Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-3094

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2009-3094
Last Modified 24 Jun 2011 12:00:00
Published 08 Sep 2009 02:30:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2009-3094

Summary

The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command.

Vulnerable Systems

Application

  • Apache Http Server 2.0.63

  • Apache Http Server 2.2.13


References

FEDORA - FEDORA-2009-12606

FEDORA - FEDORA-2009-12604

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=521619

VUPEN - ADV-2010-0609

BUGTRAQ - 20091124 rPSA-2009-0155-1 httpd mod_ssl

MISC - http://www.intevydis.com/blog/?p=59

DEBIAN - DSA-1934

AIXAPAR - PM09161

AIXAPAR - PK96858

CONFIRM - http://wiki.rpath.com/Advisories:rPSA-2009-0155

SECUNIA - 37152

SECUNIA - 36549

SUSE - SUSE-SA:2009:050

MISC - http://intevydis.com/vd-list.shtml


Last Updated: 27 May 2016 10:51:08