Executive Summary

Informations
NameCVE-2009-2299First vendor Publication2009-07-02
VendorCveLast vendor Modification2018-10-10

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score5Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

The Artofdefence Hyperguard Web Application Firewall (WAF) module before 2.5.5-11635, 3.0 before 3.0.3-11636, and 3.1 before 3.1.1-11637, a module for the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via an HTTP request with a large Content-Length value but no POST data.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2299

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-2Inducing Account Lockout
CAPEC-47Buffer Overflow via Parameter Expansion
CAPEC-82Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Servi...
CAPEC-147XML Ping of Death
CAPEC-228Resource Depletion through DTD Injection in a SOAP Message

CWE : Common Weakness Enumeration

%idName
100 %CWE-20Improper Input Validation

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1
Application4

Open Source Vulnerability Database (OSVDB)

idDescription
55506Hyperguard Web Application Firewall (WAF) HTTP Content-Length Header Request DoS

Sources (Detail)

SourceUrl
BUGTRAQ http://www.securityfocus.com/archive/1/504680/100/0/threaded
MISC http://www.h4ck1nb3rg.at/wafs/advisory_artofdefence_hyperguard_200907.txt

Alert History

If you want to see full details history, please login or register.
0
1
2
3
DateInformations
2018-10-11 00:19:38
  • Multiple Updates
2016-06-28 17:45:00
  • Multiple Updates
2016-04-26 18:56:29
  • Multiple Updates
2013-05-10 23:53:20
  • Multiple Updates