JVN/CVE Demo: Nvdinfos

NVD

Id: 11965
Name: CVE-2010-0408
Description: The ap_proxy_ajp_request function in mod_proxy_ajp.c in mod_proxy_ajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial of service (backend server outage) via a crafted request, related to use of a 500 error code instead of the appropriate 400 error code.
Reject
CVSS Version: 2
CVSS Score: 5
Severity: Medium
CVSS Base Score: 5
CVSS Impact Subscore: 2.9
CVSS Exploit Subscore: 10
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Pub Date: 2017-01-18
Published: 2010-03-05
Modified Date: 2016-08-22
Seq: 2010-0408

Actions

Related NVD References

Id	NVD Id	NVD No.	Reference	Actions
65857	11965	CVE-2010-0408	http://httpd.apache.org/security/vulnerabilities_22.html	View
65858	11965	CVE-2010-0408	APPLE-SA-2010-11-10-1	View
65859	11965	CVE-2010-0408	FEDORA-2010-5942	View
65860	11965	CVE-2010-0408	FEDORA-2010-6131	View
65861	11965	CVE-2010-0408	SUSE-SR:2010:010	View
65862	11965	CVE-2010-0408	SSRT100108	View
65863	11965	CVE-2010-0408	oval:org.mitre.oval:def:8619	View
65864	11965	CVE-2010-0408	oval:org.mitre.oval:def:9935	View
65865	11965	CVE-2010-0408	http://support.apple.com/kb/HT4435	View
65866	11965	CVE-2010-0408	http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_ajp.c?r1=917876&r2=917875&pathrev=917876	View
65867	11965	CVE-2010-0408	http://svn.apache.org/viewvc?view=revision&revision=917876	View
65868	11965	CVE-2010-0408	PM08939	View
65869	11965	CVE-2010-0408	PM12247	View
65870	11965	CVE-2010-0408	PM15829	View
65871	11965	CVE-2010-0408	DSA-2035	View
65872	11965	CVE-2010-0408	MDVSA-2010:053	View
65873	11965	CVE-2010-0408	MDVSA-2013:150	View
65874	11965	CVE-2010-0408	http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html	View
65875	11965	CVE-2010-0408	RHSA-2010:0168	View
65876	11965	CVE-2010-0408	38491	View
65877	11965	CVE-2010-0408	ADV-2010-0911	View
65878	11965	CVE-2010-0408	ADV-2010-0994	View
65879	11965	CVE-2010-0408	ADV-2010-1001	View
65880	11965	CVE-2010-0408	ADV-2010-1057	View
65881	11965	CVE-2010-0408	ADV-2010-1411	View
65882	11965	CVE-2010-0408	https://bugzilla.redhat.com/show_bug.cgi?id=569905	View

Related JVN

Id	Name	Title	Summary	Cveinfo Name	Cveinfo Id	Nvdinfo Name	Nvdinfo Id	Cvssv2	Cvssv3	Jvnurl	Published Date	Last Updated Date	Actions
35393	JVNDB-2010-001173	Apache HTTP Server の ap_proxy_ajp_request 関数におけるサービス運用妨害 (DoS) の脆弱性	Apache HTTP Server の mod_proxy_ajp.c の ap_proxy_ajp_request 関数には、リクエストボディが存在しない HTTP リクエストの取り扱いに不備が存在するため、サービス運用妨害 (DoS) 状態となる脆弱性が存在します。	CVE-2010-0408	42988	CVE-2010-0408	11965	5		http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001173.html	2010-03-05	2013-04-19	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.31 MB
View render complete	15.11 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	2.68
Event: Controller.initialize	0.02
Event: Controller.startup	0.06
Controller action	303.03
Event: Controller.beforeRender	4.09
» Processing toolbar data	4.01
Rendering View	578.20
» Event: View.beforeRender	0.02
» Rendering APP/View/Nvdinfos/view.ctp	568.97
» Event: View.afterRender	0.03
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	7.44
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	3.51
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/nvdinfos/view/11965
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/nvdinfos/view/11965
Remote Port	18264
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.148
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.1.78.197
Http Via	1.1 squid-proxy-5b5d847c96-v2jzj (squid/6.10)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	216.73.216.148
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.148
Unique Id	aFj1Aa7SzfGqosiQx7iF3QAAAMc
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	216.73.216.148
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.148
Redirect Unique Id	aFj1Aa7SzfGqosiQx7iF3QAAAMc
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	216.73.216.148
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.148
Redirect Redirect Unique Id	aFj1Aa7SzfGqosiQx7iF3QAAAMc
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1750660353.8947
Request Time	1750660353

NVD

Actions

Related NVD References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files