Vulnerability in Apache Http_server
CVE-2012-0031
scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard s…
EPSS: 0.010 (77.8th percentile) — read the EPSS interpretation.
Affected products
- Apache Http_server
- Debian Debian_linux — versions 5.0, 6.0, 7.0
- Opensuse — versions 11.4
- Redhat Enterprise_linux — versions 5.0, 6.0
- Redhat Enterprise_linux_desktop — versions 6.0
- Redhat Enterprise_linux_eus — versions 6.2
- Redhat Enterprise_linux_server — versions 6.0
- Redhat Enterprise_linux_server_aus — versions 6.2
- Redhat Enterprise_linux_workstation — versions 6.0
- Redhat Jboss_enterprise_web_server — versions 1.0.0
Public proof-of-concept exploits
References
- 47410 (x_refsource_SECUNIA, Not Applicable, third-party-advisory, Vendor Advisory)
- HPSBMU02786 (x_refsource_HP, vendor-advisory, Broken Link)
- SSRT100966 (x_refsource_HP, vendor-advisory, Mailing List, Third Party Advisory, Issue Tracking)
- MDVSA-2012:012 (vendor-advisory, x_refsource_MANDRIVA, Broken Link)
- RHSA-2012:0543 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
- secalert@redhat.com (x_refsource_CONFIRM, Vendor Advisory)
- 51407 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)
- SSRT100772 (x_refsource_HP, vendor-advisory, Mailing List, Third Party Advisory, Issue Tracking)
- RHSA-2012:0128 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
- RHSA-2012:0542 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
Frequently asked questions
- What is CVE-2012-0031?
- CVE-2012-0031 is a vulnerability in Apache Http_server. Published 2012-01-18.
- Is CVE-2012-0031 known to be exploited?
- 24 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.