Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2009-1891: #534712 - apache2.2-common: DOS possible with mod_deflate

The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service (CPU consumption).

CVE
#web#mac#linux#debian#dos#apache#js#php#perl#auth#ibm#ssl

Debian Bug report logs - #534712
apache2.2-common: DOS possible with mod_deflate

Reported by: François Guerraz [email protected]

Date: Fri, 26 Jun 2009 15:24:03 UTC

Severity: normal

Tags: patch, security

Found in version 2.2.9-10+lenny3

Fixed in versions apache2/2.2.11-7, apache2/2.2.3-4+etch9, apache2/2.2.9-10+lenny4

Done: Stefan Fritsch [email protected]

Bug is archived. No further changes may be made.

Toggle useless messages

Report forwarded to [email protected], Debian Apache Maintainers [email protected]:
Bug#534712; Package apache2.2-common. (Fri, 26 Jun 2009 15:24:06 GMT) (full text, mbox, link).

Acknowledgement sent to François Guerraz [email protected]:
New Bug report received and forwarded. Copy sent to Debian Apache Maintainers [email protected]. (Fri, 26 Jun 2009 15:24:06 GMT) (full text, mbox, link).

Message #5 received at [email protected] (full text, mbox, reply):

Package: apache2.2-common Version: 2.2.9-10+lenny3 Severity: normal Tags: patch security

There is a bug in mod_deflate that can lead to a DOS with a very small network traffic.

The problem is the following : when downloading a file with mod_deflate enabled and aborting the connexion before the end, mod_deflate will take 100% of a CPU and finish to compress the file for nothing.

Even with a not-so-big file (a few dozen of MB), it is possible to “lock” apache by opening simultaneous request on this file and abort the connexion very soon, as the file will be compressed multiple times in parallel, it will make compression times grow and keep the threads busy for a while.

The problem arises because mod_deflate doesn’t check if the connexion is aborted and goes on whatever happen.

The following patch fixes the problem, but at reading the code, I guess that the inflate function is also impacted.

Best regards,

François

— mod_deflate.c 2008-01-04 15:23:50.000000000 +0100 +++ mod_deflate.c.new 2009-06-26 16:50:36.000000000 +0200 @@ -691,6 +691,10 @@ continue; }

  • if (r->connection->aborted) {
  •        return APR\_ECONNABORTED;
    
  •    }
    
  •    /\* read \*/
       apr\_bucket\_read(e, &data, &len, APR\_BLOCK\_READ);
    

– Package-specific info: List of enabled modules from 'apache2 -M’: alias auth_basic authn_file authz_default authz_groupfile authz_host authz_user autoindex cgi deflate dir env expires headers mime negotiation perl php5 python setenvif status userdir

– System Information: Debian Release: 5.0.1 APT prefers stable APT policy: (990, ‘stable’) Architecture: i386 (i686)

Kernel: Linux 2.6.30 (SMP w/2 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash

Versions of packages apache2.2-common depends on: ii apache2-utils 2.2.9-10+lenny3 utility programs for webservers ii libapr1 1.2.12-5 The Apache Portable Runtime Librar ii libaprutil1 1.2.12+dfsg-8+lenny2 The Apache Portable Runtime Utilit ii libc6 2.7-18 GNU C Library: Shared libraries ii libmagic1 4.26-1 File type determination library us ii libssl0.9.8 0.9.8g-15+lenny1 SSL shared libraries ii lsb-base 3.2-20 Linux Standard Base 3.2 init scrip ii mime-support 3.44-1 MIME files ‘mime.types’ & 'mailcap ii net-tools 1.60-22 The NET-3 networking toolkit ii perl 5.10.0-19 Larry Wall’s Practical Extraction ii procps 1:3.2.7-11 /proc file system utilities ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime

Versions of packages apache2.2-common recommends: ii ssl-cert 1.0.23 simple debconf wrapper for OpenSSL

Versions of packages apache2.2-common suggests: ii apache2-doc 2.2.9-10+lenny3 Apache HTTP Server documentation pn apache2-suexec | apache2 <none> (no description available) ii dillo [www-browser] 0.8.6-3 Small and fast web browser ii elinks [www-browser] 0.11.4-3 advanced text-mode WWW browser ii epiphany-gecko [www-brow 2.22.3-9 Intuitive GNOME web browser

  • Geck ii iceape-browser [www-brow 1.1.14-1 Iceape Navigator (Internet browser ii iceweasel [www-browser] 3.0.6-1 lightweight web browser based on M ii w3m [www-browser] 0.5.2-2+b1 WWW browsable pager with excellent

Versions of packages apache2.2-common is related to: pn apache2-mpm-event <none> (no description available) pn apache2-mpm-itk <none> (no description available) ii apache2-mpm-prefork 2.2.9-10+lenny3 Apache HTTP Server - traditional n pn apache2-mpm-worker <none> (no description available)

– no debconf information

Information forwarded to [email protected], Debian Apache Maintainers [email protected]:
Bug#534712; Package apache2.2-common. (Thu, 09 Jul 2009 18:54:05 GMT) (full text, mbox, link).

Acknowledgement sent to Marc Deslauriers [email protected]:
Extra info received and forwarded to list. Copy sent to Debian Apache Maintainers [email protected]. (Thu, 09 Jul 2009 18:54:05 GMT) (full text, mbox, link).

Message #10 received at [email protected] (full text, mbox, reply):

This is CVE-2009-1891:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891

Upstream patch:

http://svn.apache.org/viewvc?view=rev&revision=791454

Reply sent to Stefan Fritsch [email protected]:
You have taken responsibility. (Fri, 10 Jul 2009 21:54:06 GMT) (full text, mbox, link).

Notification sent to François Guerraz [email protected]:
Bug acknowledged by developer. (Fri, 10 Jul 2009 21:54:06 GMT) (full text, mbox, link).

Message #15 received at [email protected] (full text, mbox, reply):

Source: apache2 Source-Version: 2.2.11-7

We believe that the bug you reported is fixed in the latest version of apache2, which is due to be installed in the Debian FTP archive:

apache2-dbg_2.2.11-7_i386.deb to pool/main/a/apache2/apache2-dbg_2.2.11-7_i386.deb apache2-doc_2.2.11-7_all.deb to pool/main/a/apache2/apache2-doc_2.2.11-7_all.deb apache2-mpm-event_2.2.11-7_all.deb to pool/main/a/apache2/apache2-mpm-event_2.2.11-7_all.deb apache2-mpm-prefork_2.2.11-7_all.deb to pool/main/a/apache2/apache2-mpm-prefork_2.2.11-7_all.deb apache2-mpm-worker_2.2.11-7_all.deb to pool/main/a/apache2/apache2-mpm-worker_2.2.11-7_all.deb apache2-prefork-dev_2.2.11-7_i386.deb to pool/main/a/apache2/apache2-prefork-dev_2.2.11-7_i386.deb apache2-src_2.2.11-7_all.deb to pool/main/a/apache2/apache2-src_2.2.11-7_all.deb apache2-suexec-custom_2.2.11-7_i386.deb to pool/main/a/apache2/apache2-suexec-custom_2.2.11-7_i386.deb apache2-suexec_2.2.11-7_i386.deb to pool/main/a/apache2/apache2-suexec_2.2.11-7_i386.deb apache2-threaded-dev_2.2.11-7_i386.deb to pool/main/a/apache2/apache2-threaded-dev_2.2.11-7_i386.deb apache2-utils_2.2.11-7_i386.deb to pool/main/a/apache2/apache2-utils_2.2.11-7_i386.deb apache2.2-bin_2.2.11-7_i386.deb to pool/main/a/apache2/apache2.2-bin_2.2.11-7_i386.deb apache2.2-common_2.2.11-7_all.deb to pool/main/a/apache2/apache2.2-common_2.2.11-7_all.deb apache2_2.2.11-7.diff.gz to pool/main/a/apache2/apache2_2.2.11-7.diff.gz apache2_2.2.11-7.dsc to pool/main/a/apache2/apache2_2.2.11-7.dsc apache2_2.2.11-7_all.deb to pool/main/a/apache2/apache2_2.2.11-7_all.deb

A summary of the changes between this version and the previous one is attached.

Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software pp. Stefan Fritsch [email protected] (supplier of updated apache2 package)

(This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected])

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

Format: 1.8 Date: Fri, 10 Jul 2009 22:42:57 +0200 Source: apache2 Binary: apache2.2-common apache2.2-bin apache2-mpm-worker apache2-mpm-prefork apache2-mpm-event apache2-utils apache2-suexec apache2-suexec-custom apache2 apache2-doc apache2-prefork-dev apache2-threaded-dev apache2-src apache2-dbg Architecture: source i386 all Version: 2.2.11-7 Distribution: unstable Urgency: low Maintainer: Debian Apache Maintainers [email protected] Changed-By: Stefan Fritsch [email protected] Description: apache2 - Apache HTTP Server metapackage apache2-dbg - Apache debugging symbols apache2-doc - Apache HTTP Server documentation apache2-mpm-event - Apache HTTP Server - event driven model apache2-mpm-prefork - Apache HTTP Server - traditional non-threaded model apache2-mpm-worker - Apache HTTP Server - high speed threaded model apache2-prefork-dev - Apache development headers - non-threaded MPM apache2-src - Apache source code apache2-suexec - Standard suexec program for Apache 2 mod_suexec apache2-suexec-custom - Configurable suexec program for Apache 2 mod_suexec apache2-threaded-dev - Apache development headers - threaded MPM apache2-utils - utility programs for webservers apache2.2-bin - Apache HTTP Server common binary files apache2.2-common - Apache HTTP Server common files Closes: 534712 535849 Changes: apache2 (2.2.11-7) unstable; urgency=low . * Security fixes: - CVE-2009-1890: denial of service in mod_proxy - CVE-2009-1891: denial of service in mod_deflate (closes: #534712) * Add symlinks for the debug info to the mpm packages. * Be slightly more informative in the default index.html without pointing to Apache or Debian (LP: #89364) * Remove dependency on net-tools, which is no longer necessary (closes: #535849) * Bump Standards-Version (no changes) Checksums-Sha1: 89ee0a8edf86a4db88d5c8a1bbe695896159fadd 1670 apache2_2.2.11-7.dsc 3f452bc15966b5309b91d3e3f78074569b2258b0 139798 apache2_2.2.11-7.diff.gz d95c98e372e7808b7a1ffa84890a4a621ada320f 1091360 apache2.2-bin_2.2.11-7_i386.deb 86d1e5eede7a51fced49759d868583ff46fccd5d 146464 apache2-utils_2.2.11-7_i386.deb f4c1ad754f4ac9c3b1b7e8ccf7d522a4cf9ed26b 85478 apache2-suexec_2.2.11-7_i386.deb 910a8d013494c9bcade8476e385c5efa68c635f4 87060 apache2-suexec-custom_2.2.11-7_i386.deb ab5722c125c7b6870a3c946d965340244a3a9c02 137744 apache2-prefork-dev_2.2.11-7_i386.deb 98368d3d85c8e14bddbfa2cb3c5e975c69c69f31 138910 apache2-threaded-dev_2.2.11-7_i386.deb 9f6f3361505256a211f91544f426ce2c890fa5aa 2288502 apache2-dbg_2.2.11-7_i386.deb f6850a8a5bf9a29329ae73d5c76681e8e496b29f 269946 apache2.2-common_2.2.11-7_all.deb cc7033a9b811f7ec825d1674da59122a1ac21209 2258 apache2-mpm-worker_2.2.11-7_all.deb d8c776c1838016dcd8b743bfe323a481ea366443 2322 apache2-mpm-prefork_2.2.11-7_all.deb cdca3dcf3ba670b6b77a904811a506fccf39a04c 2292 apache2-mpm-event_2.2.11-7_all.deb d3a0118a9a8a34b0a2c500bd4b840bafc0569ad4 1372 apache2_2.2.11-7_all.deb 67c48523bdf7ac251dc5aff69998fc9ec5ec5c76 2227630 apache2-doc_2.2.11-7_all.deb 3d50155ea00e516b5fb89c780d096418ac569942 6948660 apache2-src_2.2.11-7_all.deb Checksums-Sha256: 6977a6adf3754bdbdfb3257b54dce966b151905c40c6e43e155799a9aaa59b54 1670 apache2_2.2.11-7.dsc cc7470730b1fc3afd93111df810723af9340949d45887dfbdc3ff3879bc696fd 139798 apache2_2.2.11-7.diff.gz 4c2a07172980736564f860168ac0cbaae1b66ca8655aacda94807cb909d6db3e 1091360 apache2.2-bin_2.2.11-7_i386.deb 9f02ded28e9f9ad02c4ca353fa8c727b6c804e99ac33d299d4a55bfed37634ce 146464 apache2-utils_2.2.11-7_i386.deb 7fc417d68cf8f9514fa08830944bd354e6b7e415b061cf7dfcb1001216bbeb5b 85478 apache2-suexec_2.2.11-7_i386.deb 251fa28a9c71c8cc15ef20a1261de24abef8b289ff5a549205a2b2a70f437ff5 87060 apache2-suexec-custom_2.2.11-7_i386.deb 1c170541272ce1072b1f2eda170c715d938fd54ebcbda5185f7d52d426bcae21 137744 apache2-prefork-dev_2.2.11-7_i386.deb f96be7da7f83281db63f92ffe0cdb7939c6992a774dd1256e46077d834ddce1b 138910 apache2-threaded-dev_2.2.11-7_i386.deb 0c85c7d98cd35330dbea84a58e65c4a5f001580983acaed8fb40a040bf327075 2288502 apache2-dbg_2.2.11-7_i386.deb f06a896623748f2b2b752c44f146dca332c4d4f516f7a89cdf4b5d7ccd9160bd 269946 apache2.2-common_2.2.11-7_all.deb 1aad3c9f1488531e1675543baf764f1dcd9000e90765fed6709341b37cc7db18 2258 apache2-mpm-worker_2.2.11-7_all.deb 1032582db012ed97e70926a435451d69ac944f388170422756359c3a22661597 2322 apache2-mpm-prefork_2.2.11-7_all.deb 7ad9e858ba4b849025c97d16589217b5e46ae86ea10c4af912cca259cef3ab04 2292 apache2-mpm-event_2.2.11-7_all.deb 3fba85b75ee4a0920b413c8a934f18b8724866911c72b56500f2e76aadcac230 1372 apache2_2.2.11-7_all.deb 8b1f37c9b6d3e22a9753ddfe29503ba628235b9750ab818a98fc9914773d00c4 2227630 apache2-doc_2.2.11-7_all.deb 59e591e209e6ea62dbb9c68959880c32aeeab2304df47adc8aaa337f18970322 6948660 apache2-src_2.2.11-7_all.deb Files: 5376daaa2d6c05bb4244b94ec81c25fa 1670 httpd optional apache2_2.2.11-7.dsc f817415d2cc3228bac3068010384898d 139798 httpd optional apache2_2.2.11-7.diff.gz 5e33d95e38de2ce2c913966d0deb679e 1091360 httpd optional apache2.2-bin_2.2.11-7_i386.deb 5bfd70b6c4cfed7ff872e6acba916ce8 146464 httpd optional apache2-utils_2.2.11-7_i386.deb c606db755d28e294985703ed552435f5 85478 httpd optional apache2-suexec_2.2.11-7_i386.deb 2c78406464a12fc3bd1edb91589b04bc 87060 httpd extra apache2-suexec-custom_2.2.11-7_i386.deb 55128d18d5a993f256d03f986bf48f2c 137744 httpd extra apache2-prefork-dev_2.2.11-7_i386.deb b39b532c0befc27a885bc8fd6db65c03 138910 httpd extra apache2-threaded-dev_2.2.11-7_i386.deb 2275feb7a08161fd99133319ebaa3f9f 2288502 debug extra apache2-dbg_2.2.11-7_i386.deb fab9fb13044c30423b219e717fd92c01 269946 httpd optional apache2.2-common_2.2.11-7_all.deb d5d6268eaa9545c711ca8138f1e4de02 2258 httpd optional apache2-mpm-worker_2.2.11-7_all.deb 42c1e0ec4d4aaf6d8b122c665968d7ab 2322 httpd optional apache2-mpm-prefork_2.2.11-7_all.deb 91191b8b26d259679108a958dccd3c7b 2292 httpd optional apache2-mpm-event_2.2.11-7_all.deb f0aecb92b975deb106489e5cded68153 1372 httpd optional apache2_2.2.11-7_all.deb 76aea36c5674fe11e8baae7add1b9041 2227630 doc optional apache2-doc_2.2.11-7_all.deb 3cbd8507c04f3572e3aac9cebcb6bffc 6948660 httpd extra apache2-src_2.2.11-7_all.deb

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFKV6mkbxelr8HyTqQRAp6qAKDBnNACidolSAkWaMn4ZtzbvhL9TQCdE1k8 8GlclMeSvyl6MbOeOUGvPy4= =2SBX -----END PGP SIGNATURE-----

Reply sent to Stefan Fritsch [email protected]:
You have taken responsibility. (Wed, 05 Aug 2009 20:30:03 GMT) (full text, mbox, link).

Notification sent to François Guerraz [email protected]:
Bug acknowledged by developer. (Wed, 05 Aug 2009 20:30:03 GMT) (full text, mbox, link).

Message #20 received at [email protected] (full text, mbox, reply):

Source: apache2 Source-Version: 2.2.3-4+etch9

We believe that the bug you reported is fixed in the latest version of apache2, which is due to be installed in the Debian FTP archive:

apache2-doc_2.2.3-4+etch9_all.deb to pool/main/a/apache2/apache2-doc_2.2.3-4+etch9_all.deb apache2-mpm-event_2.2.3-4+etch9_i386.deb to pool/main/a/apache2/apache2-mpm-event_2.2.3-4+etch9_i386.deb apache2-mpm-perchild_2.2.3-4+etch9_all.deb to pool/main/a/apache2/apache2-mpm-perchild_2.2.3-4+etch9_all.deb apache2-mpm-prefork_2.2.3-4+etch9_i386.deb to pool/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch9_i386.deb apache2-mpm-worker_2.2.3-4+etch9_i386.deb to pool/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch9_i386.deb apache2-prefork-dev_2.2.3-4+etch9_i386.deb to pool/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch9_i386.deb apache2-src_2.2.3-4+etch9_all.deb to pool/main/a/apache2/apache2-src_2.2.3-4+etch9_all.deb apache2-threaded-dev_2.2.3-4+etch9_i386.deb to pool/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch9_i386.deb apache2-utils_2.2.3-4+etch9_i386.deb to pool/main/a/apache2/apache2-utils_2.2.3-4+etch9_i386.deb apache2.2-common_2.2.3-4+etch9_i386.deb to pool/main/a/apache2/apache2.2-common_2.2.3-4+etch9_i386.deb apache2_2.2.3-4+etch9.diff.gz to pool/main/a/apache2/apache2_2.2.3-4+etch9.diff.gz apache2_2.2.3-4+etch9.dsc to pool/main/a/apache2/apache2_2.2.3-4+etch9.dsc apache2_2.2.3-4+etch9_all.deb to pool/main/a/apache2/apache2_2.2.3-4+etch9_all.deb

A summary of the changes between this version and the previous one is attached.

Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software pp. Stefan Fritsch [email protected] (supplier of updated apache2 package)

(This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected])

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

Format: 1.7 Date: Tue, 14 Jul 2009 23:06:43 +0200 Source: apache2 Binary: apache2-utils apache2-prefork-dev apache2 apache2-mpm-prefork apache2-doc apache2-mpm-event apache2.2-common apache2-mpm-worker apache2-src apache2-threaded-dev apache2-mpm-perchild Architecture: source all i386 Version: 2.2.3-4+etch9 Distribution: oldstable-security Urgency: high Maintainer: Debian Apache Maintainers [email protected] Changed-By: Stefan Fritsch [email protected] Description: apache2 - Next generation, scalable, extendable web server apache2-doc - documentation for apache2 apache2-mpm-event - Event driven model for Apache HTTPD 2.1 apache2-mpm-perchild - Transitional package - please remove apache2-mpm-prefork - Traditional model for Apache HTTPD 2.1 apache2-mpm-worker - High speed threaded model for Apache HTTPD 2.1 apache2-prefork-dev - development headers for apache2 apache2-src - Apache source code apache2-threaded-dev - development headers for apache2 apache2-utils - utility programs for webservers apache2.2-common - Next generation, scalable, extendable web server Closes: 534712 Changes: apache2 (2.2.3-4+etch9) oldstable-security; urgency=high . * Security: CVE-2009-1891: denial of service in mod_deflate (closes: #534712) Also prevent compressing the content for HEAD requests. Files: 5090ccfce8dc2e193a0200a5046fc0c2 1068 web optional apache2_2.2.3-4+etch9.dsc 2705ba251cdd2e979ce85099b4548848 127065 web optional apache2_2.2.3-4+etch9.diff.gz 9f79ca5450eb153eeb77d0ccdf63af53 962488 web optional apache2.2-common_2.2.3-4+etch9_i386.deb 80ff91b5681b3b65b9f82510b78995d8 423714 web optional apache2-mpm-worker_2.2.3-4+etch9_i386.deb 3efc018978b3f6879d4e17cd870da7c6 419898 web optional apache2-mpm-prefork_2.2.3-4+etch9_i386.deb f7df4f2e8308b37945d6c9350fb68059 424256 web optional apache2-mpm-event_2.2.3-4+etch9_i386.deb 473c50b8e3b3ff72f61fd2773ad0a5ec 342508 web optional apache2-utils_2.2.3-4+etch9_i386.deb aca126fc936879a914786d64b39582f1 409096 devel optional apache2-prefork-dev_2.2.3-4+etch9_i386.deb c973180a87c19636cc18823d872eaaf5 410094 devel optional apache2-threaded-dev_2.2.3-4+etch9_i386.deb 632e77496c06ac55702187083210c5bd 274258 web optional apache2-mpm-perchild_2.2.3-4+etch9_all.deb 765f1df6239124b257a17373ec12a25c 41428 web optional apache2_2.2.3-4+etch9_all.deb 3c97cd0ed50e13730082455509ccf2ea 2243400 doc optional apache2-doc_2.2.3-4+etch9_all.deb 863bd8f5274dcca2b348ddfb455f1e98 6666600 devel extra apache2-src_2.2.3-4+etch9_all.deb

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFKXPvWbxelr8HyTqQRAo/WAJ9irQharLhdo/7fW0YjUVdNMjsG9QCglfQw C9R7SgEGPKV+V+D4irwcjzo= =wOXW -----END PGP SIGNATURE-----

Reply sent to Stefan Fritsch [email protected]:
You have taken responsibility. (Sat, 15 Aug 2009 02:30:05 GMT) (full text, mbox, link).

Notification sent to François Guerraz [email protected]:
Bug acknowledged by developer. (Sat, 15 Aug 2009 02:30:05 GMT) (full text, mbox, link).

Message #25 received at [email protected] (full text, mbox, reply):

Source: apache2 Source-Version: 2.2.9-10+lenny4

We believe that the bug you reported is fixed in the latest version of apache2, which is due to be installed in the Debian FTP archive:

apache2-dbg_2.2.9-10+lenny4_i386.deb to pool/main/a/apache2/apache2-dbg_2.2.9-10+lenny4_i386.deb apache2-doc_2.2.9-10+lenny4_all.deb to pool/main/a/apache2/apache2-doc_2.2.9-10+lenny4_all.deb apache2-mpm-event_2.2.9-10+lenny4_i386.deb to pool/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny4_i386.deb apache2-mpm-prefork_2.2.9-10+lenny4_i386.deb to pool/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny4_i386.deb apache2-mpm-worker_2.2.9-10+lenny4_i386.deb to pool/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny4_i386.deb apache2-prefork-dev_2.2.9-10+lenny4_i386.deb to pool/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny4_i386.deb apache2-src_2.2.9-10+lenny4_all.deb to pool/main/a/apache2/apache2-src_2.2.9-10+lenny4_all.deb apache2-suexec-custom_2.2.9-10+lenny4_i386.deb to pool/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny4_i386.deb apache2-suexec_2.2.9-10+lenny4_i386.deb to pool/main/a/apache2/apache2-suexec_2.2.9-10+lenny4_i386.deb apache2-threaded-dev_2.2.9-10+lenny4_i386.deb to pool/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny4_i386.deb apache2-utils_2.2.9-10+lenny4_i386.deb to pool/main/a/apache2/apache2-utils_2.2.9-10+lenny4_i386.deb apache2.2-common_2.2.9-10+lenny4_i386.deb to pool/main/a/apache2/apache2.2-common_2.2.9-10+lenny4_i386.deb apache2_2.2.9-10+lenny4.diff.gz to pool/main/a/apache2/apache2_2.2.9-10+lenny4.diff.gz apache2_2.2.9-10+lenny4.dsc to pool/main/a/apache2/apache2_2.2.9-10+lenny4.dsc apache2_2.2.9-10+lenny4_all.deb to pool/main/a/apache2/apache2_2.2.9-10+lenny4_all.deb

A summary of the changes between this version and the previous one is attached.

Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software pp. Stefan Fritsch [email protected] (supplier of updated apache2 package)

(This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected])

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

Format: 1.8 Date: Tue, 14 Jul 2009 21:53:01 +0200 Source: apache2 Binary: apache2.2-common apache2-mpm-worker apache2-mpm-prefork apache2-mpm-event apache2-utils apache2-suexec apache2-suexec-custom apache2 apache2-doc apache2-prefork-dev apache2-threaded-dev apache2-src apache2-dbg Architecture: source i386 all Version: 2.2.9-10+lenny4 Distribution: stable-security Urgency: high Maintainer: Debian Apache Maintainers [email protected] Changed-By: Stefan Fritsch [email protected] Description: apache2 - Apache HTTP Server metapackage apache2-dbg - Apache debugging symbols apache2-doc - Apache HTTP Server documentation apache2-mpm-event - Apache HTTP Server - event driven model apache2-mpm-prefork - Apache HTTP Server - traditional non-threaded model apache2-mpm-worker - Apache HTTP Server - high speed threaded model apache2-prefork-dev - Apache development headers - non-threaded MPM apache2-src - Apache source code apache2-suexec - Standard suexec program for Apache 2 mod_suexec apache2-suexec-custom - Configurable suexec program for Apache 2 mod_suexec apache2-threaded-dev - Apache development headers - threaded MPM apache2-utils - utility programs for webservers apache2.2-common - Apache HTTP Server common files Closes: 534712 536718 Changes: apache2 (2.2.9-10+lenny4) stable-security; urgency=high . * Security fixes: - CVE-2009-1890: denial of service in mod_proxy (closes: #536718) - CVE-2009-1891: denial of service in mod_deflate (closes: #534712) Also prevent compressing the content for HEAD requests. Checksums-Sha1: b6985c3c29faf52c7a593aa44cddf3b15981b864 1673 apache2_2.2.9-10+lenny4.dsc 89c68afe4a74abb0213e17be879155f4a95b5f85 138623 apache2_2.2.9-10+lenny4.diff.gz 9acb9f447940cbbfca2fae4de3638c3e04eb996a 782590 apache2.2-common_2.2.9-10+lenny4_i386.deb c97554508708286d7305af28a53f412a42ac075b 240464 apache2-mpm-worker_2.2.9-10+lenny4_i386.deb 1329a07a996735a140c67bb886a0584ac4bef237 236982 apache2-mpm-prefork_2.2.9-10+lenny4_i386.deb cfdb8b27cba028a2718edb9cd17353b2877e7baa 240950 apache2-mpm-event_2.2.9-10+lenny4_i386.deb 2a7e88f106a86ae91c345b8c8d29e24c3fc52c79 142984 apache2-utils_2.2.9-10+lenny4_i386.deb 61451e675e2138780d18ed338ffed84c792c446b 81826 apache2-suexec_2.2.9-10+lenny4_i386.deb a74cf4abd63f81074d524130264e711ccc4b1b33 83576 apache2-suexec-custom_2.2.9-10+lenny4_i386.deb 791dc787b001b16115ea53470d76b820b189ef40 210906 apache2-prefork-dev_2.2.9-10+lenny4_i386.deb ed4185e8f8ecd5d08117b948d251a8198e977dd9 212226 apache2-threaded-dev_2.2.9-10+lenny4_i386.deb 730f886299d7e71d08bd03b23440981d949c5303 2321656 apache2-dbg_2.2.9-10+lenny4_i386.deb d0b8c58630ca50924e7f0f62af75cc2bfe0b993c 44714 apache2_2.2.9-10+lenny4_all.deb 89017171b8c11b62e2bc12267585e54fb094f431 2060300 apache2-doc_2.2.9-10+lenny4_all.deb f4121631849bf777c8302a3b674852cb579d2eeb 6734400 apache2-src_2.2.9-10+lenny4_all.deb Checksums-Sha256: 2b696c8027e914658e15871c4ce8dd4fec5db7430f6e00d5f9b2197fd6997f51 1673 apache2_2.2.9-10+lenny4.dsc 27aa3da621bd4cbae660105aeeee5e5e6745f573c240546b223d42856a2615c4 138623 apache2_2.2.9-10+lenny4.diff.gz 3b2544bdaf52872eeb90df8f1b92dcf31bc3aabdefd78915fe3203c9a53ce501 782590 apache2.2-common_2.2.9-10+lenny4_i386.deb 5dc6201e8f96d36d00165c109f993a8e66a31053dd7a99fa86ffe0a6ef122153 240464 apache2-mpm-worker_2.2.9-10+lenny4_i386.deb 0363d9b28624bf3ce8ddbcaacde1ce28247217d7b4e3c016afaaea1502c0d016 236982 apache2-mpm-prefork_2.2.9-10+lenny4_i386.deb c8c99837d0141b0c5186e2dcd91bd4f7a77ab5d36b45522d9a3372c6a89269f7 240950 apache2-mpm-event_2.2.9-10+lenny4_i386.deb aa3b21c33fc44b91ebaa13c370b12a269871ac1c12cbf1573a38ce5601f9182c 142984 apache2-utils_2.2.9-10+lenny4_i386.deb 0fd933959dfceb197a7cd6a1a795757d6367426a71317b5f7a7d6fa321e3e3c1 81826 apache2-suexec_2.2.9-10+lenny4_i386.deb 3f61c6dbb6ffb0d4c50082cc818c18d6a4ab6355007321bd6d409a80dcf80442 83576 apache2-suexec-custom_2.2.9-10+lenny4_i386.deb b4e79bd64fb3bd901c5e80c5683bc39eb83975a4b1dbf48dbe9b534d8177bc4d 210906 apache2-prefork-dev_2.2.9-10+lenny4_i386.deb 6aebd6d9e5de18fbcba1129fe8007a76202b12ceafab8ac2eeb408430c92e6c3 212226 apache2-threaded-dev_2.2.9-10+lenny4_i386.deb 97cac91b09821dd0dfb96759627bbde6f89fb7fc472e124088726dcff6ae7404 2321656 apache2-dbg_2.2.9-10+lenny4_i386.deb e3f40fe80d7e348f6589897adfc677fdcbb8132d9fa7c49c7db76e66d1868b06 44714 apache2_2.2.9-10+lenny4_all.deb 9a59cc794efdebbd83a429b64941d776c2d1765922cc07a86a4d1600627f4a65 2060300 apache2-doc_2.2.9-10+lenny4_all.deb 4cdfad211b7200fa628e3ccb84f8790c7418ef2814218ef1e6aba65fc479a7c3 6734400 apache2-src_2.2.9-10+lenny4_all.deb Files: 3edbeef1b78cdcb238a1b156b1e15bb3 1673 web optional apache2_2.2.9-10+lenny4.dsc e83f70e3fe9dc21e23b9e12e0e3509a2 138623 web optional apache2_2.2.9-10+lenny4.diff.gz 91c5374730252660a652998778f37d8d 782590 web optional apache2.2-common_2.2.9-10+lenny4_i386.deb 5354fbeaf0547f9a42bb15093325f549 240464 web optional apache2-mpm-worker_2.2.9-10+lenny4_i386.deb db7f962144ad83c02e89cf774292288b 236982 web optional apache2-mpm-prefork_2.2.9-10+lenny4_i386.deb d071d125f52595d24d7ce27a700125b2 240950 web optional apache2-mpm-event_2.2.9-10+lenny4_i386.deb a5f47b4e360f4dfb1af40edc0fd4b029 142984 web optional apache2-utils_2.2.9-10+lenny4_i386.deb 14dc03b9022352f6ca89cc18d5a0330e 81826 web optional apache2-suexec_2.2.9-10+lenny4_i386.deb 1bada724cf9b6dd9f63c650467efeba9 83576 web extra apache2-suexec-custom_2.2.9-10+lenny4_i386.deb c3f8cc33efaf94bb394269a70c71a0d1 210906 devel extra apache2-prefork-dev_2.2.9-10+lenny4_i386.deb 962c9711427d4b3040f2682cc76ab86a 212226 devel extra apache2-threaded-dev_2.2.9-10+lenny4_i386.deb ec028a4db5a43f4ed9ad5be64752d03a 2321656 libdevel extra apache2-dbg_2.2.9-10+lenny4_i386.deb bc0ebb5a9da11e825827315a6899abfb 44714 web optional apache2_2.2.9-10+lenny4_all.deb 196001254f77a940ad90c9b71a852e77 2060300 doc optional apache2-doc_2.2.9-10+lenny4_all.deb 79b3f9d5db6aa727567fbe8465ff90d4 6734400 devel extra apache2-src_2.2.9-10+lenny4_all.deb

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFKXOoabxelr8HyTqQRAifyAKCtMLqGJ+HNyverlKLoE+R064+afQCgnJog 0EY43IHPqNSnZ4ikE+ARipk= =kCvs -----END PGP SIGNATURE-----

Reply sent to Stefan Fritsch [email protected]:
You have taken responsibility. (Fri, 04 Sep 2009 19:15:39 GMT) (full text, mbox, link).

Notification sent to François Guerraz [email protected]:
Bug acknowledged by developer. (Fri, 04 Sep 2009 19:15:40 GMT) (full text, mbox, link).

Message #30 received at [email protected] (full text, mbox, reply):

Source: apache2 Source-Version: 2.2.9-10+lenny4

We believe that the bug you reported is fixed in the latest version of apache2, which is due to be installed in the Debian FTP archive:

apache2-dbg_2.2.9-10+lenny4_i386.deb to pool/main/a/apache2/apache2-dbg_2.2.9-10+lenny4_i386.deb apache2-doc_2.2.9-10+lenny4_all.deb to pool/main/a/apache2/apache2-doc_2.2.9-10+lenny4_all.deb apache2-mpm-event_2.2.9-10+lenny4_i386.deb to pool/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny4_i386.deb apache2-mpm-prefork_2.2.9-10+lenny4_i386.deb to pool/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny4_i386.deb apache2-mpm-worker_2.2.9-10+lenny4_i386.deb to pool/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny4_i386.deb apache2-prefork-dev_2.2.9-10+lenny4_i386.deb to pool/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny4_i386.deb apache2-src_2.2.9-10+lenny4_all.deb to pool/main/a/apache2/apache2-src_2.2.9-10+lenny4_all.deb apache2-suexec-custom_2.2.9-10+lenny4_i386.deb to pool/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny4_i386.deb apache2-suexec_2.2.9-10+lenny4_i386.deb to pool/main/a/apache2/apache2-suexec_2.2.9-10+lenny4_i386.deb apache2-threaded-dev_2.2.9-10+lenny4_i386.deb to pool/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny4_i386.deb apache2-utils_2.2.9-10+lenny4_i386.deb to pool/main/a/apache2/apache2-utils_2.2.9-10+lenny4_i386.deb apache2.2-common_2.2.9-10+lenny4_i386.deb to pool/main/a/apache2/apache2.2-common_2.2.9-10+lenny4_i386.deb apache2_2.2.9-10+lenny4.diff.gz to pool/main/a/apache2/apache2_2.2.9-10+lenny4.diff.gz apache2_2.2.9-10+lenny4.dsc to pool/main/a/apache2/apache2_2.2.9-10+lenny4.dsc apache2_2.2.9-10+lenny4_all.deb to pool/main/a/apache2/apache2_2.2.9-10+lenny4_all.deb

A summary of the changes between this version and the previous one is attached.

Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software pp. Stefan Fritsch [email protected] (supplier of updated apache2 package)

(This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected])

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

Format: 1.8 Date: Tue, 14 Jul 2009 21:53:01 +0200 Source: apache2 Binary: apache2.2-common apache2-mpm-worker apache2-mpm-prefork apache2-mpm-event apache2-utils apache2-suexec apache2-suexec-custom apache2 apache2-doc apache2-prefork-dev apache2-threaded-dev apache2-src apache2-dbg Architecture: source i386 all Version: 2.2.9-10+lenny4 Distribution: stable-security Urgency: high Maintainer: Debian Apache Maintainers [email protected] Changed-By: Stefan Fritsch [email protected] Description: apache2 - Apache HTTP Server metapackage apache2-dbg - Apache debugging symbols apache2-doc - Apache HTTP Server documentation apache2-mpm-event - Apache HTTP Server - event driven model apache2-mpm-prefork - Apache HTTP Server - traditional non-threaded model apache2-mpm-worker - Apache HTTP Server - high speed threaded model apache2-prefork-dev - Apache development headers - non-threaded MPM apache2-src - Apache source code apache2-suexec - Standard suexec program for Apache 2 mod_suexec apache2-suexec-custom - Configurable suexec program for Apache 2 mod_suexec apache2-threaded-dev - Apache development headers - threaded MPM apache2-utils - utility programs for webservers apache2.2-common - Apache HTTP Server common files Closes: 534712 536718 Changes: apache2 (2.2.9-10+lenny4) stable-security; urgency=high . * Security fixes: - CVE-2009-1890: denial of service in mod_proxy (closes: #536718) - CVE-2009-1891: denial of service in mod_deflate (closes: #534712) Also prevent compressing the content for HEAD requests. Checksums-Sha1: b6985c3c29faf52c7a593aa44cddf3b15981b864 1673 apache2_2.2.9-10+lenny4.dsc 89c68afe4a74abb0213e17be879155f4a95b5f85 138623 apache2_2.2.9-10+lenny4.diff.gz 9acb9f447940cbbfca2fae4de3638c3e04eb996a 782590 apache2.2-common_2.2.9-10+lenny4_i386.deb c97554508708286d7305af28a53f412a42ac075b 240464 apache2-mpm-worker_2.2.9-10+lenny4_i386.deb 1329a07a996735a140c67bb886a0584ac4bef237 236982 apache2-mpm-prefork_2.2.9-10+lenny4_i386.deb cfdb8b27cba028a2718edb9cd17353b2877e7baa 240950 apache2-mpm-event_2.2.9-10+lenny4_i386.deb 2a7e88f106a86ae91c345b8c8d29e24c3fc52c79 142984 apache2-utils_2.2.9-10+lenny4_i386.deb 61451e675e2138780d18ed338ffed84c792c446b 81826 apache2-suexec_2.2.9-10+lenny4_i386.deb a74cf4abd63f81074d524130264e711ccc4b1b33 83576 apache2-suexec-custom_2.2.9-10+lenny4_i386.deb 791dc787b001b16115ea53470d76b820b189ef40 210906 apache2-prefork-dev_2.2.9-10+lenny4_i386.deb ed4185e8f8ecd5d08117b948d251a8198e977dd9 212226 apache2-threaded-dev_2.2.9-10+lenny4_i386.deb 730f886299d7e71d08bd03b23440981d949c5303 2321656 apache2-dbg_2.2.9-10+lenny4_i386.deb d0b8c58630ca50924e7f0f62af75cc2bfe0b993c 44714 apache2_2.2.9-10+lenny4_all.deb 89017171b8c11b62e2bc12267585e54fb094f431 2060300 apache2-doc_2.2.9-10+lenny4_all.deb f4121631849bf777c8302a3b674852cb579d2eeb 6734400 apache2-src_2.2.9-10+lenny4_all.deb Checksums-Sha256: 2b696c8027e914658e15871c4ce8dd4fec5db7430f6e00d5f9b2197fd6997f51 1673 apache2_2.2.9-10+lenny4.dsc 27aa3da621bd4cbae660105aeeee5e5e6745f573c240546b223d42856a2615c4 138623 apache2_2.2.9-10+lenny4.diff.gz 3b2544bdaf52872eeb90df8f1b92dcf31bc3aabdefd78915fe3203c9a53ce501 782590 apache2.2-common_2.2.9-10+lenny4_i386.deb 5dc6201e8f96d36d00165c109f993a8e66a31053dd7a99fa86ffe0a6ef122153 240464 apache2-mpm-worker_2.2.9-10+lenny4_i386.deb 0363d9b28624bf3ce8ddbcaacde1ce28247217d7b4e3c016afaaea1502c0d016 236982 apache2-mpm-prefork_2.2.9-10+lenny4_i386.deb c8c99837d0141b0c5186e2dcd91bd4f7a77ab5d36b45522d9a3372c6a89269f7 240950 apache2-mpm-event_2.2.9-10+lenny4_i386.deb aa3b21c33fc44b91ebaa13c370b12a269871ac1c12cbf1573a38ce5601f9182c 142984 apache2-utils_2.2.9-10+lenny4_i386.deb 0fd933959dfceb197a7cd6a1a795757d6367426a71317b5f7a7d6fa321e3e3c1 81826 apache2-suexec_2.2.9-10+lenny4_i386.deb 3f61c6dbb6ffb0d4c50082cc818c18d6a4ab6355007321bd6d409a80dcf80442 83576 apache2-suexec-custom_2.2.9-10+lenny4_i386.deb b4e79bd64fb3bd901c5e80c5683bc39eb83975a4b1dbf48dbe9b534d8177bc4d 210906 apache2-prefork-dev_2.2.9-10+lenny4_i386.deb 6aebd6d9e5de18fbcba1129fe8007a76202b12ceafab8ac2eeb408430c92e6c3 212226 apache2-threaded-dev_2.2.9-10+lenny4_i386.deb 97cac91b09821dd0dfb96759627bbde6f89fb7fc472e124088726dcff6ae7404 2321656 apache2-dbg_2.2.9-10+lenny4_i386.deb e3f40fe80d7e348f6589897adfc677fdcbb8132d9fa7c49c7db76e66d1868b06 44714 apache2_2.2.9-10+lenny4_all.deb 9a59cc794efdebbd83a429b64941d776c2d1765922cc07a86a4d1600627f4a65 2060300 apache2-doc_2.2.9-10+lenny4_all.deb 4cdfad211b7200fa628e3ccb84f8790c7418ef2814218ef1e6aba65fc479a7c3 6734400 apache2-src_2.2.9-10+lenny4_all.deb Files: 3edbeef1b78cdcb238a1b156b1e15bb3 1673 web optional apache2_2.2.9-10+lenny4.dsc e83f70e3fe9dc21e23b9e12e0e3509a2 138623 web optional apache2_2.2.9-10+lenny4.diff.gz 91c5374730252660a652998778f37d8d 782590 web optional apache2.2-common_2.2.9-10+lenny4_i386.deb 5354fbeaf0547f9a42bb15093325f549 240464 web optional apache2-mpm-worker_2.2.9-10+lenny4_i386.deb db7f962144ad83c02e89cf774292288b 236982 web optional apache2-mpm-prefork_2.2.9-10+lenny4_i386.deb d071d125f52595d24d7ce27a700125b2 240950 web optional apache2-mpm-event_2.2.9-10+lenny4_i386.deb a5f47b4e360f4dfb1af40edc0fd4b029 142984 web optional apache2-utils_2.2.9-10+lenny4_i386.deb 14dc03b9022352f6ca89cc18d5a0330e 81826 web optional apache2-suexec_2.2.9-10+lenny4_i386.deb 1bada724cf9b6dd9f63c650467efeba9 83576 web extra apache2-suexec-custom_2.2.9-10+lenny4_i386.deb c3f8cc33efaf94bb394269a70c71a0d1 210906 devel extra apache2-prefork-dev_2.2.9-10+lenny4_i386.deb 962c9711427d4b3040f2682cc76ab86a 212226 devel extra apache2-threaded-dev_2.2.9-10+lenny4_i386.deb ec028a4db5a43f4ed9ad5be64752d03a 2321656 libdevel extra apache2-dbg_2.2.9-10+lenny4_i386.deb bc0ebb5a9da11e825827315a6899abfb 44714 web optional apache2_2.2.9-10+lenny4_all.deb 196001254f77a940ad90c9b71a852e77 2060300 doc optional apache2-doc_2.2.9-10+lenny4_all.deb 79b3f9d5db6aa727567fbe8465ff90d4 6734400 devel extra apache2-src_2.2.9-10+lenny4_all.deb

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFKXOoabxelr8HyTqQRAifyAKCtMLqGJ+HNyverlKLoE+R064+afQCgnJog 0EY43IHPqNSnZ4ikE+ARipk= =kCvs -----END PGP SIGNATURE-----

Bug archived. Request was from Debbugs Internal Request [email protected] to [email protected]. (Sat, 03 Oct 2009 07:31:02 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <[email protected]>. Last modified: Mon Sep 19 20:07:47 2022; Machine Name: buxtehude

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.

Related news

CVE-2013-2378: Oracle Critical Patch Update - April 2013

Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.

CVE-2012-0053: Apache HTTP Server 2.2 vulnerabilities

protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script.

CVE-2012-0053: Apache HTTP Server 2.2 vulnerabilities

protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script.

CVE-2009-1890

The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service (CPU consumption) via crafted requests.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907