Description

The Solaris pollset feature in the Event Port backend in poll/unix/port.c in the Apache Portable Runtime (APR) library before 1.3.9, as used in the Apache HTTP Server before 2.2.14 and other products, does not properly handle errors, which allows remote attackers to cause a denial of service (daemon hang) via unspecified HTTP requests, related to the prefork and event MPMs.

Remediation

References

CVE-2009-2699

Related Vulnerabilities

Oracle Database Server CVE-2006-1877 Vulnerability (CVE-2006-1877)

Java Unspesificed Vulnerability (CVE-2019-2684)

WordPress Plugin WP DS FAQ 'ajax.php' SQL Injection (1.3.2)

WordPress Plugin Link Library SQL Injection (5.9.13.26)

Atlassian Confluence Improper Control of Dynamically-Managed Code Resources Vulnerability (CVE-2019-15006)

Severity

Medium

Classification

CVE-2009-2699

Tags

Missing Update Known Vulnerabilities