CVE-2007-6750
Publication date 27 December 2011
Last updated 24 July 2024
Ubuntu priority
The Apache HTTP Server 1.x and 2.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris, related to the lack of the mod_reqtimeout module in versions before 2.2.15.
Status
Package | Ubuntu Release | Status |
---|---|---|
apache2 | ||
Notes
mdeslaur
1005669 commit fixes CVE-2010-1623 hardy users who want to protect against Slowloris are recommended to update to lucid or higher. Adding a new module turned on by default to hardy's apache2 is too intrusive.
Patch details
Package | Patch details |
---|---|
apache2 |