CVE 2010-1452
The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service (process crash) via a request that lacks a path.
Related bugs and status
CVE-2010-1452 (Candidate) is related to these bugs:
Bug #589611: [SRU] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 589611 | [SRU] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) | apache2 (Ubuntu) | High | Fix Released | ||
| 589611 | [SRU] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) | apache2 (Ubuntu Lucid) | High | Fix Released | ||
Bug #595116: ssl "error reading the headers"
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 595116 | ssl "error reading the headers" | apache2 (Ubuntu) | Medium | Fix Released | ||
| 595116 | ssl "error reading the headers" | apache2 (Ubuntu Lucid) | Undecided | Fix Released | ||
Bug #609290: overlapping memcpy in ssl_io_input_read
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 609290 | overlapping memcpy in ssl_io_input_read | apache2 (Ubuntu) | High | Fix Released | ||
| 609290 | overlapping memcpy in ssl_io_input_read | apache2 (Ubuntu Lucid) | High | Fix Released | ||
| 609290 | overlapping memcpy in ssl_io_input_read | apache2 (Ubuntu Maverick) | High | Fix Released | ||
| 609290 | overlapping memcpy in ssl_io_input_read | Apache2 Web Server | Medium | Fix Released | ||
Bug #827662: PCI Security failure Apache 2.2.14
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 827662 | PCI Security failure Apache 2.2.14 | apache2 (Ubuntu) | Undecided | Invalid | ||
See the 
CVE page on Mitre.org
for more details.
