CVE-2009-2699
HIGHApache HTTP Server 2.2.0-2.2.13 DoS via Solaris Pollset Error Handling
Title source: llmDescription
The Solaris pollset feature in the Event Port backend in poll/unix/port.c in the Apache Portable Runtime (APR) library before 1.3.9, as used in the Apache HTTP Server before 2.2.14 and other products, does not properly handle errors, which allows remote attackers to cause a denial of service (daemon hang) via unspecified HTTP requests, related to the prefork and event MPMs.
References (20)
Core 20
Core References
Broken Link, Vendor Advisory x_refsource_confirm
http://www.apache.org/dist/httpd/CHANGES_2.2.14
Broken Link, Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1022988
Issue Tracking, Mailing List, Third Party Advisory vendor-advisory
x_refsource_hp
http://marc.info/?l=bugtraq&m=133355494609819&w=2
Patch, Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/36596
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/53666
Issue Tracking, Vendor Advisory x_refsource_confirm
https://issues.apache.org/bugzilla/show_bug.cgi?id=47645
Third Party Advisory x_refsource_confirm
http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html
Broken Link vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
Mailing List, Patch mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
Mailing List, Patch mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
Mailing List, Patch mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
Mailing List, Patch mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
Mailing List, Patch mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
Mailing List, Patch mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E
Mailing List, Patch mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
Mailing List, Patch mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E
Mailing List, Patch mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E
Mailing List, Patch mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
Mailing List, Patch mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
Mailing List, Patch mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
Scores
CVSS v3
7.5
EPSS
0.1417
EPSS Percentile
96.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-667
Status
published
Products (2)
apache/http_server
2.2.0 - 2.2.14
apache/portable_runtime
< 1.3.9
Published
Oct 13, 2009
Tracked Since
Feb 18, 2026