Oval Definition:oval:org.mitre.oval:def:7600
Revision Date:2014-06-23Version:19
Title:DSA-1834 apache2 -- denial of service
Description:A denial of service flaw was found in the Apache mod_proxy module when it was used as a reverse proxy. A remote attacker could use this flaw to force a proxy process to consume large amounts of CPU time. This issue did not affect Debian 4.0 "etch". A denial of service flaw was found in the Apache mod_deflate module. This module continued to compress large files until compression was complete, even if the network connection that requested the content was closed before compression completed. This would cause mod_deflate to consume large amounts of CPU if mod_deflate was enabled for a large file. A similar flaw related to HEAD requests for compressed content was also fixed. The oldstable distribution (etch), these problems have been fixed in version 2.2.3-4+etch9.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2009-1890
CVE-2009-1891
DSA-1834
Platform(s):Debian GNU/Linux 4.0
Debian GNU/Linux 5.0
Product(s):apache2
Definition Synopsis
  • Release section
  • Debian GNU/Linux 5.0 is installed
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • apache2-src is earlier than 2.2.9-10+lenny4
  • OR apache2-doc is earlier than 2.2.9-10+lenny4
  • OR apache2 is earlier than 2.2.9-10+lenny4
  • OR Architecture dependent section
  • Supported architectures section
  • Installed architecture is s390
  • OR Installed architecture is amd64
  • OR Installed architecture is sparc
  • OR Installed architecture is arm
  • OR Installed architecture is i386
  • OR Installed architecture is armel
  • OR Installed architecture is mips
  • OR Installed architecture is ia64
  • OR Installed architecture is alpha
  • OR Installed architecture is powerpc
  • OR Installed architecture is hppa
  • AND Packages section
  • apache2-threaded-dev is earlier than 2.2.9-10+lenny4
  • OR apache2-utils is earlier than 2.2.9-10+lenny4
  • OR apache2-mpm-worker is earlier than 2.2.9-10+lenny4
  • OR apache2.2-common is earlier than 2.2.9-10+lenny4
  • OR apache2-suexec-custom is earlier than 2.2.9-10+lenny4
  • OR apache2-suexec is earlier than 2.2.9-10+lenny4
  • OR apache2-mpm-prefork is earlier than 2.2.9-10+lenny4
  • OR apache2-dbg is earlier than 2.2.9-10+lenny4
  • OR apache2-mpm-event is earlier than 2.2.9-10+lenny4
  • OR apache2-prefork-dev is earlier than 2.2.9-10+lenny4
  • OR apache2-mpm-itk is earlier than 2.2.6-02-1+lenny2
  • OR Release section
  • Debian GNU/Linux 4.0 is installed.
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • apache2-mpm-perchild is earlier than 2.2.3-4+etch9
  • OR apache2-src is earlier than 2.2.3-4+etch9
  • OR apache2-doc is earlier than 2.2.3-4+etch9
  • OR apache2 is earlier than 2.2.3-4+etch9
  • OR Architecture dependent section
  • Supported architectures section
  • Installed architecture is amd64
  • OR Installed architecture is sparc
  • OR Installed architecture is arm
  • OR Installed architecture is i386
  • OR Installed architecture is mips
  • OR Installed architecture is ia64
  • OR Installed architecture is alpha
  • OR Installed architecture is powerpc
  • OR Installed architecture is hppa
  • AND Packages section
  • apache2-mpm-itk is earlier than 2.2.3-01-2+etch3
  • OR apache2-utils is earlier than 2.2.3-4+etch9
  • OR apache2-mpm-worker is earlier than 2.2.3-4+etch9
  • OR apache2.2-common is earlier than 2.2.3-4+etch9
  • OR apache2-threaded-dev is earlier than 2.2.3-4+etch9
  • OR apache2-mpm-event is earlier than 2.2.3-4+etch9
  • OR apache2-mpm-prefork is earlier than 2.2.3-4+etch9
  • OR apache2-prefork-dev is earlier than 2.2.3-4+etch9
    • BACK