Developers Documentation



301 error for file:

User Tools

Site Tools

CVE 2010-0425

'modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISAPI .dll module, which allows remote attackers to execute arbitrary code via unspecified vectors related to a crafted request, a reset packet, and “orphaned callback pointers.”'

ClearCenter response

Short response

ClearOS is not affected by this Apache for Windows only CVE.

Long response

Reports that ClearOS are affected by this vulnerability are grossly inaccurate and represent an inability for the audit system to properly distinguish Apache running on Windows from Apache running on Linux. This ISAPI dll is a library for Windows and simply do not exist on Linux version of Apache in any form.

content/en_us/announcements_cve_cve-2010-0425.txt · Last modified: 2014/12/22 11:06 by dloper