ID CVE-2009-2699
Summary The Solaris pollset feature in the Event Port backend in poll/unix/port.c in the Apache Portable Runtime (APR) library before 1.3.9, as used in the Apache HTTP Server before 2.2.14 and other products, does not properly handle errors, which allows remote attackers to cause a denial of service (daemon hang) via unspecified HTTP requests, related to the prefork and event MPMs.
References
Vulnerable Configurations
  • Apache Software Foundation Apache HTTP Server
    cpe:2.3:a:apache:http_server
  • Apache Software Foundation Apache HTTP Server 0.8.11
    cpe:2.3:a:apache:http_server:0.8.11
  • Apache Software Foundation Apache HTTP Server 0.8.14
    cpe:2.3:a:apache:http_server:0.8.14
  • Apache Software Foundation Apache HTTP Server 1.0.2
    cpe:2.3:a:apache:http_server:1.0.2
  • Apache Software Foundation Apache HTTP Server 1.0.3
    cpe:2.3:a:apache:http_server:1.0.3
  • Apache Software Foundation Apache HTTP Server 1.0.5
    cpe:2.3:a:apache:http_server:1.0.5
  • Apache Software Foundation Apache HTTP Server 1.1
    cpe:2.3:a:apache:http_server:1.1
  • Apache Software Foundation Apache HTTP Server 1.1.1
    cpe:2.3:a:apache:http_server:1.1.1
  • Apache Software Foundation Apache 1.2
    cpe:2.3:a:apache:http_server:1.2
  • Apache Software Foundation Apache HTTP Server 1.2.4
    cpe:2.3:a:apache:http_server:1.2.4
  • Apache Software Foundation Apache HTTP Server 1.2.5
    cpe:2.3:a:apache:http_server:1.2.5
  • Apache Software Foundation Apache HTTP Server 1.2.6
    cpe:2.3:a:apache:http_server:1.2.6
  • Apache Software Foundation Apache 1.29
    cpe:2.3:a:apache:http_server:1.2.9
  • Apache Software Foundation Apache HTTP Server 1.3
    cpe:2.3:a:apache:http_server:1.3
  • Apache Software Foundation Apache HTTP Server 1.3.0
    cpe:2.3:a:apache:http_server:1.3.0
  • Apache Software Foundation Apache HTTP Server 1.3.1
    cpe:2.3:a:apache:http_server:1.3.1
  • Apache Software Foundation Apache HTTP Server 1.3.1.1
    cpe:2.3:a:apache:http_server:1.3.1.1
  • Apache Software Foundation Apache HTTP Server 1.3.2
    cpe:2.3:a:apache:http_server:1.3.2
  • Apache Software Foundation Apache HTTP Server 1.3.3
    cpe:2.3:a:apache:http_server:1.3.3
  • Apache Software Foundation Apache HTTP Server 1.3.4
    cpe:2.3:a:apache:http_server:1.3.4
  • Apache Software Foundation Apache HTTP Server 1.3.5
    cpe:2.3:a:apache:http_server:1.3.5
  • Apache Software Foundation Apache HTTP Server 1.3.6
    cpe:2.3:a:apache:http_server:1.3.6
  • Apache Software Foundation Apache HTTP Server 1.3.7
    cpe:2.3:a:apache:http_server:1.3.7
  • Apache Software Foundation Apache HTTP Server 1.3.8
    cpe:2.3:a:apache:http_server:1.3.8
  • Apache Software Foundation Apache HTTP Server 1.3.9
    cpe:2.3:a:apache:http_server:1.3.9
  • Apache Software Foundation Apache 1.3.10
    cpe:2.3:a:apache:http_server:1.3.10
  • Apache Software Foundation Apache HTTP Server 1.3.11
    cpe:2.3:a:apache:http_server:1.3.11
  • Apache Software Foundation Apache HTTP Server 1.3.12
    cpe:2.3:a:apache:http_server:1.3.12
  • Apache Software Foundation Apache 1.3.13
    cpe:2.3:a:apache:http_server:1.3.13
  • Apache Software Foundation Apache HTTP Server 1.3.14
    cpe:2.3:a:apache:http_server:1.3.14
  • Apache Software Foundation Apache 1.3.15
    cpe:2.3:a:apache:http_server:1.3.15
  • Apache Software Foundation Apache 1.3.16
    cpe:2.3:a:apache:http_server:1.3.16
  • Apache Software Foundation Apache HTTP Server 1.3.17
    cpe:2.3:a:apache:http_server:1.3.17
  • Apache Software Foundation Apache HTTP Server 1.3.18
    cpe:2.3:a:apache:http_server:1.3.18
  • Apache Software Foundation Apache HTTP Server 1.3.19
    cpe:2.3:a:apache:http_server:1.3.19
  • Apache Software Foundation Apache HTTP Server 1.3.20
    cpe:2.3:a:apache:http_server:1.3.20
  • Apache Software Foundation Apache HTTP Server 1.3.22
    cpe:2.3:a:apache:http_server:1.3.22
  • Apache Software Foundation Apache HTTP Server 1.3.23
    cpe:2.3:a:apache:http_server:1.3.23
  • Apache Software Foundation Apache HTTP Server 1.3.24
    cpe:2.3:a:apache:http_server:1.3.24
  • Apache Software Foundation Apache HTTP Server 1.3.25
    cpe:2.3:a:apache:http_server:1.3.25
  • Apache Software Foundation Apache HTTP Server 1.3.26
    cpe:2.3:a:apache:http_server:1.3.26
  • Apache Software Foundation Apache HTTP Server 1.3.27
    cpe:2.3:a:apache:http_server:1.3.27
  • Apache Software Foundation Apache HTTP Server 1.3.28
    cpe:2.3:a:apache:http_server:1.3.28
  • Apache Software Foundation Apache HTTP Server 1.3.29
    cpe:2.3:a:apache:http_server:1.3.29
  • Apache Software Foundation Apache HTTP Server 1.3.30
    cpe:2.3:a:apache:http_server:1.3.30
  • Apache Software Foundation Apache HTTP Server 1.3.31
    cpe:2.3:a:apache:http_server:1.3.31
  • Apache Software Foundation Apache HTTP Server 1.3.32
    cpe:2.3:a:apache:http_server:1.3.32
  • Apache Software Foundation Apache HTTP Server 1.3.33
    cpe:2.3:a:apache:http_server:1.3.33
  • Apache Software Foundation Apache HTTP Server 1.3.34
    cpe:2.3:a:apache:http_server:1.3.34
  • Apache Software Foundation Apache HTTP Server 1.3.35
    cpe:2.3:a:apache:http_server:1.3.35
  • Apache Software Foundation Apache HTTP Server 1.3.36
    cpe:2.3:a:apache:http_server:1.3.36
  • Apache Software Foundation Apache HTTP Server 1.3.37
    cpe:2.3:a:apache:http_server:1.3.37
  • Apache Software Foundation Apache HTTP Server 1.3.38
    cpe:2.3:a:apache:http_server:1.3.38
  • Apache Software Foundation Apache HTTP Server 1.3.39
    cpe:2.3:a:apache:http_server:1.3.39
  • Apache Software Foundation Apache HTTP Server 1.3.65
    cpe:2.3:a:apache:http_server:1.3.65
  • Apache Software Foundation Apache HTTP Server 1.3.68
    cpe:2.3:a:apache:http_server:1.3.68
  • Apache Software Foundation Apache HTTP Server 1.4.0
    cpe:2.3:a:apache:http_server:1.4.0
  • Apache Software Foundation Apache HTTP Server 1.99
    cpe:2.3:a:apache:http_server:1.99
  • Apache Software Foundation Apache HTTP Server 2.0
    cpe:2.3:a:apache:http_server:2.0
  • Apache Software Foundation Apache HTTP Server 2.0.9a
    cpe:2.3:a:apache:http_server:2.0.9
  • Apache Software Foundation Apache HTTP Server 2.0.28
    cpe:2.3:a:apache:http_server:2.0.28
  • Apache Software Foundation Apache HTTP Server 2.0.32
    cpe:2.3:a:apache:http_server:2.0.32
  • Apache Software Foundation Apache HTTP Server 2.0.32 Beta
    cpe:2.3:a:apache:http_server:2.0.32:beta
  • Apache Software Foundation Apache HTTP Server 2.0.34 Beta
    cpe:2.3:a:apache:http_server:2.0.34:beta
  • Apache Software Foundation Apache HTTP Server 2.0.35
    cpe:2.3:a:apache:http_server:2.0.35
  • Apache Software Foundation Apache HTTP Server 2.0.36
    cpe:2.3:a:apache:http_server:2.0.36
  • Apache Software Foundation Apache HTTP Server 2.0.37
    cpe:2.3:a:apache:http_server:2.0.37
  • Apache Software Foundation Apache HTTP Server 2.0.38
    cpe:2.3:a:apache:http_server:2.0.38
  • Apache Software Foundation Apache HTTP Server 2.0.39
    cpe:2.3:a:apache:http_server:2.0.39
  • Apache Software Foundation Apache HTTP Server 2.0.40
    cpe:2.3:a:apache:http_server:2.0.40
  • Apache Software Foundation Apache HTTP Server 2.0.41
    cpe:2.3:a:apache:http_server:2.0.41
  • Apache Software Foundation Apache HTTP Server 2.0.42
    cpe:2.3:a:apache:http_server:2.0.42
  • Apache Software Foundation Apache HTTP Server 2.0.43
    cpe:2.3:a:apache:http_server:2.0.43
  • Apache Software Foundation Apache HTTP Server 2.0.44
    cpe:2.3:a:apache:http_server:2.0.44
  • Apache Software Foundation Apache HTTP Server 2.0.45
    cpe:2.3:a:apache:http_server:2.0.45
  • Apache Software Foundation Apache HTTP Server 2.0.46
    cpe:2.3:a:apache:http_server:2.0.46
  • Apache Software Foundation Apache HTTP Server 2.0.47
    cpe:2.3:a:apache:http_server:2.0.47
  • Apache Software Foundation Apache HTTP Server 2.0.48
    cpe:2.3:a:apache:http_server:2.0.48
  • Apache Software Foundation Apache HTTP Server 2.0.49
    cpe:2.3:a:apache:http_server:2.0.49
  • Apache Software Foundation Apache HTTP Server 2.0.50
    cpe:2.3:a:apache:http_server:2.0.50
  • Apache Software Foundation Apache HTTP Server 2.0.51
    cpe:2.3:a:apache:http_server:2.0.51
  • Apache Software Foundation Apache HTTP Server 2.0.52
    cpe:2.3:a:apache:http_server:2.0.52
  • Apache Software Foundation Apache HTTP Server 2.0.53
    cpe:2.3:a:apache:http_server:2.0.53
  • Apache Software Foundation Apache HTTP Server 2.0.54
    cpe:2.3:a:apache:http_server:2.0.54
  • Apache Software Foundation Apache HTTP Server 2.0.55
    cpe:2.3:a:apache:http_server:2.0.55
  • Apache Software Foundation Apache HTTP Server 2.0.56
    cpe:2.3:a:apache:http_server:2.0.56
  • Apache Software Foundation Apache HTTP Server 2.0.57
    cpe:2.3:a:apache:http_server:2.0.57
  • Apache Software Foundation Apache HTTP Server 2.0.58
    cpe:2.3:a:apache:http_server:2.0.58
  • Apache Software Foundation HTTP Server 2.0.59
    cpe:2.3:a:apache:http_server:2.0.59
  • Apache Software Foundation Apache HTTP Server 2.0.60 dev
    cpe:2.3:a:apache:http_server:2.0.60
  • Apache Software Foundation Apache HTTP Server 2.1
    cpe:2.3:a:apache:http_server:2.1
  • Apache Software Foundation Apache HTTP Server 2.1.1
    cpe:2.3:a:apache:http_server:2.1.1
  • Apache Software Foundation Apache HTTP Server 2.1.2
    cpe:2.3:a:apache:http_server:2.1.2
  • Apache Software Foundation Apache HTTP Server 2.1.3
    cpe:2.3:a:apache:http_server:2.1.3
  • Apache Software Foundation Apache HTTP Server 2.1.4
    cpe:2.3:a:apache:http_server:2.1.4
  • Apache Software Foundation Apache HTTP Server 2.1.5
    cpe:2.3:a:apache:http_server:2.1.5
  • Apache Software Foundation Apache HTTP Server 2.1.6
    cpe:2.3:a:apache:http_server:2.1.6
  • Apache Software Foundation Apache HTTP Server 2.1.7
    cpe:2.3:a:apache:http_server:2.1.7
  • Apache Software Foundation Apache HTTP Server 2.1.8
    cpe:2.3:a:apache:http_server:2.1.8
  • Apache Software Foundation Apache HTTP Server 2.1.9
    cpe:2.3:a:apache:http_server:2.1.9
  • Apache Software Foundation Apache HTTP Server 2.2
    cpe:2.3:a:apache:http_server:2.2
  • Apache Software Foundation Apache HTTP Server 2.2.0
    cpe:2.3:a:apache:http_server:2.2.0
  • Apache Software Foundation Apache HTTP Server 2.2.1
    cpe:2.3:a:apache:http_server:2.2.1
  • Apache Software Foundation Apache HTTP Server 2.2.2
    cpe:2.3:a:apache:http_server:2.2.2
  • Apache Software Foundation Apache HTTP Server 2.2.3
    cpe:2.3:a:apache:http_server:2.2.3
  • Apache Software Foundation Apache HTTP Server 2.2.4
    cpe:2.3:a:apache:http_server:2.2.4
  • Apache Software Foundation Apache HTTP Server 2.2.6
    cpe:2.3:a:apache:http_server:2.2.6
  • cpe:2.3:a:apache:http_server:2.2.7
    cpe:2.3:a:apache:http_server:2.2.7
  • Apache Software Foundation Apache HTTP Server 2.2.8
    cpe:2.3:a:apache:http_server:2.2.8
  • Apache Software Foundation Apache HTTP Server 2.2.9
    cpe:2.3:a:apache:http_server:2.2.9
  • Apache Software Foundation Apache HTTP Server 2.2.10
    cpe:2.3:a:apache:http_server:2.2.10
  • Apache Software Foundation Apache HTTP Server 2.2.11
    cpe:2.3:a:apache:http_server:2.2.11
  • Apache Software Foundation Apache HTTP Server 2.2.12
    cpe:2.3:a:apache:http_server:2.2.12
  • Apache Software Foundation Apache HTTP Server 2.2.13
    cpe:2.3:a:apache:http_server:2.2.13
  • cpe:2.3:a:apache:apr:0.9.7
    cpe:2.3:a:apache:apr:0.9.7
  • cpe:2.3:a:apache:apr:0.9.17
    cpe:2.3:a:apache:apr:0.9.17
  • cpe:2.3:a:apache:apr:0.9.18
    cpe:2.3:a:apache:apr:0.9.18
  • cpe:2.3:a:apache:apr:1.2.1
    cpe:2.3:a:apache:apr:1.2.1
  • cpe:2.3:a:apache:apr:1.3.8
    cpe:2.3:a:apache:apr:1.3.8
CVSS
Base: 5.0 (as of 13-10-2009 - 08:40)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Web Servers
    NASL id APACHE_2_2_14.NASL
    description According to its banner, the version of Apache 2.2.x running on the remote host is prior to 2.2.14. It is, therefore, potentially affected by multiple vulnerabilities : - Faulty error handling in the Solaris pollset support could lead to a denial of service. (CVE-2009-2699) - The 'mod_proxy_ftp' module allows remote attackers to bypass intended access restrictions. (CVE-2009-3095) - The 'ap_proxy_ftp_handler' function in 'modules/proxy/proxy_ftp.c' in the 'mod_proxy_ftp' module allows remote FTP servers to cause a denial of service. (CVE-2009-3094) Note that the remote web server may not actually be affected by these vulnerabilities as Nessus did not try to determine whether the affected modules are in use or check for the issues themselves.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 42052
    published 2009-10-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=42052
    title Apache 2.2.x < 2.2.14 Multiple Vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2017-2907-1.NASL
    description This update for apache2 fixes the following issues : - Allow disabling SNI on proxy connections using 'SetEnv proxy-disable-sni 1' in the configuration files. (bsc#1052830) - Allow ECDH again in mod_ssl, it had been incorrectly disabled with the 2.2.34 update. (bsc#1064561) Following security issue has been fixed : - CVE-2017-9798: A use-after-free in the OPTIONS command could be used by attackers to disclose memory of the apache server process, when htaccess uses incorrect Limit statement. (bsc#1058058) Additionally, references to the following security issues, fixed by the previous version-update of apache2 to Apache HTTPD 2.2.34 have been added : - CVE-2017-7668: The HTTP strict parsing introduced a bug in token list parsing, which allowed ap_find_token() to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may have be able to cause a segmentation fault, or to force ap_find_token() to return an incorrect value. (bsc#1045061) - CVE-2017-3169: mod_ssl may have de-referenced a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port allowing for DoS. (bsc#1045062) - CVE-2017-3167: Use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may have lead to authentication requirements being bypassed. (bsc#1045065) - CVE-2017-7679: mod_mime could have read one byte past the end of a buffer when sending a malicious Content-Type response header. (bsc#1045060) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-30
    plugin id 104270
    published 2017-10-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=104270
    title SUSE SLES11 Security Update : apache2 (SUSE-SU-2017:2907-1) (Optionsbleed)
refmap via4
bid 36596
confirm
hp
  • HPSBMU02753
  • SSRT100782
mandriva MDVSA-2013:150
sectrack 1022988
xf apache-solaris-pollset-dos(53666)
statements via4
  • contributor Mark Cox
    lastmodified 2010-01-21
    organization Apache
    statement Clarification 1: This issue only affects Solaris 10 and OpenSolaris. Other versions of Solaris and non-Solaris platforms are not affected. Clarification 2: This issue only affects 2.2.x versions of Apache HTTP Server, APR 1.1 through 1.3.8. APR 0.9.x is not affected.
  • contributor Joshua Bressers
    lastmodified 2010-02-23
    organization Red Hat
    statement This flaw does not affect the version of APR shipped in Red Hat Enterprise Linux. This flaw affected JBoss Enterprise Web Server running on the Solaris platform. Updated httpd packages are available for download from Customer Support Portal: https://support.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver&downloadType=securityPatches&version=1.0.0
Last major update 22-08-2016 - 21:59
Published 13-10-2009 - 06:30
Last modified 30-10-2018 - 12:25
Back to Top