4

CVE-2007-6422

The balancer_handler function in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6, when a threaded Multi-Processing Module is used, allows remote authenticated users to cause a denial of service (child process crash) via an invalid bb variable.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ApacheHTTP Server Version-
ApacheHTTP Server Version2.2
ApacheHTTP Server Version2.2.1
ApacheHTTP Server Version2.2.2
ApacheHTTP Server Version2.2.3
ApacheHTTP Server Version2.2.4
ApacheHTTP Server Version2.2.6
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 9.95% 0.95
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4 8 2.9
AV:N/AC:L/Au:S/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html
http://secunia.com/advisories/28749
Vendor Advisory
http://secunia.com/advisories/29640
Vendor Advisory
http://www.ubuntu.com/usn/usn-575-1
http://httpd.apache.org/security/vulnerabilities_22.html
https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
http://www.redhat.com/support/errata/RHSA-2008-0008.html
http://secunia.com/advisories/29348
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200803-19.xml
http://secunia.com/advisories/28526
Vendor Advisory
http://secunia.com/advisories/28977
Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:016
http://www.redhat.com/support/errata/RHSA-2008-0009.html
https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00541.html
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00562.html
https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E
http://securityreason.com/securityalert/3523
http://www.securityfocus.com/archive/1/486169/100/0/threaded
http://www.securityfocus.com/bid/27236
http://www.vupen.com/english/advisories/2008/0048
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/39476
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10181
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8690