Download
| Alert*
oval:org.secpod.oval:def:301012
It was discovered that the apr_fnmatch function used an unconstrained recursion when processing patterns with the '*' wildcard. An attacker could use this flaw to cause an application using this function, which also accepted untrusted input as a pattern for matching , to exhaust al ... oval:org.secpod.oval:def:3129 The host is installed with Apache HTTP Server before 2.2.18 and is prone to a stack consumption vulnerability. A flaw is present in the application, which fails to handle *? sequences in the first argument. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:600527 A flaw was found in the APR library, which could be exploited through Apache HTTPD"s mod_autoindex. If a directory indexed by mod_autoindex contained files with sufficiently long names, a remote attacker could send a carefully crafted request which would cause excessive CPU usage. This could be used ... oval:org.secpod.oval:def:600529 The recent APR update DSA-2237-1 introduced a regression that could lead to an endless loop in the apr_fnmatch function, causing a denial of service. This update fixes this problem . For reference, the description of the original DSA, which fixed CVE-2011-0419: A flaw was found in the APR library, w ... oval:org.secpod.oval:def:500004 The Apache Portable Runtime is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines. It was discovered that the apr_fnmatch function used an unconstrained recursion when processing patterns with the "*" wildcard. An at ... oval:org.secpod.oval:def:201576 The Apache Portable Runtime is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines. It was discovered that the apr_fnmatch function used an unconstrained recursion when processing patterns with the "*" wildcard. An at ... oval:org.secpod.oval:def:200642 The Apache Portable Runtime is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines. The fix for CVE-2011-0419 introduced an infinite loop flaw in the apr_fnmatch function when the APR_FNM_PATHNAME matching flag was u ... oval:org.secpod.oval:def:200562 The Apache Portable Runtime is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines. It was discovered that the apr_fnmatch function used an unconstrained recursion when processing patterns with the "*" wildcard. An at ... oval:org.secpod.oval:def:201640 The Apache Portable Runtime is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines. It was discovered that the apr_fnmatch function used an unconstrained recursion when processing patterns with the "*" wildcard. An at ... oval:org.secpod.oval:def:102689 The mission of the Apache Portable Runtime is to provide a free library of C data structures and routines, forming a system portability layer to as many operating systems as possible, including Unices, MS Win32, BeOS and OS/2. oval:org.secpod.oval:def:700510 apr: The Apache Portable Runtime Library - apache2: a scalable, extensible web server A denial of service issue exists that affects the Apache web server. oval:org.secpod.oval:def:201569 The Apache Portable Runtime is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines. It was discovered that the apr_fnmatch function used an unconstrained recursion when processing patterns with the "*" wildcard. An at ... oval:org.secpod.oval:def:102686 The mission of the Apache Portable Runtime is to provide a free library of C data structures and routines, forming a system portability layer to as many operating systems as possible, including Unices, MS Win32, BeOS and OS/2. oval:org.secpod.oval:def:201603 The Apache Portable Runtime is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines. The fix for CVE-2011-0419 introduced an infinite loop flaw in the apr_fnmatch function when the APR_FNM_PATHNAME matching flag was u ... oval:org.secpod.oval:def:1503478 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:200643 The Apache Portable Runtime is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines. The fix for CVE-2011-0419 introduced an infinite loop flaw in the apr_fnmatch function when the APR_FNM_PATHNAME matching flag was u ... oval:org.secpod.oval:def:201656 The Apache Portable Runtime is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines. The fix for CVE-2011-0419 introduced an infinite loop flaw in the apr_fnmatch function when the APR_FNM_PATHNAME matching flag was u ... oval:org.secpod.oval:def:103375 The mission of the Apache Portable Runtime is to provide a free library of C data structures and routines, forming a system portability layer to as many operating systems as possible, including Unices, MS Win32, BeOS and OS/2. oval:org.secpod.oval:def:102892 The mission of the Apache Portable Runtime is to provide a free library of C data structures and routines, forming a system portability layer to as many operating systems as possible, including Unices, MS Win32, BeOS and OS/2. |