CVE-2009-3094
published 2009-09-08CVE-2009-3094: The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP…
low2.6CVSS 3.1
AVNACHAuNCNINAP
The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | http_server | >= 2.0.35 < 2.0.64 | 2.0.64 |
| apache | http_server | >= 2.2.0 < 2.2.14 | 2.2.14 |
| debian | apache2 | < apache2 2.2.13-2 (bookworm) | apache2 2.2.13-2 (bookworm) |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
CVSS provenance
nvd2.6LOWAV:N/AC:H/Au:N/C:N/I:N/A:P
osv2.6LOW