event Port backend in poll/unix/port.c in the Apache Portable Runtime (APR) library before 1.3.9, as used in the Apache HTTP Server before 2.2.14 and other products, does not properly handle errors, which allows remote attackers to cause a denial of service (daemon hang) via unspecified HTTP requests, related to the prefork and event MPMs.

CVSS v3 7.5 HIGH
CVSS v2.0 5.0 MEDIUM

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://marc.info/?l=bugtraq&m=133355494609819&w=2	Issue Tracking Mailing List Third Party Advisory
http://securitytracker.com/id?1022988	Broken Link Third Party Advisory VDB Entry
http://www.apache.org/dist/httpd/CHANGES_2.2.14	Broken Link Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150	Broken Link
http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html	Third Party Advisory
http://www.securityfocus.com/bid/36596	Patch Third Party Advisory VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/53666	Third Party Advisory VDB Entry
https://issues.apache.org/bugzilla/show_bug.cgi?id=47645	Issue Tracking Vendor Advisory
https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E	Mailing List Patch
https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E	Mailing List Patch
https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E	Mailing List Patch
https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E	Mailing List Patch
https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E	Mailing List Patch
https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E	Mailing List Patch
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E	Mailing List Patch
https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E	Mailing List Patch
https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E	Mailing List Patch
https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E	Mailing List Patch
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E	Mailing List Patch
https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E	Mailing List Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:apache:http_server::::::::
	cpe:2.3:a:apache:portable_runtime::::::::

History

15 Feb 2024, 20:46

Type	Values Removed	Values Added
CVSS	v2 : ~~5.0~~ v3 : ~~unknown~~	v2 : 5.0 v3 : 7.5
CWE	~~NVD-CWE-noinfo~~	CWE-667
References	~~() https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E -~~	() https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E - Mailing List, Patch
References	~~() https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E -~~	() https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E - Mailing List, Patch
References	~~() https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E -~~	() https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E - Mailing List, Patch
References	~~() https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E -~~	() https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E - Mailing List, Patch
References	~~() https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E -~~	() https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E - Mailing List, Patch
References	~~() https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E -~~	() https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E - Mailing List, Patch
References	~~() https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E -~~	() https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E - Mailing List, Patch
References	~~() https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E -~~	() https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E - Mailing List, Patch
References	~~() https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E -~~	() https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E - Mailing List, Patch
References	~~() https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E -~~	() https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E - Mailing List, Patch
References	~~() https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E -~~	() https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E - Mailing List, Patch
References	~~() https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E -~~	() https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E - Mailing List, Patch

07 Nov 2023, 02:04

Type	Values Removed	Values Added
References	{'url': 'https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7@%3Ccvs.httpd.apache.org%3E', 'name': '[httpd-cvs] 20210330 svn commit: r1888194 [6/13] - /httpd/site/trunk/content/security/json/', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E', 'name': '[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E', 'name': '[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E', 'name': '[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E', 'name': '[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E', 'name': '[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E', 'name': '[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E', 'name': '[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d@%3Ccvs.httpd.apache.org%3E', 'name': '[httpd-cvs] 20210330 svn commit: r1073149 [7/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E', 'name': '[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e@%3Ccvs.httpd.apache.org%3E', 'name': '[httpd-cvs] 20210330 svn commit: r1073139 [6/13] - in /websites/staging/httpd/trunk/content: ./ security/json/', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E', 'name': '[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'}	() https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E - () https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E - () https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E - () https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E - () https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E - () https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E - () https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E - () https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E - () https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E - () https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E - () https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E - () https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E -

19 Sep 2022, 19:51

06 Jun 2021, 11:15

Type	Values Removed	Values Added
References		(MLIST) https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d@%3Ccvs.httpd.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e@%3Ccvs.httpd.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E -

30 Mar 2021, 12:15

Type	Values Removed	Values Added
References		(MLIST) https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7@%3Ccvs.httpd.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E -

Information

Published : 2009-10-13 10:30

Updated : 2024-02-15 20:46

NVD link : CVE-2009-2699

Mitre link : CVE-2009-2699

CVE.ORG link : CVE-2009-2699

JSON object : View

Products Affected

apache

http_server
portable_runtime

CWE

CWE-667

Improper Locking

Type	Values Removed	Values Added
CWE	~~NVD-CWE-Other~~	NVD-CWE-noinfo
CPE	cpe:2.3:a:apache:http_server:1.3.27:::::::* cpe:2.3:a:apache:http_server:1.3.19:::::::* cpe:2.3:a:apache:http_server:2.0.55:::::::* cpe:2.3:a:apache:http_server:2.1.7:::::::* cpe:2.3:a:apache:http_server:2.2.3:::::::* cpe:2.3:a:apache:http_server:2.2.8:::::::* cpe:2.3:a:apache:http_server:2.0.38:::::::* cpe:2.3:a:apache:http_server:2.0.60:::::::* cpe:2.3:a:apache:http_server:1.3.20:::::::* cpe:2.3:a:apache:http_server:2.0.57:::::::* cpe:2.3:a:apache:http_server:1.3.68:::::::* cpe:2.3:a:apache:http_server:1.3.31:::::::* cpe:2.3:a:apache:http_server:2.0.28:::::::* cpe:2.3:a:apache:http_server:1.3.26:::::::* cpe:2.3:a:apache:http_server:1.3.32:::::::* cpe:2.3:a:apache:http_server:2.0.32:beta:::::: cpe:2.3:a:apache:http_server:1.3:::::::* cpe:2.3:a:apache:http_server:1.0.2:::::::* cpe:2.3:a:apache:http_server:1.3.16:::::::* cpe:2.3:a:apache:http_server:1.3.33:::::::* cpe:2.3:a:apache:http_server:2.0.48:::::::* cpe:2.3:a:apache:http_server:2.2:::::::* cpe:2.3:a:apache:http_server:1.3.1.1:::::::* cpe:2.3:a:apache:apr:::::::: cpe:2.3:a:apache:http_server:1.3.3:::::::* cpe:2.3:a:apache:http_server:1.3.15:::::::* cpe:2.3:a:apache:http_server:1.3.11:::::::* cpe:2.3:a:apache:http_server:2.0.43:::::::* cpe:2.3:a:apache:http_server:2.1.3:::::::* cpe:2.3:a:apache:http_server:1.3.34:::::::* cpe:2.3:a:apache:http_server:1.3.4:::::::* cpe:2.3:a:apache:http_server:2.0.40:::::::* cpe:2.3:a:apache:http_server:2.0.51:::::::* cpe:2.3:a:apache:http_server:2.1.4:::::::* cpe:2.3:a:apache:http_server:2.0.56:::::::* cpe:2.3:a:apache:http_server:2.1.8:::::::* cpe:2.3:a:apache:http_server:2.0.32:::::::* cpe:2.3:a:apache:http_server:2.0.36:::::::* cpe:2.3:a:apache:http_server:1.0.3:::::::* cpe:2.3:a:apache:http_server:2.0.49:::::::* cpe:2.3:a:apache:http_server:1.2.5:::::::* cpe:2.3:a:apache:http_server:1.3.17:::::::* cpe:2.3:a:apache:http_server:1.3.13:::::::* cpe:2.3:a:apache:http_server:1.3.29:::::::* cpe:2.3:a:apache:http_server:2.0.41:::::::* cpe:2.3:a:apache:http_server:1.3.36:::::::* cpe:2.3:a:apache:http_server:2.0.9:::::::* cpe:2.3:a:apache:http_server:2.1.1:::::::* cpe:2.3:a:apache:http_server:2.0.58:::::::* cpe:2.3:a:apache:http_server:1.2.6:::::::* cpe:2.3:a:apache:http_server:2.0.39:::::::* cpe:2.3:a:apache:http_server:2.1.9:::::::* cpe:2.3:a:apache:http_server:1.0.5:::::::* cpe:2.3:a:apache:http_server:1.3.24:::::::* cpe:2.3:a:apache:apr:0.9.17:::::::* cpe:2.3:a:apache:http_server:1.3.23:::::::* cpe:2.3:a:apache:http_server:2.0.42:::::::* cpe:2.3:a:apache:http_server:2.0.37:::::::* cpe:2.3:a:apache:http_server:1.3.9:::::::* cpe:2.3:a:apache:http_server:1.2.9:::::::* cpe:2.3:a:apache:http_server:1.2:::::::* cpe:2.3:a:apache:http_server:2.2.7:::::::* cpe:2.3:a:apache:http_server:1.3.10:::::::* cpe:2.3:a:apache:http_server:1.3.22:::::::* cpe:2.3:a:apache:http_server:2.1:::::::* cpe:2.3:a:apache:http_server:2.2.0:::::::* cpe:2.3:a:apache:http_server:-:::::::* cpe:2.3:a:apache:http_server:1.3.0:::::::* cpe:2.3:a:apache:http_server:1.1.1:::::::* cpe:2.3:a:apache:http_server:1.99:::::::* cpe:2.3:a:apache:http_server:1.3.14:::::::* cpe:2.3:a:apache:http_server:2.2.11:::::::* cpe:2.3:a:apache:http_server:1.3.35:::::::* cpe:2.3:a:apache:apr:0.9.7:::::::* cpe:2.3:a:apache:http_server:2.1.6:::::::* cpe:2.3:a:apache:http_server:2.0:::::::* cpe:2.3:a:apache:http_server:1.3.28:::::::* cpe:2.3:a:apache:http_server:2.1.2:::::::* cpe:2.3:a:apache:apr:1.2.1:::::::* cpe:2.3:a:apache:http_server:1.1:::::::* cpe:2.3:a:apache:http_server:0.8.14:::::::* cpe:2.3:a:apache:http_server:2.2.12:::::::* cpe:2.3:a:apache:http_server:1.3.12:::::::* cpe:2.3:a:apache:http_server:1.3.1:::::::* cpe:2.3:a:apache:http_server:1.4.0:::::::* cpe:2.3:a:apache:http_server:1.3.39:::::::* cpe:2.3:a:apache:http_server:0.8.11:::::::* cpe:2.3:a:apache:http_server:1.3.38:::::::* cpe:2.3:a:apache:http_server:2.0.35:::::::* cpe:2.3:a:apache:http_server:2.0.52:::::::* cpe:2.3:a:apache:http_server:1.2.4:::::::* cpe:2.3:a:apache:http_server:1.3.25:::::::* cpe:2.3:a:apache:http_server:2.2.6:::::::* cpe:2.3:a:apache:http_server:2.0.46:::::::* cpe:2.3:a:apache:http_server:1.3.8:::::::* cpe:2.3:a:apache:http_server:2.0.54:::::::* cpe:2.3:a:apache:http_server:2.0.34:beta:::::: cpe:2.3:a:apache:http_server:1.3.65:::::::* cpe:2.3:a:apache:http_server:1.3.7:::::::* cpe:2.3:a:apache:http_server:2.0.45:::::::* cpe:2.3:a:apache:http_server:2.2.10:::::::* cpe:2.3:a:apache:apr:0.9.18:::::::* cpe:2.3:a:apache:http_server:2.0.50:::::::* cpe:2.3:a:apache:http_server:2.0.44:::::::* cpe:2.3:a:apache:http_server:2.2.9:::::::* cpe:2.3:a:apache:http_server:2.2.2:::::::* cpe:2.3:a:apache:http_server:1.3.2:::::::* cpe:2.3:a:apache:http_server:1.3.37:::::::* cpe:2.3:a:apache:http_server:2.0.59:::::::* cpe:2.3:a:apache:http_server:1.3.6:::::::* cpe:2.3:a:apache:http_server:2.2.1:::::::* cpe:2.3:a:apache:http_server:1.3.18:::::::* cpe:2.3:a:apache:http_server:1.3.30:::::::* cpe:2.3:a:apache:http_server:2.1.5:::::::* cpe:2.3:a:apache:http_server:2.0.47:::::::* cpe:2.3:a:apache:http_server:1.3.5:::::::* cpe:2.3:a:apache:http_server:2.2.4:::::::* cpe:2.3:a:apache:http_server:2.0.53:::::::*	cpe:2.3:a:apache:portable_runtime::::::::
First Time		Apache portable Runtime
References	~~(MLIST) https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7@%3Ccvs.httpd.apache.org%3E -~~	(MLIST) https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7@%3Ccvs.httpd.apache.org%3E - Mailing List, Vendor Advisory
References	~~(MLIST) https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E -~~	(MLIST) https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E - Mailing List, Vendor Advisory
References	~~(CONFIRM) https://issues.apache.org/bugzilla/show_bug.cgi?id=47645 -~~	(CONFIRM) https://issues.apache.org/bugzilla/show_bug.cgi?id=47645 - Issue Tracking, Vendor Advisory
References	~~(BID) http://www.securityfocus.com/bid/36596 - Patch~~	(BID) http://www.securityfocus.com/bid/36596 - Patch, Third Party Advisory, VDB Entry
References	~~(XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/53666 -~~	(XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/53666 - Third Party Advisory, VDB Entry
References	~~(MLIST) https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E -~~	(MLIST) https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E - Mailing List, Vendor Advisory
References	~~(MLIST) https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d@%3Ccvs.httpd.apache.org%3E -~~	(MLIST) https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d@%3Ccvs.httpd.apache.org%3E - Mailing List, Vendor Advisory
References	~~(MLIST) https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E -~~	(MLIST) https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E - Mailing List, Vendor Advisory
References	~~(MLIST) https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E -~~	(MLIST) https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E - Mailing List, Vendor Advisory
References	~~(MLIST) https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E -~~	(MLIST) https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E - Mailing List, Vendor Advisory
References	~~(SECTRACK) http://securitytracker.com/id?1022988 -~~	(SECTRACK) http://securitytracker.com/id?1022988 - Broken Link, Third Party Advisory, VDB Entry
References	~~(CONFIRM) http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html -~~	(CONFIRM) http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html - Third Party Advisory
References	~~(MLIST) https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E -~~	(MLIST) https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E - Mailing List, Vendor Advisory
References	~~(MLIST) https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E -~~	(MLIST) https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E - Mailing List, Vendor Advisory
References	~~(HP) http://marc.info/?l=bugtraq&m=133355494609819&w=2 -~~	(HP) http://marc.info/?l=bugtraq&m=133355494609819&w=2 - Issue Tracking, Mailing List, Third Party Advisory
References	~~(MANDRIVA) http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 -~~	(MANDRIVA) http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 - Broken Link
References	~~(CONFIRM) http://www.apache.org/dist/httpd/CHANGES_2.2.14 - Vendor Advisory~~	(CONFIRM) http://www.apache.org/dist/httpd/CHANGES_2.2.14 - Broken Link, Vendor Advisory
References	~~(MLIST) https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E -~~	(MLIST) https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E - Mailing List, Vendor Advisory
References	~~(MLIST) https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e@%3Ccvs.httpd.apache.org%3E -~~	(MLIST) https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e@%3Ccvs.httpd.apache.org%3E - Mailing List, Vendor Advisory
References	~~(MLIST) https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E -~~	(MLIST) https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E - Mailing List, Vendor Advisory

7.5 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0 /10

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

JSON object

Attach tags to CVE-2009-2699

7.5^/10

5.0^/10

Attach tags to `CVE-2009-2699`