Search for packages
| purl | pkg:rpm/redhat/httpd@2.0.46-77?arch=ent |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-6d43-sjqw-tbbp
Aliases: CVE-2009-3095 |
A flaw was found in the mod_proxy_ftp module. In a reverse proxy configuration, a remote attacker could use this flaw to bypass intended access restrictions by creating a carefully-crafted HTTP Authorization header, allowing the attacker to send arbitrary commands to the FTP server. | There are no reported fixed by versions. |
|
VCID-jau7-gfz8-dkfa
Aliases: CVE-2009-3555 GHSA-f7w7-6pjc-wwm6 VU#120541 |
The renegotiation vulnerability in SSL protocol | There are no reported fixed by versions. |
|
VCID-zkbr-1m2z-ufe7
Aliases: CVE-2009-3094 |
A NULL pointer dereference flaw was found in the mod_proxy_ftp module. A malicious FTP server to which requests are being proxied could use this flaw to crash an httpd child process via a malformed reply to the EPSV or PASV commands, resulting in a limited denial of service. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T14:57:55.336246+00:00 | RedHat Importer | Affected by | VCID-zkbr-1m2z-ufe7 | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3094.json | 38.0.0 |
| 2026-04-01T14:57:54.976581+00:00 | RedHat Importer | Affected by | VCID-6d43-sjqw-tbbp | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3095.json | 38.0.0 |
| 2026-04-01T14:57:35.300361+00:00 | RedHat Importer | Affected by | VCID-jau7-gfz8-dkfa | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3555.json | 38.0.0 |