Search...

SuSE 11 Security Update : libapr-util1 (SAT Patch Number 969)

2009-09-24T00:00:00

ID SUSE_11_LIBAPR-UTIL1-090608.NASL
Type nessus
Reporter Tenable
Modified 2016-12-21T00:00:00

Description

This update of libapr-util1 fixes a memory consumption bug in the XML parser that can cause a remote denial-of-service vulnerability in applications using APR (WebDAV for example) (CVE-2009-1955). Additionally a one byte buffer overflow in function apr_brigade_vprintf() (CVE-2009-1956) and buffer underflow in function apr_strmatch_precompile() (CVE-2009-0023) was fixed too. Depending on the application using this function it can lead to remote denial of service or information leakage.

                                        
                                            #
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from SuSE 11 update information. The text itself is
# copyright (C) Novell, Inc.
#

include("compat.inc");

if (description)
{
  script_id(41418);
  script_version("$Revision: 1.12 $");
  script_cvs_date("$Date: 2016/12/21 20:21:20 $");

  script_cve_id("CVE-2009-0023", "CVE-2009-1955", "CVE-2009-1956");

  script_name(english:"SuSE 11 Security Update : libapr-util1 (SAT Patch Number 969)");
  script_summary(english:"Checks rpm output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SuSE 11 host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This update of libapr-util1 fixes a memory consumption bug in the XML
parser that can cause a remote denial-of-service vulnerability in
applications using APR (WebDAV for example) (CVE-2009-1955).
Additionally a one byte buffer overflow in function
apr_brigade_vprintf() (CVE-2009-1956) and buffer underflow in function
apr_strmatch_precompile() (CVE-2009-0023) was fixed too. Depending on
the application using this function it can lead to remote denial of
service or information leakage."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=509825"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2009-0023.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2009-1955.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2009-1956.html"
  );
  script_set_attribute(attribute:"solution", value:"Apply SAT patch number 969.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_cwe_id(119, 189, 399);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libapr-util1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");

  script_set_attribute(attribute:"patch_publication_date", value:"2009/06/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/09/24");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" &gt;!&lt; cpu && "s390x" &gt;!&lt; cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);

pl = get_kb_item("Host/SuSE/patchlevel");
if (pl) audit(AUDIT_OS_NOT, "SuSE 11.0");


flag = 0;
if (rpm_check(release:"SLES11", sp:0, reference:"libapr-util1-1.3.4-12.19.1")) flag++;


if (flag)
{
  if (report_verbosity &gt; 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

JSON Vulners Source

Initial Source

{"id": "SUSE_11_LIBAPR-UTIL1-090608.NASL", "bulletinFamily": "scanner", "title": "SuSE 11 Security Update : libapr-util1 (SAT Patch Number 969)", "description": "This update of libapr-util1 fixes a memory consumption bug in the XML parser that can cause a remote denial-of-service vulnerability in applications using APR (WebDAV for example) (CVE-2009-1955).\nAdditionally a one byte buffer overflow in function apr_brigade_vprintf() (CVE-2009-1956) and buffer underflow in function apr_strmatch_precompile() (CVE-2009-0023) was fixed too. Depending on the application using this function it can lead to remote denial of service or information leakage.", "published": "2009-09-24T00:00:00", "modified": "2016-12-21T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=41418", "reporter": "Tenable", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=509825", "http://support.novell.com/security/cve/CVE-2009-1956.html", "http://support.novell.com/security/cve/CVE-2009-0023.html", "http://support.novell.com/security/cve/CVE-2009-1955.html"], "cvelist": ["CVE-2009-1955", "CVE-2009-0023", "CVE-2009-1956"], "type": "nessus", "lastseen": "2019-02-21T01:12:28", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:libapr-util1"], "cvelist": ["CVE-2009-1955", "CVE-2009-0023", "CVE-2009-1956"], "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "This update of libapr-util1 fixes a memory consumption bug in the XML parser that can cause a remote denial-of-service vulnerability in applications using APR (WebDAV for example) (CVE-2009-1955).\nAdditionally a one byte buffer overflow in function apr_brigade_vprintf() (CVE-2009-1956) and buffer underflow in function apr_strmatch_precompile() (CVE-2009-0023) was fixed too. Depending on the application using this function it can lead to remote denial of service or information leakage.", "edition": 5, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "02dc3e9f735b6f8d46a894ab0975818b22508046f81e31f1b7e3b1e6d588fb00", "hashmap": [{"hash": "2d3fc9abb524147e148f844f109393b5", "key": "description"}, {"hash": "0101a6301ed129e8588196cd6970ce79", "key": "cpe"}, {"hash": "ed3111898fb94205e2b64cefef5a2081", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "40965efa19c345bfd62e38846d71eb85", "key": "pluginID"}, {"hash": "b475293a4418cb25a5f10722aad2ac41", "key": "href"}, {"hash": "05c83758928f783d67322170ce87426c", "key": "sourceData"}, {"hash": "91b2666bddf4104c5cd8fc4efe8f16e1", "key": "title"}, {"hash": "1a10d207b078615e5d73b42ad95e744d", "key": "references"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "9103caba17ff4b94c0d70169d67a2313", "key": "cvelist"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "8fd3c0d10643d313d61153df455e9f87", "key": "modified"}, {"hash": "08c17de6abaee62f9e42260622b62554", "key": "published"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=41418", "id": "SUSE_11_LIBAPR-UTIL1-090608.NASL", "lastseen": "2018-09-01T23:35:57", "modified": "2016-12-21T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.3", "pluginID": "41418", "published": "2009-09-24T00:00:00", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=509825", "http://support.novell.com/security/cve/CVE-2009-1956.html", "http://support.novell.com/security/cve/CVE-2009-0023.html", "http://support.novell.com/security/cve/CVE-2009-1955.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(41418);\n script_version(\"$Revision: 1.12 $\");\n script_cvs_date(\"$Date: 2016/12/21 20:21:20 $\");\n\n script_cve_id(\"CVE-2009-0023\", \"CVE-2009-1955\", \"CVE-2009-1956\");\n\n script_name(english:\"SuSE 11 Security Update : libapr-util1 (SAT Patch Number 969)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of libapr-util1 fixes a memory consumption bug in the XML\nparser that can cause a remote denial-of-service vulnerability in\napplications using APR (WebDAV for example) (CVE-2009-1955).\nAdditionally a one byte buffer overflow in function\napr_brigade_vprintf() (CVE-2009-1956) and buffer underflow in function\napr_strmatch_precompile() (CVE-2009-0023) was fixed too. Depending on\nthe application using this function it can lead to remote denial of\nservice or information leakage.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=509825\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0023.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1955.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1956.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 969.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libapr-util1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"libapr-util1-1.3.4-12.19.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "SuSE 11 Security Update : libapr-util1 (SAT Patch Number 969)", "type": "nessus", "viewCount": 3}, "differentElements": ["description"], "edition": 5, "lastseen": "2018-09-01T23:35:57"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:libapr-util1"], "cvelist": ["CVE-2009-1955", "CVE-2009-0023", "CVE-2009-1956"], "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "This update of libapr-util1 fixes a memory consumption bug in the XML\nparser that can cause a remote denial-of-service vulnerability in\napplications using APR (WebDAV for example) (CVE-2009-1955).\nAdditionally a one byte buffer overflow in function\napr_brigade_vprintf() (CVE-2009-1956) and buffer underflow in function\napr_strmatch_precompile() (CVE-2009-0023) was fixed too. Depending on\nthe application using this function it can lead to remote denial of\nservice or information leakage.", "edition": 6, "enchantments": {"dependencies": {"modified": "2019-01-16T20:09:52", "references": [{"idList": ["CVE-2009-1955", "CVE-2009-0023", "CVE-2009-1956"], "type": "cve"}, {"idList": ["HTTPD:624F5487666F9D8F639D9C3A3BD39864", "HTTPD:1C2FBBF56925162ED41A62B394B7E0BD", "HTTPD:267D87D7598A6B9AF1BDE6F51188D387"], "type": "httpd"}, {"idList": ["OPENVAS:880692", "OPENVAS:65691", "OPENVAS:64215", "OPENVAS:64272", "OPENVAS:136141256231064215", "OPENVAS:136141256231065691", "OPENVAS:136141256231064295", "OPENVAS:136141256231064214", "OPENVAS:64295", "OPENVAS:1361412562310880692"], "type": "openvas"}, {"idList": ["RHSA-2009:1107", "RHSA-2009:1108"], "type": "redhat"}, {"idList": ["EB9212F7-526B-11DE-BBF2-001B77D09812", "E15F2356-9139-11DE-8F42-001AA0166822"], "type": "freebsd"}, {"idList": ["DEBIAN:DSA-1812-1:7EC83"], "type": "debian"}, {"idList": ["SSV:11558", "SSV:11568", "SSV:11569"], "type": "seebug"}, {"idList": ["SUSE_LIBAPR-UTIL1-6289.NASL", "GENTOO_GLSA-200907-03.NASL", "CENTOS_RHSA-2009-1107.NASL", "SUSE_11_1_LIBAPR-UTIL1-090608.NASL", "SL_20090616_APR_UTIL_ON_SL4_X.NASL", "ORACLELINUX_ELSA-2009-1107.NASL", "REDHAT-RHSA-2009-1107.NASL", "ORACLELINUX_ELSA-2009-1108.NASL", "CENTOS_RHSA-2009-1108.NASL", "REDHAT-RHSA-2009-1108.NASL"], "type": "nessus"}, {"idList": ["SSA-2009-214-01", "SSA-2009-167-02"], "type": "slackware"}, {"idList": ["ELSA-2009-1108", "ELSA-2009-1107"], "type": "oraclelinux"}, {"idList": ["GLSA-200907-03"], "type": "gentoo"}, {"idList": ["SECURITYVULNS:VULN:9954", "SECURITYVULNS:DOC:21953"], "type": "securityvulns"}, {"idList": ["USN-787-1", "USN-786-1"], "type": "ubuntu"}, {"idList": ["CESA-2009:1108", "CESA-2009:1107"], "type": "centos"}]}, "score": {"value": 5.0, "vector": "NONE"}}, "hash": "ff040bac618ee5ea661bda16c49feaf033f4e338ca166da9dea0433abc784361", "hashmap": [{"hash": "0101a6301ed129e8588196cd6970ce79", "key": "cpe"}, {"hash": "ed3111898fb94205e2b64cefef5a2081", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "40965efa19c345bfd62e38846d71eb85", "key": "pluginID"}, {"hash": "b475293a4418cb25a5f10722aad2ac41", "key": "href"}, {"hash": "05c83758928f783d67322170ce87426c", "key": "sourceData"}, {"hash": "91b2666bddf4104c5cd8fc4efe8f16e1", "key": "title"}, {"hash": "1a10d207b078615e5d73b42ad95e744d", "key": "references"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "9103caba17ff4b94c0d70169d67a2313", "key": "cvelist"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "8fd3c0d10643d313d61153df455e9f87", "key": "modified"}, {"hash": "08c17de6abaee62f9e42260622b62554", "key": "published"}, {"hash": "2f77c7f69776e0243de6d663475afc85", "key": "description"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=41418", "id": "SUSE_11_LIBAPR-UTIL1-090608.NASL", "lastseen": "2019-01-16T20:09:52", "modified": "2016-12-21T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.3", "pluginID": "41418", "published": "2009-09-24T00:00:00", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=509825", "http://support.novell.com/security/cve/CVE-2009-1956.html", "http://support.novell.com/security/cve/CVE-2009-0023.html", "http://support.novell.com/security/cve/CVE-2009-1955.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(41418);\n script_version(\"$Revision: 1.12 $\");\n script_cvs_date(\"$Date: 2016/12/21 20:21:20 $\");\n\n script_cve_id(\"CVE-2009-0023\", \"CVE-2009-1955\", \"CVE-2009-1956\");\n\n script_name(english:\"SuSE 11 Security Update : libapr-util1 (SAT Patch Number 969)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of libapr-util1 fixes a memory consumption bug in the XML\nparser that can cause a remote denial-of-service vulnerability in\napplications using APR (WebDAV for example) (CVE-2009-1955).\nAdditionally a one byte buffer overflow in function\napr_brigade_vprintf() (CVE-2009-1956) and buffer underflow in function\napr_strmatch_precompile() (CVE-2009-0023) was fixed too. Depending on\nthe application using this function it can lead to remote denial of\nservice or information leakage.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=509825\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0023.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1955.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1956.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 969.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libapr-util1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"libapr-util1-1.3.4-12.19.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "SuSE 11 Security Update : libapr-util1 (SAT Patch Number 969)", "type": "nessus", "viewCount": 3}, "differentElements": ["description"], "edition": 6, "lastseen": "2019-01-16T20:09:52"}, {"bulletin": {"bulletinFamily": "exploit", "cvelist": ["CVE-2009-1955", "CVE-2009-0023", "CVE-2009-1956"], "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "This update of libapr-util1 fixes a memory consumption bug in the XML parser that can cause a remote denial-of-service vulnerability in applications using APR (WebDAV for example) (CVE-2009-1955).\nAdditionally a one byte buffer overflow in function apr_brigade_vprintf() (CVE-2009-1956) and buffer underflow in function apr_strmatch_precompile() (CVE-2009-0023) was fixed too. Depending on the application using this function it can lead to remote denial of service or information leakage.", "edition": 1, "hash": "bb25f1b784c4f290d88d0800466e542a18696bf57f6181a59de22516051839f1", "hashmap": [{"hash": "2d3fc9abb524147e148f844f109393b5", "key": "description"}, {"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "ed3111898fb94205e2b64cefef5a2081", "key": "cvss"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "40965efa19c345bfd62e38846d71eb85", "key": "pluginID"}, {"hash": "b475293a4418cb25a5f10722aad2ac41", "key": "href"}, {"hash": "7ffda9669264dbb8d98fe2f4177b79f6", "key": "modified"}, {"hash": "91b2666bddf4104c5cd8fc4efe8f16e1", "key": "title"}, {"hash": "1a10d207b078615e5d73b42ad95e744d", "key": "references"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "9103caba17ff4b94c0d70169d67a2313", "key": "cvelist"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "08c17de6abaee62f9e42260622b62554", "key": "published"}, {"hash": "2825ea875937c8dc113c1fdadc3f845b", "key": "sourceData"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=41418", "id": "SUSE_11_LIBAPR-UTIL1-090608.NASL", "lastseen": "2016-09-26T17:23:35", "modified": "2013-10-25T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.2", "pluginID": "41418", "published": "2009-09-24T00:00:00", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=509825", "http://support.novell.com/security/cve/CVE-2009-1956.html", "http://support.novell.com/security/cve/CVE-2009-0023.html", "http://support.novell.com/security/cve/CVE-2009-1955.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(41418);\n script_version(\"$Revision: 1.11 $\");\n script_cvs_date(\"$Date: 2013/10/25 23:46:56 $\");\n\n script_cve_id(\"CVE-2009-0023\", \"CVE-2009-1955\", \"CVE-2009-1956\");\n\n script_name(english:\"SuSE 11 Security Update : libapr-util1 (SAT Patch Number 969)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of libapr-util1 fixes a memory consumption bug in the XML\nparser that can cause a remote denial-of-service vulnerability in\napplications using APR (WebDAV for example) (CVE-2009-1955).\nAdditionally a one byte buffer overflow in function\napr_brigade_vprintf() (CVE-2009-1956) and buffer underflow in function\napr_strmatch_precompile() (CVE-2009-0023) was fixed too. Depending on\nthe application using this function it can lead to remote denial of\nservice or information leakage.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=509825\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0023.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1955.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1956.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 969.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libapr-util1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"libapr-util1-1.3.4-12.19.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "SuSE 11 Security Update : libapr-util1 (SAT Patch Number 969)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 1, "lastseen": "2016-09-26T17:23:35"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:libapr-util1"], "cvelist": ["CVE-2009-1955", "CVE-2009-0023", "CVE-2009-1956"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "This update of libapr-util1 fixes a memory consumption bug in the XML parser that can cause a remote denial-of-service vulnerability in applications using APR (WebDAV for example) (CVE-2009-1955).\nAdditionally a one byte buffer overflow in function apr_brigade_vprintf() (CVE-2009-1956) and buffer underflow in function apr_strmatch_precompile() (CVE-2009-0023) was fixed too. Depending on the application using this function it can lead to remote denial of service or information leakage.", "edition": 4, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "a567472e34896f520f483044f4b9b82b0783050d7878dbe35191106eccc4ebe7", "hashmap": [{"hash": "2d3fc9abb524147e148f844f109393b5", "key": "description"}, {"hash": "0101a6301ed129e8588196cd6970ce79", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "40965efa19c345bfd62e38846d71eb85", "key": "pluginID"}, {"hash": "b475293a4418cb25a5f10722aad2ac41", "key": "href"}, {"hash": "05c83758928f783d67322170ce87426c", "key": "sourceData"}, {"hash": "91b2666bddf4104c5cd8fc4efe8f16e1", "key": "title"}, {"hash": "1a10d207b078615e5d73b42ad95e744d", "key": "references"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "9103caba17ff4b94c0d70169d67a2313", "key": "cvelist"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "8fd3c0d10643d313d61153df455e9f87", "key": "modified"}, {"hash": "08c17de6abaee62f9e42260622b62554", "key": "published"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=41418", "id": "SUSE_11_LIBAPR-UTIL1-090608.NASL", "lastseen": "2018-08-30T19:33:09", "modified": "2016-12-21T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.3", "pluginID": "41418", "published": "2009-09-24T00:00:00", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=509825", "http://support.novell.com/security/cve/CVE-2009-1956.html", "http://support.novell.com/security/cve/CVE-2009-0023.html", "http://support.novell.com/security/cve/CVE-2009-1955.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(41418);\n script_version(\"$Revision: 1.12 $\");\n script_cvs_date(\"$Date: 2016/12/21 20:21:20 $\");\n\n script_cve_id(\"CVE-2009-0023\", \"CVE-2009-1955\", \"CVE-2009-1956\");\n\n script_name(english:\"SuSE 11 Security Update : libapr-util1 (SAT Patch Number 969)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of libapr-util1 fixes a memory consumption bug in the XML\nparser that can cause a remote denial-of-service vulnerability in\napplications using APR (WebDAV for example) (CVE-2009-1955).\nAdditionally a one byte buffer overflow in function\napr_brigade_vprintf() (CVE-2009-1956) and buffer underflow in function\napr_strmatch_precompile() (CVE-2009-0023) was fixed too. Depending on\nthe application using this function it can lead to remote denial of\nservice or information leakage.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=509825\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0023.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1955.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1956.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 969.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libapr-util1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"libapr-util1-1.3.4-12.19.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "SuSE 11 Security Update : libapr-util1 (SAT Patch Number 969)", "type": "nessus", "viewCount": 3}, "differentElements": ["cvss"], "edition": 4, "lastseen": "2018-08-30T19:33:09"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:libapr-util1"], "cvelist": ["CVE-2009-1955", "CVE-2009-0023", "CVE-2009-1956"], "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "This update of libapr-util1 fixes a memory consumption bug in the XML parser that can cause a remote denial-of-service vulnerability in applications using APR (WebDAV for example) (CVE-2009-1955).\nAdditionally a one byte buffer overflow in function apr_brigade_vprintf() (CVE-2009-1956) and buffer underflow in function apr_strmatch_precompile() (CVE-2009-0023) was fixed too. Depending on the application using this function it can lead to remote denial of service or information leakage.", "edition": 3, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "02dc3e9f735b6f8d46a894ab0975818b22508046f81e31f1b7e3b1e6d588fb00", "hashmap": [{"hash": "2d3fc9abb524147e148f844f109393b5", "key": "description"}, {"hash": "0101a6301ed129e8588196cd6970ce79", "key": "cpe"}, {"hash": "ed3111898fb94205e2b64cefef5a2081", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "40965efa19c345bfd62e38846d71eb85", "key": "pluginID"}, {"hash": "b475293a4418cb25a5f10722aad2ac41", "key": "href"}, {"hash": "05c83758928f783d67322170ce87426c", "key": "sourceData"}, {"hash": "91b2666bddf4104c5cd8fc4efe8f16e1", "key": "title"}, {"hash": "1a10d207b078615e5d73b42ad95e744d", "key": "references"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "9103caba17ff4b94c0d70169d67a2313", "key": "cvelist"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "8fd3c0d10643d313d61153df455e9f87", "key": "modified"}, {"hash": "08c17de6abaee62f9e42260622b62554", "key": "published"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=41418", "id": "SUSE_11_LIBAPR-UTIL1-090608.NASL", "lastseen": "2017-10-29T13:34:42", "modified": "2016-12-21T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.3", "pluginID": "41418", "published": "2009-09-24T00:00:00", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=509825", "http://support.novell.com/security/cve/CVE-2009-1956.html", "http://support.novell.com/security/cve/CVE-2009-0023.html", "http://support.novell.com/security/cve/CVE-2009-1955.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(41418);\n script_version(\"$Revision: 1.12 $\");\n script_cvs_date(\"$Date: 2016/12/21 20:21:20 $\");\n\n script_cve_id(\"CVE-2009-0023\", \"CVE-2009-1955\", \"CVE-2009-1956\");\n\n script_name(english:\"SuSE 11 Security Update : libapr-util1 (SAT Patch Number 969)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of libapr-util1 fixes a memory consumption bug in the XML\nparser that can cause a remote denial-of-service vulnerability in\napplications using APR (WebDAV for example) (CVE-2009-1955).\nAdditionally a one byte buffer overflow in function\napr_brigade_vprintf() (CVE-2009-1956) and buffer underflow in function\napr_strmatch_precompile() (CVE-2009-0023) was fixed too. Depending on\nthe application using this function it can lead to remote denial of\nservice or information leakage.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=509825\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0023.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1955.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1956.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 969.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libapr-util1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"libapr-util1-1.3.4-12.19.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "SuSE 11 Security Update : libapr-util1 (SAT Patch Number 969)", "type": "nessus", "viewCount": 3}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2017-10-29T13:34:42"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2009-1955", "CVE-2009-0023", "CVE-2009-1956"], "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "This update of libapr-util1 fixes a memory consumption bug in the XML parser that can cause a remote denial-of-service vulnerability in applications using APR (WebDAV for example) (CVE-2009-1955).\nAdditionally a one byte buffer overflow in function apr_brigade_vprintf() (CVE-2009-1956) and buffer underflow in function apr_strmatch_precompile() (CVE-2009-0023) was fixed too. Depending on the application using this function it can lead to remote denial of service or information leakage.", "edition": 2, "enchantments": {}, "hash": "ab6bbb18fb716d703bec81b0cacafee807a388cf3dbde4ee813f7fd8b98d461c", "hashmap": [{"hash": "2d3fc9abb524147e148f844f109393b5", "key": "description"}, {"hash": "ed3111898fb94205e2b64cefef5a2081", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "40965efa19c345bfd62e38846d71eb85", "key": "pluginID"}, {"hash": "b475293a4418cb25a5f10722aad2ac41", "key": "href"}, {"hash": "05c83758928f783d67322170ce87426c", "key": "sourceData"}, {"hash": "91b2666bddf4104c5cd8fc4efe8f16e1", "key": "title"}, {"hash": "1a10d207b078615e5d73b42ad95e744d", "key": "references"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "9103caba17ff4b94c0d70169d67a2313", "key": "cvelist"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "8fd3c0d10643d313d61153df455e9f87", "key": "modified"}, {"hash": "08c17de6abaee62f9e42260622b62554", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=41418", "id": "SUSE_11_LIBAPR-UTIL1-090608.NASL", "lastseen": "2016-12-22T06:09:36", "modified": "2016-12-21T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.2", "pluginID": "41418", "published": "2009-09-24T00:00:00", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=509825", "http://support.novell.com/security/cve/CVE-2009-1956.html", "http://support.novell.com/security/cve/CVE-2009-0023.html", "http://support.novell.com/security/cve/CVE-2009-1955.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(41418);\n script_version(\"$Revision: 1.12 $\");\n script_cvs_date(\"$Date: 2016/12/21 20:21:20 $\");\n\n script_cve_id(\"CVE-2009-0023\", \"CVE-2009-1955\", \"CVE-2009-1956\");\n\n script_name(english:\"SuSE 11 Security Update : libapr-util1 (SAT Patch Number 969)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of libapr-util1 fixes a memory consumption bug in the XML\nparser that can cause a remote denial-of-service vulnerability in\napplications using APR (WebDAV for example) (CVE-2009-1955).\nAdditionally a one byte buffer overflow in function\napr_brigade_vprintf() (CVE-2009-1956) and buffer underflow in function\napr_strmatch_precompile() (CVE-2009-0023) was fixed too. Depending on\nthe application using this function it can lead to remote denial of\nservice or information leakage.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=509825\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0023.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1955.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1956.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 969.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libapr-util1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"libapr-util1-1.3.4-12.19.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "SuSE 11 Security Update : libapr-util1 (SAT Patch Number 969)", "type": "nessus", "viewCount": 3}, "differentElements": ["cpe"], "edition": 2, "lastseen": "2016-12-22T06:09:36"}], "edition": 7, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "0101a6301ed129e8588196cd6970ce79"}, {"key": "cvelist", "hash": "9103caba17ff4b94c0d70169d67a2313"}, {"key": "cvss", "hash": "ed3111898fb94205e2b64cefef5a2081"}, {"key": "description", "hash": "2d3fc9abb524147e148f844f109393b5"}, {"key": "href", "hash": "b475293a4418cb25a5f10722aad2ac41"}, {"key": "modified", "hash": "8fd3c0d10643d313d61153df455e9f87"}, {"key": "naslFamily", "hash": "71a40666da62ba38d22539c8277870c7"}, {"key": "pluginID", "hash": "40965efa19c345bfd62e38846d71eb85"}, {"key": "published", "hash": "08c17de6abaee62f9e42260622b62554"}, {"key": "references", "hash": "1a10d207b078615e5d73b42ad95e744d"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "05c83758928f783d67322170ce87426c"}, {"key": "title", "hash": "91b2666bddf4104c5cd8fc4efe8f16e1"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "02dc3e9f735b6f8d46a894ab0975818b22508046f81e31f1b7e3b1e6d588fb00", "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2009-1955", "CVE-2009-0023", "CVE-2009-1956"]}, {"type": "gentoo", "idList": ["GLSA-200907-03"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-1107", "ELSA-2009-1108"]}, {"type": "redhat", "idList": ["RHSA-2009:1107", "RHSA-2009:1108"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310880692", "OPENVAS:136141256231064214", "OPENVAS:64295", "OPENVAS:136141256231064295", "OPENVAS:65691", "OPENVAS:880692", "OPENVAS:136141256231064215", "OPENVAS:136141256231065691", "OPENVAS:136141256231064269", "OPENVAS:1361412562310122475"]}, {"type": "nessus", "idList": ["SL_20090616_APR_UTIL_ON_SL4_X.NASL", "REDHAT-RHSA-2009-1107.NASL", "REDHAT-RHSA-2009-1108.NASL", "SUSE_11_1_LIBAPR-UTIL1-090608.NASL", "CENTOS_RHSA-2009-1107.NASL", "GENTOO_GLSA-200907-03.NASL", "SUSE_LIBAPR-UTIL1-6289.NASL", "ORACLELINUX_ELSA-2009-1108.NASL", "FEDORA_2009-5969.NASL", "FEDORA_2009-6014.NASL"]}, {"type": "centos", "idList": ["CESA-2009:1108", "CESA-2009:1107"]}, {"type": "ubuntu", "idList": ["USN-786-1", "USN-787-1"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:9954", "SECURITYVULNS:DOC:21953"]}, {"type": "freebsd", "idList": ["EB9212F7-526B-11DE-BBF2-001B77D09812", "E15F2356-9139-11DE-8F42-001AA0166822"]}, {"type": "slackware", "idList": ["SSA-2009-167-02", "SSA-2009-214-01"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1812-1:7EC83"]}, {"type": "seebug", "idList": ["SSV:11558", "SSV:11569", "SSV:11568"]}, {"type": "httpd", "idList": ["HTTPD:267D87D7598A6B9AF1BDE6F51188D387", "HTTPD:1C2FBBF56925162ED41A62B394B7E0BD", "HTTPD:624F5487666F9D8F639D9C3A3BD39864"]}], "modified": "2019-02-21T01:12:28"}, "score": {"value": 5.0, "vector": "NONE"}, "vulnersScore": 5.0}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(41418);\n script_version(\"$Revision: 1.12 $\");\n script_cvs_date(\"$Date: 2016/12/21 20:21:20 $\");\n\n script_cve_id(\"CVE-2009-0023\", \"CVE-2009-1955\", \"CVE-2009-1956\");\n\n script_name(english:\"SuSE 11 Security Update : libapr-util1 (SAT Patch Number 969)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of libapr-util1 fixes a memory consumption bug in the XML\nparser that can cause a remote denial-of-service vulnerability in\napplications using APR (WebDAV for example) (CVE-2009-1955).\nAdditionally a one byte buffer overflow in function\napr_brigade_vprintf() (CVE-2009-1956) and buffer underflow in function\napr_strmatch_precompile() (CVE-2009-0023) was fixed too. Depending on\nthe application using this function it can lead to remote denial of\nservice or information leakage.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=509825\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0023.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1955.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1956.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 969.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libapr-util1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"libapr-util1-1.3.4-12.19.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "SuSE Local Security Checks", "pluginID": "41418", "cpe": ["cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:libapr-util1"], "scheme": null}

{"cve": [{"lastseen": "2018-10-11T11:33:53", "bulletinFamily": "NVD", "description": "The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, as demonstrated by a PROPFIND request, a similar issue to CVE-2003-1564.", "modified": "2018-10-10T15:39:07", "published": "2009-06-07T21:00:00", "id": "CVE-2009-1955", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1955", "title": "CVE-2009-1955", "type": "cve", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-10-12T11:34:17", "bulletinFamily": "NVD", "description": "The apr_strmatch_precompile function in strmatch/apr_strmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service (daemon crash) via crafted input involving (1) a .htaccess file used with the Apache HTTP Server, (2) the SVNMasterURI directive in the mod_dav_svn module in the Apache HTTP Server, (3) the mod_apreq2 module for the Apache HTTP Server, or (4) an application that uses the libapreq2 library, which triggers a heap-based buffer underflow.", "modified": "2018-10-11T16:58:45", "published": "2009-06-07T21:00:00", "id": "CVE-2009-0023", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0023", "title": "CVE-2009-0023", "type": "cve", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-09-29T14:26:38", "bulletinFamily": "NVD", "description": "Off-by-one error in the apr_brigade_vprintf function in Apache APR-util before 1.3.5 on big-endian platforms allows remote attackers to obtain sensitive information or cause a denial of service (application crash) via crafted input.", "modified": "2017-09-28T21:34:40", "published": "2009-06-07T21:00:00", "id": "CVE-2009-1956", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1956", "title": "CVE-2009-1956", "type": "cve", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}], "nessus": [{"lastseen": "2019-02-21T01:11:59", "bulletinFamily": "scanner", "description": "Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe Apache HTTP Server is a popular Web server. The httpd package shipped with Red Hat Enterprise Linux 3 contains an embedded copy of the Apache Portable Runtime (APR) utility library, a free library of C data structures and routines, which includes interfaces to support XML parsing, LDAP connections, database interfaces, URI parsing, and more.\n\nAn off-by-one overflow flaw was found in the way apr-util processed a variable list of arguments. An attacker could provide a specially crafted string as input for the formatted output conversion routine, which could, on big-endian platforms, potentially lead to the disclosure of sensitive information or a denial of service (application crash). (CVE-2009-1956)\n\nNote: The CVE-2009-1956 flaw only affects big-endian platforms, such as the IBM S/390 and PowerPC. It does not affect users using the httpd package on little-endian platforms, due to their different organization of byte ordering used to represent particular data.\n\nA denial of service flaw was found in the apr-util Extensible Markup Language (XML) parser. A remote attacker could create a specially crafted XML document that would cause excessive memory consumption when processed by the XML decoding engine. (CVE-2009-1955)\n\nA heap-based underwrite flaw was found in the way apr-util created compiled forms of particular search patterns. An attacker could formulate a specially crafted search keyword, that would overwrite arbitrary heap memory locations when processed by the pattern preparation engine. (CVE-2009-0023)\n\nAll httpd users should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "modified": "2018-11-27T00:00:00", "id": "REDHAT-RHSA-2009-1108.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=39432", "published": "2009-06-17T00:00:00", "title": "RHEL 3 : httpd (RHSA-2009:1108)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1108. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(39432);\n script_version (\"1.29\");\n script_cvs_date(\"Date: 2018/11/27 13:31:32\");\n\n script_cve_id(\"CVE-2009-0023\", \"CVE-2009-1955\", \"CVE-2009-1956\");\n script_bugtraq_id(35221, 35251, 35253);\n script_xref(name:\"RHSA\", value:\"2009:1108\");\n\n script_name(english:\"RHEL 3 : httpd (RHSA-2009:1108)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated httpd packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Apache HTTP Server is a popular Web server. The httpd package\nshipped with Red Hat Enterprise Linux 3 contains an embedded copy of\nthe Apache Portable Runtime (APR) utility library, a free library of C\ndata structures and routines, which includes interfaces to support XML\nparsing, LDAP connections, database interfaces, URI parsing, and more.\n\nAn off-by-one overflow flaw was found in the way apr-util processed a\nvariable list of arguments. An attacker could provide a specially\ncrafted string as input for the formatted output conversion routine,\nwhich could, on big-endian platforms, potentially lead to the\ndisclosure of sensitive information or a denial of service\n(application crash). (CVE-2009-1956)\n\nNote: The CVE-2009-1956 flaw only affects big-endian platforms, such\nas the IBM S/390 and PowerPC. It does not affect users using the httpd\npackage on little-endian platforms, due to their different\norganization of byte ordering used to represent particular data.\n\nA denial of service flaw was found in the apr-util Extensible Markup\nLanguage (XML) parser. A remote attacker could create a specially\ncrafted XML document that would cause excessive memory consumption\nwhen processed by the XML decoding engine. (CVE-2009-1955)\n\nA heap-based underwrite flaw was found in the way apr-util created\ncompiled forms of particular search patterns. An attacker could\nformulate a specially crafted search keyword, that would overwrite\narbitrary heap memory locations when processed by the pattern\npreparation engine. (CVE-2009-0023)\n\nAll httpd users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the httpd daemon must be restarted for the\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0023\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-1955\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-1956\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1108\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected httpd, httpd-devel and / or mod_ssl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/06/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1108\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"httpd-2.0.46-73.ent\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"httpd-devel-2.0.46-73.ent\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"mod_ssl-2.0.46-73.ent\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-devel / mod_ssl\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:12:10", "bulletinFamily": "scanner", "description": "This update of libapr-util1 fixes a memory consumption bug in the XML parser that can cause a remote denial-of-service vulnerability in applications using APR (WebDAV for example) (CVE-2009-1955).\nAdditionally a one byte buffer overflow in function apr_brigade_vprintf() (CVE-2009-1956) and buffer underflow in function apr_strmatch_precompile() (CVE-2009-0023) was fixed too. Depending on the application using this function it can lead to remote denial of service or information leakage.", "modified": "2016-12-21T00:00:00", "id": "SUSE_11_1_LIBAPR-UTIL1-090608.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=40256", "published": "2009-07-21T00:00:00", "title": "openSUSE Security Update : libapr-util1 (libapr-util1-968)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libapr-util1-968.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40256);\n script_version(\"$Revision: 1.14 $\");\n script_cvs_date(\"$Date: 2016/12/21 20:09:51 $\");\n\n script_cve_id(\"CVE-2009-0023\", \"CVE-2009-1955\", \"CVE-2009-1956\");\n\n script_name(english:\"openSUSE Security Update : libapr-util1 (libapr-util1-968)\");\n script_summary(english:\"Check for the libapr-util1-968 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of libapr-util1 fixes a memory consumption bug in the XML\nparser that can cause a remote denial-of-service vulnerability in\napplications using APR (WebDAV for example) (CVE-2009-1955).\nAdditionally a one byte buffer overflow in function\napr_brigade_vprintf() (CVE-2009-1956) and buffer underflow in function\napr_strmatch_precompile() (CVE-2009-0023) was fixed too. Depending on\nthe application using this function it can lead to remote denial of\nservice or information leakage.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=509825\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libapr-util1 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapr-util1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapr-util1-dbd-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapr-util1-dbd-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapr-util1-dbd-sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapr-util1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libapr-util1-1.3.4-13.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libapr-util1-dbd-mysql-1.3.4-13.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libapr-util1-dbd-pgsql-1.3.4-13.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libapr-util1-dbd-sqlite3-1.3.4-13.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libapr-util1-devel-1.3.4-13.2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libapr-util1\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:12:55", "bulletinFamily": "scanner", "description": "Updated apr-util packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\napr-util is a utility library used with the Apache Portable Runtime (APR). It aims to provide a free library of C data structures and routines. This library contains additional utility interfaces for APR;\nincluding support for XML, LDAP, database interfaces, URI parsing, and more.\n\nAn off-by-one overflow flaw was found in the way apr-util processed a variable list of arguments. An attacker could provide a specially crafted string as input for the formatted output conversion routine, which could, on big-endian platforms, potentially lead to the disclosure of sensitive information or a denial of service (application crash). (CVE-2009-1956)\n\nNote: The CVE-2009-1956 flaw only affects big-endian platforms, such as the IBM S/390 and PowerPC. It does not affect users using the apr-util package on little-endian platforms, due to their different organization of byte ordering used to represent particular data.\n\nA denial of service flaw was found in the apr-util Extensible Markup Language (XML) parser. A remote attacker could create a specially crafted XML document that would cause excessive memory consumption when processed by the XML decoding engine. (CVE-2009-1955)\n\nA heap-based underwrite flaw was found in the way apr-util created compiled forms of particular search patterns. An attacker could formulate a specially crafted search keyword, that would overwrite arbitrary heap memory locations when processed by the pattern preparation engine. (CVE-2009-0023)\n\nAll apr-util users should upgrade to these updated packages, which contain backported patches to correct these issues. Applications using the Apache Portable Runtime library, such as httpd, must be restarted for this update to take effect.", "modified": "2018-11-10T00:00:00", "id": "CENTOS_RHSA-2009-1107.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=43758", "published": "2010-01-06T00:00:00", "title": "CentOS 5 : apr-util (CESA-2009:1107)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1107 and \n# CentOS Errata and Security Advisory 2009:1107 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(43758);\n script_version(\"1.20\");\n script_cvs_date(\"Date: 2018/11/10 11:49:28\");\n\n script_cve_id(\"CVE-2009-0023\", \"CVE-2009-1955\", \"CVE-2009-1956\");\n script_bugtraq_id(35221, 35251, 35253);\n script_xref(name:\"RHSA\", value:\"2009:1107\");\n\n script_name(english:\"CentOS 5 : apr-util (CESA-2009:1107)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated apr-util packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\napr-util is a utility library used with the Apache Portable Runtime\n(APR). It aims to provide a free library of C data structures and\nroutines. This library contains additional utility interfaces for APR;\nincluding support for XML, LDAP, database interfaces, URI parsing, and\nmore.\n\nAn off-by-one overflow flaw was found in the way apr-util processed a\nvariable list of arguments. An attacker could provide a specially\ncrafted string as input for the formatted output conversion routine,\nwhich could, on big-endian platforms, potentially lead to the\ndisclosure of sensitive information or a denial of service\n(application crash). (CVE-2009-1956)\n\nNote: The CVE-2009-1956 flaw only affects big-endian platforms, such\nas the IBM S/390 and PowerPC. It does not affect users using the\napr-util package on little-endian platforms, due to their different\norganization of byte ordering used to represent particular data.\n\nA denial of service flaw was found in the apr-util Extensible Markup\nLanguage (XML) parser. A remote attacker could create a specially\ncrafted XML document that would cause excessive memory consumption\nwhen processed by the XML decoding engine. (CVE-2009-1955)\n\nA heap-based underwrite flaw was found in the way apr-util created\ncompiled forms of particular search patterns. An attacker could\nformulate a specially crafted search keyword, that would overwrite\narbitrary heap memory locations when processed by the pattern\npreparation engine. (CVE-2009-0023)\n\nAll apr-util users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. Applications using\nthe Apache Portable Runtime library, such as httpd, must be restarted\nfor this update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-June/015983.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6e5d16e8\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-June/015984.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?16fbbf59\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apr-util packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:apr-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:apr-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:apr-util-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"apr-util-1.2.7-7.el5_3.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"apr-util-devel-1.2.7-7.el5_3.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"apr-util-docs-1.2.7-7.el5_3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:19:21", "bulletinFamily": "scanner", "description": "From Red Hat Security Advisory 2009:1108 :\n\nUpdated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe Apache HTTP Server is a popular Web server. The httpd package shipped with Red Hat Enterprise Linux 3 contains an embedded copy of the Apache Portable Runtime (APR) utility library, a free library of C data structures and routines, which includes interfaces to support XML parsing, LDAP connections, database interfaces, URI parsing, and more.\n\nAn off-by-one overflow flaw was found in the way apr-util processed a variable list of arguments. An attacker could provide a specially crafted string as input for the formatted output conversion routine, which could, on big-endian platforms, potentially lead to the disclosure of sensitive information or a denial of service (application crash). (CVE-2009-1956)\n\nNote: The CVE-2009-1956 flaw only affects big-endian platforms, such as the IBM S/390 and PowerPC. It does not affect users using the httpd package on little-endian platforms, due to their different organization of byte ordering used to represent particular data.\n\nA denial of service flaw was found in the apr-util Extensible Markup Language (XML) parser. A remote attacker could create a specially crafted XML document that would cause excessive memory consumption when processed by the XML decoding engine. (CVE-2009-1955)\n\nA heap-based underwrite flaw was found in the way apr-util created compiled forms of particular search patterns. An attacker could formulate a specially crafted search keyword, that would overwrite arbitrary heap memory locations when processed by the pattern preparation engine. (CVE-2009-0023)\n\nAll httpd users should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "modified": "2018-07-18T00:00:00", "id": "ORACLELINUX_ELSA-2009-1108.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=67876", "published": "2013-07-12T00:00:00", "title": "Oracle Linux 3 : httpd (ELSA-2009-1108)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:1108 and \n# Oracle Linux Security Advisory ELSA-2009-1108 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(67876);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2018/07/18 17:43:56\");\n\n script_cve_id(\"CVE-2009-0023\", \"CVE-2009-1955\", \"CVE-2009-1956\");\n script_bugtraq_id(35221, 35251, 35253);\n script_xref(name:\"RHSA\", value:\"2009:1108\");\n\n script_name(english:\"Oracle Linux 3 : httpd (ELSA-2009-1108)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:1108 :\n\nUpdated httpd packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Apache HTTP Server is a popular Web server. The httpd package\nshipped with Red Hat Enterprise Linux 3 contains an embedded copy of\nthe Apache Portable Runtime (APR) utility library, a free library of C\ndata structures and routines, which includes interfaces to support XML\nparsing, LDAP connections, database interfaces, URI parsing, and more.\n\nAn off-by-one overflow flaw was found in the way apr-util processed a\nvariable list of arguments. An attacker could provide a specially\ncrafted string as input for the formatted output conversion routine,\nwhich could, on big-endian platforms, potentially lead to the\ndisclosure of sensitive information or a denial of service\n(application crash). (CVE-2009-1956)\n\nNote: The CVE-2009-1956 flaw only affects big-endian platforms, such\nas the IBM S/390 and PowerPC. It does not affect users using the httpd\npackage on little-endian platforms, due to their different\norganization of byte ordering used to represent particular data.\n\nA denial of service flaw was found in the apr-util Extensible Markup\nLanguage (XML) parser. A remote attacker could create a specially\ncrafted XML document that would cause excessive memory consumption\nwhen processed by the XML decoding engine. (CVE-2009-1955)\n\nA heap-based underwrite flaw was found in the way apr-util created\ncompiled forms of particular search patterns. An attacker could\nformulate a specially crafted search keyword, that would overwrite\narbitrary heap memory locations when processed by the pattern\npreparation engine. (CVE-2009-0023)\n\nAll httpd users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the httpd daemon must be restarted for the\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-June/001048.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected httpd packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"httpd-2.0.46-73.0.1.ent\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"httpd-2.0.46-73.0.1.ent\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"httpd-devel-2.0.46-73.0.1.ent\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"httpd-devel-2.0.46-73.0.1.ent\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"mod_ssl-2.0.46-73.0.1.ent\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"mod_ssl-2.0.46-73.0.1.ent\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-devel / mod_ssl\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:12:02", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-200907-03 (APR Utility Library: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in the APR Utility Library:\n Matthew Palmer reported a heap-based buffer underflow while compiling search patterns in the apr_strmatch_precompile() function in strmatch/apr_strmatch.c (CVE-2009-0023).\n kcope reported that the expat XML parser in xml/apr_xml.c does not limit the amount of XML entities expanded recursively (CVE-2009-1955).\n C. Michael Pilato reported an off-by-one error in the apr_brigade_vprintf() function in buckets/apr_brigade.c (CVE-2009-1956).\n Impact :\n\n A remote attacker could exploit these vulnerabilities to cause a Denial of Service (crash or memory exhaustion) via an Apache HTTP server running mod_dav or mod_dav_svn, or using several configuration files.\n Additionally, a remote attacker could disclose sensitive information or cause a Denial of Service by sending a specially crafted input. NOTE:\n Only big-endian architectures such as PPC and HPPA are affected by the latter flaw.\n Workaround :\n\n There is no known workaround at this time.", "modified": "2018-07-11T00:00:00", "id": "GENTOO_GLSA-200907-03.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=39614", "published": "2009-07-06T00:00:00", "title": "GLSA-200907-03 : APR Utility Library: Multiple vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200907-03.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(39614);\n script_version(\"1.18\");\n script_cvs_date(\"Date: 2018/07/11 17:09:25\");\n\n script_cve_id(\"CVE-2009-0023\", \"CVE-2009-1955\", \"CVE-2009-1956\");\n script_bugtraq_id(35221, 35251, 35253);\n script_xref(name:\"GLSA\", value:\"200907-03\");\n\n script_name(english:\"GLSA-200907-03 : APR Utility Library: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200907-03\n(APR Utility Library: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in the APR Utility\n Library:\n Matthew Palmer reported a heap-based buffer\n underflow while compiling search patterns in the\n apr_strmatch_precompile() function in strmatch/apr_strmatch.c\n (CVE-2009-0023).\n kcope reported that the expat XML parser in\n xml/apr_xml.c does not limit the amount of XML entities expanded\n recursively (CVE-2009-1955).\n C. Michael Pilato reported an\n off-by-one error in the apr_brigade_vprintf() function in\n buckets/apr_brigade.c (CVE-2009-1956).\n \nImpact :\n\n A remote attacker could exploit these vulnerabilities to cause a Denial\n of Service (crash or memory exhaustion) via an Apache HTTP server\n running mod_dav or mod_dav_svn, or using several configuration files.\n Additionally, a remote attacker could disclose sensitive information or\n cause a Denial of Service by sending a specially crafted input. NOTE:\n Only big-endian architectures such as PPC and HPPA are affected by the\n latter flaw.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200907-03\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Apache Portable Runtime Utility Library users should upgrade to the\n latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/apr-util-1.3.7'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:apr-util\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-libs/apr-util\", unaffected:make_list(\"ge 1.3.7\"), vulnerable:make_list(\"lt 1.3.7\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"APR Utility Library\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:12:30", "bulletinFamily": "scanner", "description": "This update of libapr-util1 fixes a memory consumption bug in the XML parser that can cause a remote denial-of-service vulnerability in applications using APR (WebDAV for example) (CVE-2009-1955).\nAdditionally a one byte buffer overflow in function apr_brigade_vprintf() (CVE-2009-1956) and buffer underflow in function apr_strmatch_precompile() (CVE-2009-0023) was fixed too. Depending on the application using this function it can lead to remote denial of service or information leakage.", "modified": "2016-12-22T00:00:00", "id": "SUSE_LIBAPR-UTIL1-6289.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=41543", "published": "2009-09-24T00:00:00", "title": "SuSE 10 Security Update : libapr-util1 (ZYPP Patch Number 6289)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(41543);\n script_version (\"$Revision: 1.14 $\");\n script_cvs_date(\"$Date: 2016/12/22 20:42:27 $\");\n\n script_cve_id(\"CVE-2009-0023\", \"CVE-2009-1955\", \"CVE-2009-1956\");\n\n script_name(english:\"SuSE 10 Security Update : libapr-util1 (ZYPP Patch Number 6289)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of libapr-util1 fixes a memory consumption bug in the XML\nparser that can cause a remote denial-of-service vulnerability in\napplications using APR (WebDAV for example) (CVE-2009-1955).\nAdditionally a one byte buffer overflow in function\napr_brigade_vprintf() (CVE-2009-1956) and buffer underflow in function\napr_strmatch_precompile() (CVE-2009-0023) was fixed too. Depending on\nthe application using this function it can lead to remote denial of\nservice or information leakage.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0023.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1955.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1956.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6289.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"libapr-util1-1.2.2-13.7\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"libapr-util1-devel-1.2.2-13.7\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"libapr-util1-1.2.2-13.7\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"libapr-util1-devel-1.2.2-13.7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:11:59", "bulletinFamily": "scanner", "description": "Updated apr-util packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\napr-util is a utility library used with the Apache Portable Runtime (APR). It aims to provide a free library of C data structures and routines. This library contains additional utility interfaces for APR;\nincluding support for XML, LDAP, database interfaces, URI parsing, and more.\n\nAn off-by-one overflow flaw was found in the way apr-util processed a variable list of arguments. An attacker could provide a specially crafted string as input for the formatted output conversion routine, which could, on big-endian platforms, potentially lead to the disclosure of sensitive information or a denial of service (application crash). (CVE-2009-1956)\n\nNote: The CVE-2009-1956 flaw only affects big-endian platforms, such as the IBM S/390 and PowerPC. It does not affect users using the apr-util package on little-endian platforms, due to their different organization of byte ordering used to represent particular data.\n\nA denial of service flaw was found in the apr-util Extensible Markup Language (XML) parser. A remote attacker could create a specially crafted XML document that would cause excessive memory consumption when processed by the XML decoding engine. (CVE-2009-1955)\n\nA heap-based underwrite flaw was found in the way apr-util created compiled forms of particular search patterns. An attacker could formulate a specially crafted search keyword, that would overwrite arbitrary heap memory locations when processed by the pattern preparation engine. (CVE-2009-0023)\n\nAll apr-util users should upgrade to these updated packages, which contain backported patches to correct these issues. Applications using the Apache Portable Runtime library, such as httpd, must be restarted for this update to take effect.", "modified": "2018-11-27T00:00:00", "id": "REDHAT-RHSA-2009-1107.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=39431", "published": "2009-06-17T00:00:00", "title": "RHEL 4 / 5 : apr-util (RHSA-2009:1107)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1107. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(39431);\n script_version (\"1.32\");\n script_cvs_date(\"Date: 2018/11/27 13:31:32\");\n\n script_cve_id(\"CVE-2009-0023\", \"CVE-2009-1955\", \"CVE-2009-1956\");\n script_bugtraq_id(35221, 35251, 35253);\n script_xref(name:\"RHSA\", value:\"2009:1107\");\n\n script_name(english:\"RHEL 4 / 5 : apr-util (RHSA-2009:1107)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated apr-util packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\napr-util is a utility library used with the Apache Portable Runtime\n(APR). It aims to provide a free library of C data structures and\nroutines. This library contains additional utility interfaces for APR;\nincluding support for XML, LDAP, database interfaces, URI parsing, and\nmore.\n\nAn off-by-one overflow flaw was found in the way apr-util processed a\nvariable list of arguments. An attacker could provide a specially\ncrafted string as input for the formatted output conversion routine,\nwhich could, on big-endian platforms, potentially lead to the\ndisclosure of sensitive information or a denial of service\n(application crash). (CVE-2009-1956)\n\nNote: The CVE-2009-1956 flaw only affects big-endian platforms, such\nas the IBM S/390 and PowerPC. It does not affect users using the\napr-util package on little-endian platforms, due to their different\norganization of byte ordering used to represent particular data.\n\nA denial of service flaw was found in the apr-util Extensible Markup\nLanguage (XML) parser. A remote attacker could create a specially\ncrafted XML document that would cause excessive memory consumption\nwhen processed by the XML decoding engine. (CVE-2009-1955)\n\nA heap-based underwrite flaw was found in the way apr-util created\ncompiled forms of particular search patterns. An attacker could\nformulate a specially crafted search keyword, that would overwrite\narbitrary heap memory locations when processed by the pattern\npreparation engine. (CVE-2009-0023)\n\nAll apr-util users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. Applications using\nthe Apache Portable Runtime library, such as httpd, must be restarted\nfor this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0023\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-1955\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-1956\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1107\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected apr-util, apr-util-devel and / or apr-util-docs\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apr-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apr-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apr-util-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/06/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1107\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"apr-util-0.9.4-22.el4_8.1\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"apr-util-devel-0.9.4-22.el4_8.1\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", reference:\"apr-util-1.2.7-7.el5_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"apr-util-devel-1.2.7-7.el5_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"apr-util-docs-1.2.7-7.el5_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"apr-util-docs-1.2.7-7.el5_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"apr-util-docs-1.2.7-7.el5_3.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apr-util / apr-util-devel / apr-util-docs\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:17:11", "bulletinFamily": "scanner", "description": "An off-by-one overflow flaw was found in the way apr-util processed a variable list of arguments. An attacker could provide a specially crafted string as input for the formatted output conversion routine, which could, on big-endian platforms, potentially lead to the disclosure of sensitive information or a denial of service (application crash). (CVE-2009-1956)\n\nA denial of service flaw was found in the apr-util Extensible Markup Language (XML) parser. A remote attacker could create a specially crafted XML document that would cause excessive memory consumption when processed by the XML decoding engine. (CVE-2009-1955)\n\nA heap-based underwrite flaw was found in the way apr-util created compiled forms of particular search patterns. An attacker could formulate a specially crafted search keyword, that would overwrite arbitrary heap memory locations when processed by the pattern preparation engine. (CVE-2009-0023)\n\nApplications using the Apache Portable Runtime library, such as httpd, must be restarted for this update to take effect.", "modified": "2019-01-02T00:00:00", "id": "SL_20090616_APR_UTIL_ON_SL4_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=60597", "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : apr-util on SL4.x, SL5.x i386/x86_64", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(60597);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/01/02 10:36:42\");\n\n script_cve_id(\"CVE-2009-0023\", \"CVE-2009-1955\", \"CVE-2009-1956\");\n\n script_name(english:\"Scientific Linux Security Update : apr-util on SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An off-by-one overflow flaw was found in the way apr-util processed a\nvariable list of arguments. An attacker could provide a specially\ncrafted string as input for the formatted output conversion routine,\nwhich could, on big-endian platforms, potentially lead to the\ndisclosure of sensitive information or a denial of service\n(application crash). (CVE-2009-1956)\n\nA denial of service flaw was found in the apr-util Extensible Markup\nLanguage (XML) parser. A remote attacker could create a specially\ncrafted XML document that would cause excessive memory consumption\nwhen processed by the XML decoding engine. (CVE-2009-1955)\n\nA heap-based underwrite flaw was found in the way apr-util created\ncompiled forms of particular search patterns. An attacker could\nformulate a specially crafted search keyword, that would overwrite\narbitrary heap memory locations when processed by the pattern\npreparation engine. (CVE-2009-0023)\n\nApplications using the Apache Portable Runtime library, such as httpd,\nmust be restarted for this update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0906&L=scientific-linux-errata&T=0&P=1194\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d45eca7a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected apr-util, apr-util-devel and / or apr-util-docs\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"apr-util-0.9.4-22.el4_8.1\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"apr-util-devel-0.9.4-22.el4_8.1\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"apr-util-1.2.7-7.el5_3.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"apr-util-devel-1.2.7-7.el5_3.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"apr-util-docs-1.2.7-7.el5_3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:12:00", "bulletinFamily": "scanner", "description": "Backport security fixes from upstream version 1.3.7: - CVE-2009-0023 Fix underflow in apr_strmatch_precompile. - CVE-2009-1955 Fix a denial of service attack against the apr_xml_* interface using the 'billion laughs' entity expansion technique. - CVE-2009-1956 Fix off by one overflow in apr_brigade_vprintf. Note: CVE-2009-1956 is only an issue on big-endian architectures.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2016-12-08T00:00:00", "id": "FEDORA_2009-6014.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=39504", "published": "2009-06-25T00:00:00", "title": "Fedora 9 : apr-util-1.2.12-7.fc9 (2009-6014)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-6014.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(39504);\n script_version (\"$Revision: 1.21 $\");\n script_cvs_date(\"$Date: 2016/12/08 20:21:55 $\");\n\n script_cve_id(\"CVE-2009-0023\", \"CVE-2009-1955\", \"CVE-2009-1956\");\n script_bugtraq_id(35221, 35251, 35253);\n script_xref(name:\"FEDORA\", value:\"2009-6014\");\n\n script_name(english:\"Fedora 9 : apr-util-1.2.12-7.fc9 (2009-6014)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Backport security fixes from upstream version 1.3.7: - CVE-2009-0023\nFix underflow in apr_strmatch_precompile. - CVE-2009-1955 Fix a denial\nof service attack against the apr_xml_* interface using the 'billion\nlaughs' entity expansion technique. - CVE-2009-1956 Fix off by one\noverflow in apr_brigade_vprintf. Note: CVE-2009-1956 is only an issue\non big-endian architectures.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=503928\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=504390\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=504555\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-June/025554.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c167c4e5\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apr-util package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:apr-util\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/06/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 9.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC9\", reference:\"apr-util-1.2.12-7.fc9\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apr-util\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:11:57", "bulletinFamily": "scanner", "description": "Multiple security vulnerabilities has been identified and fixed in apr-util :\n\nThe apr_strmatch_precompile function in strmatch/apr_strmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service (daemon crash) via crafted input involving (1) a .htaccess file used with the Apache HTTP Server, (2) the SVNMasterURI directive in the mod_dav_svn module in the Apache HTTP Server, (3) the mod_apreq2 module for the Apache HTTP Server, or (4) an application that uses the libapreq2 library, related to an underflow flaw.\n(CVE-2009-0023).\n\nThe expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, as demonstrated by a PROPFIND request, a similar issue to CVE-2003-1564 (CVE-2009-1955).\n\nOff-by-one error in the apr_brigade_vprintf function in Apache APR-util before 1.3.5 on big-endian platforms allows remote attackers to obtain sensitive information or cause a denial of service (application crash) via crafted input (CVE-2009-1956).\n\nThe updated packages have been patched to prevent this.", "modified": "2018-07-19T00:00:00", "id": "MANDRIVA_MDVSA-2009-131.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=39323", "published": "2009-06-08T00:00:00", "title": "Mandriva Linux Security Advisory : apr-util (MDVSA-2009:131)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:131. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(39323);\n script_version (\"1.20\");\n script_cvs_date(\"Date: 2018/07/19 20:59:16\");\n\n script_cve_id(\"CVE-2009-0023\", \"CVE-2009-1955\", \"CVE-2009-1956\");\n script_bugtraq_id(35221);\n script_xref(name:\"MDVSA\", value:\"2009:131\");\n\n script_name(english:\"Mandriva Linux Security Advisory : apr-util (MDVSA-2009:131)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security vulnerabilities has been identified and fixed in\napr-util :\n\nThe apr_strmatch_precompile function in strmatch/apr_strmatch.c in\nApache APR-util before 1.3.5 allows remote attackers to cause a denial\nof service (daemon crash) via crafted input involving (1) a .htaccess\nfile used with the Apache HTTP Server, (2) the SVNMasterURI directive\nin the mod_dav_svn module in the Apache HTTP Server, (3) the\nmod_apreq2 module for the Apache HTTP Server, or (4) an application\nthat uses the libapreq2 library, related to an underflow flaw.\n(CVE-2009-0023).\n\nThe expat XML parser in the apr_xml_* interface in xml/apr_xml.c in\nApache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn\nmodules in the Apache HTTP Server, allows remote attackers to cause a\ndenial of service (memory consumption) via a crafted XML document\ncontaining a large number of nested entity references, as demonstrated\nby a PROPFIND request, a similar issue to CVE-2003-1564\n(CVE-2009-1955).\n\nOff-by-one error in the apr_brigade_vprintf function in Apache\nAPR-util before 1.3.5 on big-endian platforms allows remote attackers\nto obtain sensitive information or cause a denial of service\n(application crash) via crafted input (CVE-2009-1956).\n\nThe updated packages have been patched to prevent this.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apr-util-dbd-freetds\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apr-util-dbd-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apr-util-dbd-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apr-util-dbd-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apr-util-dbd-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apr-util-dbd-sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64apr-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64apr-util1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libapr-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libapr-util1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/06/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.1\", reference:\"apr-util-dbd-mysql-1.2.12-4.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"apr-util-dbd-pgsql-1.2.12-4.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"apr-util-dbd-sqlite3-1.2.12-4.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64apr-util-devel-1.2.12-4.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64apr-util1-1.2.12-4.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libapr-util-devel-1.2.12-4.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libapr-util1-1.2.12-4.1mdv2008.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.0\", reference:\"apr-util-dbd-freetds-1.3.4-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apr-util-dbd-ldap-1.3.4-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apr-util-dbd-mysql-1.3.4-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apr-util-dbd-odbc-1.3.4-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apr-util-dbd-pgsql-1.3.4-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apr-util-dbd-sqlite3-1.3.4-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64apr-util-devel-1.3.4-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64apr-util1-1.3.4-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libapr-util-devel-1.3.4-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libapr-util1-1.3.4-2.1mdv2009.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.1\", reference:\"apr-util-dbd-freetds-1.3.4-9.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apr-util-dbd-ldap-1.3.4-9.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apr-util-dbd-mysql-1.3.4-9.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apr-util-dbd-odbc-1.3.4-9.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apr-util-dbd-pgsql-1.3.4-9.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apr-util-dbd-sqlite3-1.3.4-9.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64apr-util-devel-1.3.4-9.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64apr-util1-1.3.4-9.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libapr-util-devel-1.3.4-9.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libapr-util1-1.3.4-9.1mdv2009.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2017-07-25T10:55:52", "bulletinFamily": "scanner", "description": "Check for the Version of httpd", "modified": "2017-07-10T00:00:00", "published": "2011-08-09T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=880692", "id": "OPENVAS:880692", "title": "CentOS Update for httpd CESA-2009:1108 centos3 i386", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for httpd CESA-2009:1108 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Apache HTTP Server is a popular Web server. The httpd package shipped\n with Red Hat Enterprise Linux 3 contains an embedded copy of the Apache\n Portable Runtime (APR) utility library, a free library of C data structures\n and routines, which includes interfaces to support XML parsing, LDAP\n connections, database interfaces, URI parsing, and more.\n\n An off-by-one overflow flaw was found in the way apr-util processed a\n variable list of arguments. An attacker could provide a specially-crafted\n string as input for the formatted output conversion routine, which could,\n on big-endian platforms, potentially lead to the disclosure of sensitive\n information or a denial of service (application crash). (CVE-2009-1956)\n \n Note: The CVE-2009-1956 flaw only affects big-endian platforms, such as the\n IBM S/390 and PowerPC. It does not affect users using the httpd package on\n little-endian platforms, due to their different organization of byte\n ordering used to represent particular data.\n \n A denial of service flaw was found in the apr-util Extensible Markup\n Language (XML) parser. A remote attacker could create a specially-crafted\n XML document that would cause excessive memory consumption when processed\n by the XML decoding engine. (CVE-2009-1955)\n \n A heap-based underwrite flaw was found in the way apr-util created compiled\n forms of particular search patterns. An attacker could formulate a\n specially-crafted search keyword, that would overwrite arbitrary heap\n memory locations when processed by the pattern preparation engine.\n (CVE-2009-0023)\n \n All httpd users should upgrade to these updated packages, which contain\n backported patches to correct these issues. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"httpd on CentOS 3\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-June/015973.html\");\n script_id(880692);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2009:1108\");\n script_cve_id(\"CVE-2009-0023\", \"CVE-2009-1955\", \"CVE-2009-1956\");\n script_name(\"CentOS Update for httpd CESA-2009:1108 centos3 i386\");\n\n script_summary(\"Check for the Version of httpd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.0.46~73.ent.centos\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.0.46~73.ent.centos\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.0.46~73.ent.centos\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:44", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1108.\n\nThe Apache HTTP Server is a popular Web server. The httpd package shipped\nwith Red Hat Enterprise Linux 3 contains an embedded copy of the Apache\nPortable Runtime (APR) utility library, a free library of C data structures\nand routines, which includes interfaces to support XML parsing, LDAP\nconnections, database interfaces, URI parsing, and more.\n\nAn off-by-one overflow flaw was found in the way apr-util processed a\nvariable list of arguments. An attacker could provide a specially-crafted\nstring as input for the formatted output conversion routine, which could,\non big-endian platforms, potentially lead to the disclosure of sensitive\ninformation or a denial of service (application crash). (CVE-2009-1956)\n\nNote: The CVE-2009-1956 flaw only affects big-endian platforms, such as the\nIBM S/390 and PowerPC. It does not affect users using the httpd package on\nlittle-endian platforms, due to their different organization of byte\nordering used to represent particular data.\n\nA denial of service flaw was found in the apr-util Extensible Markup\nLanguage (XML) parser. A remote attacker could create a specially-crafted\nXML document that would cause excessive memory consumption when processed\nby the XML decoding engine. (CVE-2009-1955)\n\nA heap-based underwrite flaw was found in the way apr-util created compiled\nforms of particular search patterns. An attacker could formulate a\nspecially-crafted search keyword, that would overwrite arbitrary heap\nmemory locations when processed by the pattern preparation engine.\n(CVE-2009-0023)\n\nAll httpd users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the httpd daemon must be restarted for the update to take effect.", "modified": "2018-04-06T00:00:00", "published": "2009-06-23T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064215", "id": "OPENVAS:136141256231064215", "title": "RedHat Security Advisory RHSA-2009:1108", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1108.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1108 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1108.\n\nThe Apache HTTP Server is a popular Web server. The httpd package shipped\nwith Red Hat Enterprise Linux 3 contains an embedded copy of the Apache\nPortable Runtime (APR) utility library, a free library of C data structures\nand routines, which includes interfaces to support XML parsing, LDAP\nconnections, database interfaces, URI parsing, and more.\n\nAn off-by-one overflow flaw was found in the way apr-util processed a\nvariable list of arguments. An attacker could provide a specially-crafted\nstring as input for the formatted output conversion routine, which could,\non big-endian platforms, potentially lead to the disclosure of sensitive\ninformation or a denial of service (application crash). (CVE-2009-1956)\n\nNote: The CVE-2009-1956 flaw only affects big-endian platforms, such as the\nIBM S/390 and PowerPC. It does not affect users using the httpd package on\nlittle-endian platforms, due to their different organization of byte\nordering used to represent particular data.\n\nA denial of service flaw was found in the apr-util Extensible Markup\nLanguage (XML) parser. A remote attacker could create a specially-crafted\nXML document that would cause excessive memory consumption when processed\nby the XML decoding engine. (CVE-2009-1955)\n\nA heap-based underwrite flaw was found in the way apr-util created compiled\nforms of particular search patterns. An attacker could formulate a\nspecially-crafted search keyword, that would overwrite arbitrary heap\nmemory locations when processed by the pattern preparation engine.\n(CVE-2009-0023)\n\nAll httpd users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the httpd daemon must be restarted for the update to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64215\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-23 15:49:15 +0200 (Tue, 23 Jun 2009)\");\n script_cve_id(\"CVE-2009-0023\", \"CVE-2009-1955\", \"CVE-2009-1956\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1108\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1108.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#moderate\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.0.46~73.ent\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-debuginfo\", rpm:\"httpd-debuginfo~2.0.46~73.ent\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.0.46~73.ent\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.0.46~73.ent\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:26", "bulletinFamily": "scanner", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libapr-util1\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-11T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065691", "id": "OPENVAS:136141256231065691", "type": "openvas", "title": "SLES11: Security update for libapr-util1", "sourceData": "#\n#VID 251e677d425d0b40e5a4c63e49b53955\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for libapr-util1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libapr-util1\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=509825\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.65691\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-11 22:58:51 +0200 (Sun, 11 Oct 2009)\");\n script_cve_id(\"CVE-2009-1955\", \"CVE-2009-1956\", \"CVE-2009-0023\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"SLES11: Security update for libapr-util1\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libapr-util1\", rpm:\"libapr-util1~1.3.4~12.19.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:56", "bulletinFamily": "scanner", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libapr-util1\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-11T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=65691", "id": "OPENVAS:65691", "title": "SLES11: Security update for libapr-util1", "type": "openvas", "sourceData": "#\n#VID 251e677d425d0b40e5a4c63e49b53955\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for libapr-util1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libapr-util1\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=509825\");\n script_id(65691);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-11 22:58:51 +0200 (Sun, 11 Oct 2009)\");\n script_cve_id(\"CVE-2009-1955\", \"CVE-2009-1956\", \"CVE-2009-0023\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"SLES11: Security update for libapr-util1\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libapr-util1\", rpm:\"libapr-util1~1.3.4~12.19.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:04:39", "bulletinFamily": "scanner", "description": "Check for the Version of httpd", "modified": "2018-04-06T00:00:00", "published": "2011-08-09T00:00:00", "id": "OPENVAS:1361412562310880692", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880692", "title": "CentOS Update for httpd CESA-2009:1108 centos3 i386", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for httpd CESA-2009:1108 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Apache HTTP Server is a popular Web server. The httpd package shipped\n with Red Hat Enterprise Linux 3 contains an embedded copy of the Apache\n Portable Runtime (APR) utility library, a free library of C data structures\n and routines, which includes interfaces to support XML parsing, LDAP\n connections, database interfaces, URI parsing, and more.\n\n An off-by-one overflow flaw was found in the way apr-util processed a\n variable list of arguments. An attacker could provide a specially-crafted\n string as input for the formatted output conversion routine, which could,\n on big-endian platforms, potentially lead to the disclosure of sensitive\n information or a denial of service (application crash). (CVE-2009-1956)\n \n Note: The CVE-2009-1956 flaw only affects big-endian platforms, such as the\n IBM S/390 and PowerPC. It does not affect users using the httpd package on\n little-endian platforms, due to their different organization of byte\n ordering used to represent particular data.\n \n A denial of service flaw was found in the apr-util Extensible Markup\n Language (XML) parser. A remote attacker could create a specially-crafted\n XML document that would cause excessive memory consumption when processed\n by the XML decoding engine. (CVE-2009-1955)\n \n A heap-based underwrite flaw was found in the way apr-util created compiled\n forms of particular search patterns. An attacker could formulate a\n specially-crafted search keyword, that would overwrite arbitrary heap\n memory locations when processed by the pattern preparation engine.\n (CVE-2009-0023)\n \n All httpd users should upgrade to these updated packages, which contain\n backported patches to correct these issues. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"httpd on CentOS 3\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-June/015973.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880692\");\n script_version(\"$Revision: 9371 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:55:06 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2009:1108\");\n script_cve_id(\"CVE-2009-0023\", \"CVE-2009-1955\", \"CVE-2009-1956\");\n script_name(\"CentOS Update for httpd CESA-2009:1108 centos3 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of httpd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.0.46~73.ent.centos\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.0.46~73.ent.centos\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.0.46~73.ent.centos\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:59", "bulletinFamily": "scanner", "description": "The remote host is missing an update to apr-util\nannounced via advisory FEDORA-2009-6014.", "modified": "2017-07-10T00:00:00", "published": "2009-06-30T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=64295", "id": "OPENVAS:64295", "title": "Fedora Core 9 FEDORA-2009-6014 (apr-util)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_6014.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-6014 (apr-util)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nBackport security fixes from upstream version 1.3.7:\n- CVE-2009-0023 Fix underflow in apr_strmatch_precompile.\n- CVE-2009-1955 Fix a denial of service attack against the\n apr_xml_* interface using the billion laughs entity\n expansion technique.\n- CVE-2009-1956 Fix off by one overflow in apr_brigade_vprintf.\n Note: CVE-2009-1956 is only an issue on big-endian architectures.\n\nChangeLog:\n\n* Mon Jun 8 2009 Bojan Smojver - 1.2.12-7\n- include missing bit of the apr_strmatch.c patch\n* Mon Jun 8 2009 Bojan Smojver - 1.2.12-6\n- CVE-2009-0023\n- billion laughs fix of apr_xml_* interface\n- off by one in apr_brigade_vprintf\n* Wed Jun 11 2008 Dennis Gilmore - 1.2.12-5.1\n- minor rebuild on sparc\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update apr-util' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-6014\";\ntag_summary = \"The remote host is missing an update to apr-util\nannounced via advisory FEDORA-2009-6014.\";\n\n\n\nif(description)\n{\n script_id(64295);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-30 00:29:55 +0200 (Tue, 30 Jun 2009)\");\n script_cve_id(\"CVE-2009-0023\", \"CVE-2009-1955\", \"CVE-2009-1956\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Fedora Core 9 FEDORA-2009-6014 (apr-util)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=504555\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=504390\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=503928\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apr-util\", rpm:\"apr-util~1.2.12~7.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apr-util-devel\", rpm:\"apr-util-devel~1.2.12~7.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apr-util-mysql\", rpm:\"apr-util-mysql~1.2.12~7.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apr-util-pgsql\", rpm:\"apr-util-pgsql~1.2.12~7.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apr-util-sqlite\", rpm:\"apr-util-sqlite~1.2.12~7.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apr-util-debuginfo\", rpm:\"apr-util-debuginfo~1.2.12~7.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:37:10", "bulletinFamily": "scanner", "description": "The remote host is missing an update to apr-util\nannounced via advisory FEDORA-2009-6014.", "modified": "2018-04-06T00:00:00", "published": "2009-06-30T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064295", "id": "OPENVAS:136141256231064295", "type": "openvas", "title": "Fedora Core 9 FEDORA-2009-6014 (apr-util)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_6014.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-6014 (apr-util)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nBackport security fixes from upstream version 1.3.7:\n- CVE-2009-0023 Fix underflow in apr_strmatch_precompile.\n- CVE-2009-1955 Fix a denial of service attack against the\n apr_xml_* interface using the billion laughs entity\n expansion technique.\n- CVE-2009-1956 Fix off by one overflow in apr_brigade_vprintf.\n Note: CVE-2009-1956 is only an issue on big-endian architectures.\n\nChangeLog:\n\n* Mon Jun 8 2009 Bojan Smojver - 1.2.12-7\n- include missing bit of the apr_strmatch.c patch\n* Mon Jun 8 2009 Bojan Smojver - 1.2.12-6\n- CVE-2009-0023\n- billion laughs fix of apr_xml_* interface\n- off by one in apr_brigade_vprintf\n* Wed Jun 11 2008 Dennis Gilmore - 1.2.12-5.1\n- minor rebuild on sparc\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update apr-util' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-6014\";\ntag_summary = \"The remote host is missing an update to apr-util\nannounced via advisory FEDORA-2009-6014.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64295\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-30 00:29:55 +0200 (Tue, 30 Jun 2009)\");\n script_cve_id(\"CVE-2009-0023\", \"CVE-2009-1955\", \"CVE-2009-1956\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Fedora Core 9 FEDORA-2009-6014 (apr-util)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=504555\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=504390\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=503928\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apr-util\", rpm:\"apr-util~1.2.12~7.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apr-util-devel\", rpm:\"apr-util-devel~1.2.12~7.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apr-util-mysql\", rpm:\"apr-util-mysql~1.2.12~7.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apr-util-pgsql\", rpm:\"apr-util-pgsql~1.2.12~7.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apr-util-sqlite\", rpm:\"apr-util-sqlite~1.2.12~7.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apr-util-debuginfo\", rpm:\"apr-util-debuginfo~1.2.12~7.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:04", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1107.\n\napr-util is a utility library used with the Apache Portable Runtime (APR).\nIt aims to provide a free library of C data structures and routines. This\nlibrary contains additional utility interfaces for APR; including support\nfor XML, LDAP, database interfaces, URI parsing, and more.\n\nAn off-by-one overflow flaw was found in the way apr-util processed a\nvariable list of arguments. An attacker could provide a specially-crafted\nstring as input for the formatted output conversion routine, which could,\non big-endian platforms, potentially lead to the disclosure of sensitive\ninformation or a denial of service (application crash). (CVE-2009-1956)\n\nNote: The CVE-2009-1956 flaw only affects big-endian platforms, such as the\nIBM S/390 and PowerPC. It does not affect users using the apr-util package\non little-endian platforms, due to their different organization of byte\nordering used to represent particular data.\n\nA denial of service flaw was found in the apr-util Extensible Markup\nLanguage (XML) parser. A remote attacker could create a specially-crafted\nXML document that would cause excessive memory consumption when processed\nby the XML decoding engine. (CVE-2009-1955)\n\nA heap-based underwrite flaw was found in the way apr-util created compiled\nforms of particular search patterns. An attacker could formulate a\nspecially-crafted search keyword, that would overwrite arbitrary heap\nmemory locations when processed by the pattern preparation engine.\n(CVE-2009-0023)\n\nAll apr-util users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. Applications using the Apache\nPortable Runtime library, such as httpd, must be restarted for this update\nto take effect.", "modified": "2018-04-06T00:00:00", "published": "2009-06-23T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064214", "id": "OPENVAS:136141256231064214", "title": "RedHat Security Advisory RHSA-2009:1107", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1107.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1107 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1107.\n\napr-util is a utility library used with the Apache Portable Runtime (APR).\nIt aims to provide a free library of C data structures and routines. This\nlibrary contains additional utility interfaces for APR; including support\nfor XML, LDAP, database interfaces, URI parsing, and more.\n\nAn off-by-one overflow flaw was found in the way apr-util processed a\nvariable list of arguments. An attacker could provide a specially-crafted\nstring as input for the formatted output conversion routine, which could,\non big-endian platforms, potentially lead to the disclosure of sensitive\ninformation or a denial of service (application crash). (CVE-2009-1956)\n\nNote: The CVE-2009-1956 flaw only affects big-endian platforms, such as the\nIBM S/390 and PowerPC. It does not affect users using the apr-util package\non little-endian platforms, due to their different organization of byte\nordering used to represent particular data.\n\nA denial of service flaw was found in the apr-util Extensible Markup\nLanguage (XML) parser. A remote attacker could create a specially-crafted\nXML document that would cause excessive memory consumption when processed\nby the XML decoding engine. (CVE-2009-1955)\n\nA heap-based underwrite flaw was found in the way apr-util created compiled\nforms of particular search patterns. An attacker could formulate a\nspecially-crafted search keyword, that would overwrite arbitrary heap\nmemory locations when processed by the pattern preparation engine.\n(CVE-2009-0023)\n\nAll apr-util users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. Applications using the Apache\nPortable Runtime library, such as httpd, must be restarted for this update\nto take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64214\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-23 15:49:15 +0200 (Tue, 23 Jun 2009)\");\n script_cve_id(\"CVE-2009-0023\", \"CVE-2009-1955\", \"CVE-2009-1956\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1107\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1107.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#moderate\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apr-util\", rpm:\"apr-util~0.9.4~22.el4_8.1\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apr-util-debuginfo\", rpm:\"apr-util-debuginfo~0.9.4~22.el4_8.1\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apr-util-devel\", rpm:\"apr-util-devel~0.9.4~22.el4_8.1\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apr-util\", rpm:\"apr-util~1.2.7~7.el5_3.1\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apr-util-debuginfo\", rpm:\"apr-util-debuginfo~1.2.7~7.el5_3.1\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apr-util-docs\", rpm:\"apr-util-docs~1.2.7~7.el5_3.1\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apr-util-devel\", rpm:\"apr-util-devel~1.2.7~7.el5_3.1\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-09-28T18:25:04", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2009-1107", "modified": "2018-09-28T00:00:00", "published": "2015-10-08T00:00:00", "id": "OPENVAS:1361412562310122475", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122475", "title": "Oracle Linux Local Check: ELSA-2009-1107", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2009-1107.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122475\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:46:11 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2009-1107\");\n script_tag(name:\"insight\", value:\"ELSA-2009-1107 - apr-util security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2009-1107\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2009-1107.html\");\n script_cve_id(\"CVE-2009-0023\", \"CVE-2009-1955\", \"CVE-2009-1956\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"apr-util\", rpm:\"apr-util~1.2.7~7.el5_3.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"apr-util-devel\", rpm:\"apr-util-devel~1.2.7~7.el5_3.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"apr-util-docs\", rpm:\"apr-util-docs~1.2.7~7.el5_3.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:37:32", "bulletinFamily": "scanner", "description": "The remote host is missing updates to httpd announced in\nadvisory CESA-2009:1108.", "modified": "2018-04-06T00:00:00", "published": "2009-06-23T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064269", "id": "OPENVAS:136141256231064269", "title": "CentOS Security Advisory CESA-2009:1108 (httpd)", "type": "openvas", "sourceData": "#CESA-2009:1108 64269 2\n# $Id: ovcesa2009_1108.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1108 (httpd)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1108\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1108\nhttps://rhn.redhat.com/errata/RHSA-2009-1108.html\";\ntag_summary = \"The remote host is missing updates to httpd announced in\nadvisory CESA-2009:1108.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64269\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-23 15:49:15 +0200 (Tue, 23 Jun 2009)\");\n script_cve_id(\"CVE-2009-0023\", \"CVE-2009-1955\", \"CVE-2009-1956\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"CentOS Security Advisory CESA-2009:1108 (httpd)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.0.46~73.ent.centos\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.0.46~73.ent.centos\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.0.46~73.ent.centos\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:45:39", "bulletinFamily": "unix", "description": "[1.2.7-7.el5_3.1]\n- add security fixes for CVE-2009-0023, CVE-2009-1955, \n and CVE-2009-1956 (#504560)", "modified": "2009-06-16T00:00:00", "published": "2009-06-16T00:00:00", "id": "ELSA-2009-1107", "href": "http://linux.oracle.com/errata/ELSA-2009-1107.html", "title": "apr-util security update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:44:56", "bulletinFamily": "unix", "description": "[2.0.46-73.0.1.ent]\n- use oracle index page oracle_index.html\n- remove logos in powered_by.gif and powered_by_rh.png\n- add apr-configure.patch\n[2.0.46-73.ent]\n- forcibly disable SCTP support in APR\n[2.0.46-72.ent]\n- add security fixes for CVE-2009-0023, CVE-2009-1955, \n and CVE-2009-1956 (apr-util) (#504562)", "modified": "2009-06-17T00:00:00", "published": "2009-06-17T00:00:00", "id": "ELSA-2009-1108", "href": "http://linux.oracle.com/errata/ELSA-2009-1108.html", "title": "httpd security update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2018-12-11T17:45:06", "bulletinFamily": "unix", "description": "apr-util is a utility library used with the Apache Portable Runtime (APR).\nIt aims to provide a free library of C data structures and routines. This\nlibrary contains additional utility interfaces for APR; including support\nfor XML, LDAP, database interfaces, URI parsing, and more.\n\nAn off-by-one overflow flaw was found in the way apr-util processed a\nvariable list of arguments. An attacker could provide a specially-crafted\nstring as input for the formatted output conversion routine, which could,\non big-endian platforms, potentially lead to the disclosure of sensitive\ninformation or a denial of service (application crash). (CVE-2009-1956)\n\nNote: The CVE-2009-1956 flaw only affects big-endian platforms, such as the\nIBM S/390 and PowerPC. It does not affect users using the apr-util package\non little-endian platforms, due to their different organization of byte\nordering used to represent particular data.\n\nA denial of service flaw was found in the apr-util Extensible Markup\nLanguage (XML) parser. A remote attacker could create a specially-crafted\nXML document that would cause excessive memory consumption when processed\nby the XML decoding engine. (CVE-2009-1955)\n\nA heap-based underwrite flaw was found in the way apr-util created compiled\nforms of particular search patterns. An attacker could formulate a\nspecially-crafted search keyword, that would overwrite arbitrary heap\nmemory locations when processed by the pattern preparation engine.\n(CVE-2009-0023)\n\nAll apr-util users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. Applications using the Apache\nPortable Runtime library, such as httpd, must be restarted for this update\nto take effect.", "modified": "2017-09-08T12:11:03", "published": "2009-06-16T04:00:00", "id": "RHSA-2009:1107", "href": "https://access.redhat.com/errata/RHSA-2009:1107", "type": "redhat", "title": "(RHSA-2009:1107) Moderate: apr-util security update", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:45:40", "bulletinFamily": "unix", "description": "The Apache HTTP Server is a popular Web server. The httpd package shipped\nwith Red Hat Enterprise Linux 3 contains an embedded copy of the Apache\nPortable Runtime (APR) utility library, a free library of C data structures\nand routines, which includes interfaces to support XML parsing, LDAP\nconnections, database interfaces, URI parsing, and more.\n\nAn off-by-one overflow flaw was found in the way apr-util processed a\nvariable list of arguments. An attacker could provide a specially-crafted\nstring as input for the formatted output conversion routine, which could,\non big-endian platforms, potentially lead to the disclosure of sensitive\ninformation or a denial of service (application crash). (CVE-2009-1956)\n\nNote: The CVE-2009-1956 flaw only affects big-endian platforms, such as the\nIBM S/390 and PowerPC. It does not affect users using the httpd package on\nlittle-endian platforms, due to their different organization of byte\nordering used to represent particular data.\n\nA denial of service flaw was found in the apr-util Extensible Markup\nLanguage (XML) parser. A remote attacker could create a specially-crafted\nXML document that would cause excessive memory consumption when processed\nby the XML decoding engine. (CVE-2009-1955)\n\nA heap-based underwrite flaw was found in the way apr-util created compiled\nforms of particular search patterns. An attacker could formulate a\nspecially-crafted search keyword, that would overwrite arbitrary heap\nmemory locations when processed by the pattern preparation engine.\n(CVE-2009-0023)\n\nAll httpd users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the httpd daemon must be restarted for the update to take effect.", "modified": "2018-05-26T04:26:17", "published": "2009-06-16T04:00:00", "id": "RHSA-2009:1108", "href": "https://access.redhat.com/errata/RHSA-2009:1108", "type": "redhat", "title": "(RHSA-2009:1108) Moderate: httpd security update", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:19", "bulletinFamily": "unix", "description": "### Background\n\nThe Apache Portable Runtime Utility Library (aka apr-util) provides an interface to functionality such as XML parsing, string matching and databases connections. \n\n### Description\n\nMultiple vulnerabilities have been discovered in the APR Utility Library: \n\n * Matthew Palmer reported a heap-based buffer underflow while compiling search patterns in the apr_strmatch_precompile() function in strmatch/apr_strmatch.c (CVE-2009-0023).\n * kcope reported that the expat XML parser in xml/apr_xml.c does not limit the amount of XML entities expanded recursively (CVE-2009-1955).\n * C. Michael Pilato reported an off-by-one error in the apr_brigade_vprintf() function in buckets/apr_brigade.c (CVE-2009-1956).\n\n### Impact\n\nA remote attacker could exploit these vulnerabilities to cause a Denial of Service (crash or memory exhaustion) via an Apache HTTP server running mod_dav or mod_dav_svn, or using several configuration files. Additionally, a remote attacker could disclose sensitive information or cause a Denial of Service by sending a specially crafted input. NOTE: Only big-endian architectures such as PPC and HPPA are affected by the latter flaw. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Apache Portable Runtime Utility Library users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/apr-util-1.3.7\"", "modified": "2009-07-04T00:00:00", "published": "2009-07-04T00:00:00", "id": "GLSA-200907-03", "href": "https://security.gentoo.org/glsa/200907-03", "type": "gentoo", "title": "APR Utility Library: Multiple vulnerabilities", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "centos": [{"lastseen": "2017-10-12T14:45:26", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2009:1108\n\n\nThe Apache HTTP Server is a popular Web server. The httpd package shipped\nwith Red Hat Enterprise Linux 3 contains an embedded copy of the Apache\nPortable Runtime (APR) utility library, a free library of C data structures\nand routines, which includes interfaces to support XML parsing, LDAP\nconnections, database interfaces, URI parsing, and more.\n\nAn off-by-one overflow flaw was found in the way apr-util processed a\nvariable list of arguments. An attacker could provide a specially-crafted\nstring as input for the formatted output conversion routine, which could,\non big-endian platforms, potentially lead to the disclosure of sensitive\ninformation or a denial of service (application crash). (CVE-2009-1956)\n\nNote: The CVE-2009-1956 flaw only affects big-endian platforms, such as the\nIBM S/390 and PowerPC. It does not affect users using the httpd package on\nlittle-endian platforms, due to their different organization of byte\nordering used to represent particular data.\n\nA denial of service flaw was found in the apr-util Extensible Markup\nLanguage (XML) parser. A remote attacker could create a specially-crafted\nXML document that would cause excessive memory consumption when processed\nby the XML decoding engine. (CVE-2009-1955)\n\nA heap-based underwrite flaw was found in the way apr-util created compiled\nforms of particular search patterns. An attacker could formulate a\nspecially-crafted search keyword, that would overwrite arbitrary heap\nmemory locations when processed by the pattern preparation engine.\n(CVE-2009-0023)\n\nAll httpd users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the httpd daemon must be restarted for the update to take effect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-June/015973.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-June/015974.html\n\n**Affected packages:**\nhttpd\nhttpd-devel\nmod_ssl\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-1108.html", "modified": "2009-06-17T15:03:14", "published": "2009-06-17T15:02:38", "href": "http://lists.centos.org/pipermail/centos-announce/2009-June/015973.html", "id": "CESA-2009:1108", "title": "httpd, mod_ssl security update", "type": "centos", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-10-03T18:25:36", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2009:1107\n\n\napr-util is a utility library used with the Apache Portable Runtime (APR).\nIt aims to provide a free library of C data structures and routines. This\nlibrary contains additional utility interfaces for APR; including support\nfor XML, LDAP, database interfaces, URI parsing, and more.\n\nAn off-by-one overflow flaw was found in the way apr-util processed a\nvariable list of arguments. An attacker could provide a specially-crafted\nstring as input for the formatted output conversion routine, which could,\non big-endian platforms, potentially lead to the disclosure of sensitive\ninformation or a denial of service (application crash). (CVE-2009-1956)\n\nNote: The CVE-2009-1956 flaw only affects big-endian platforms, such as the\nIBM S/390 and PowerPC. It does not affect users using the apr-util package\non little-endian platforms, due to their different organization of byte\nordering used to represent particular data.\n\nA denial of service flaw was found in the apr-util Extensible Markup\nLanguage (XML) parser. A remote attacker could create a specially-crafted\nXML document that would cause excessive memory consumption when processed\nby the XML decoding engine. (CVE-2009-1955)\n\nA heap-based underwrite flaw was found in the way apr-util created compiled\nforms of particular search patterns. An attacker could formulate a\nspecially-crafted search keyword, that would overwrite arbitrary heap\nmemory locations when processed by the pattern preparation engine.\n(CVE-2009-0023)\n\nAll apr-util users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. Applications using the Apache\nPortable Runtime library, such as httpd, must be restarted for this update\nto take effect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-June/015983.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-June/015984.html\n\n**Affected packages:**\napr-util\napr-util-devel\napr-util-docs\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-1107.html", "modified": "2009-06-19T10:53:07", "published": "2009-06-19T10:53:07", "href": "http://lists.centos.org/pipermail/centos-announce/2009-June/015983.html", "id": "CESA-2009:1107", "title": "apr security update", "type": "centos", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:08:50", "bulletinFamily": "unix", "description": "Matthew Palmer discovered an underflow flaw in apr-util. An attacker could cause a denial of service via application crash in Apache using a crafted SVNMasterURI directive, .htaccess file, or when using mod_apreq2. Applications using libapreq2 are also affected. (CVE-2009-0023)\n\nIt was discovered that the XML parser did not properly handle entity expansion. A remote attacker could cause a denial of service via memory resource consumption by sending a crafted request to an Apache server configured to use mod_dav or mod_dav_svn. (CVE-2009-1955)\n\nC. Michael Pilato discovered an off-by-one buffer overflow in apr-util when formatting certain strings. For big-endian machines (powerpc, hppa and sparc in Ubuntu), a remote attacker could cause a denial of service or information disclosure leak. All other architectures for Ubuntu are not considered to be at risk. (CVE-2009-1956)", "modified": "2009-06-10T00:00:00", "published": "2009-06-10T00:00:00", "id": "USN-786-1", "href": "https://usn.ubuntu.com/786-1/", "title": "apr-util vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:46", "bulletinFamily": "unix", "description": "Matthew Palmer discovered an underflow flaw in apr-util as included in Apache. An attacker could cause a denial of service via application crash in Apache using a crafted SVNMasterURI directive, .htaccess file, or when using mod_apreq2. This issue only affected Ubuntu 6.06 LTS. (CVE-2009-0023)\n\nSander de Boer discovered that mod_proxy_ajp would reuse connections when a client closed a connection without sending a request body. A remote attacker could exploit this to obtain sensitive response data. This issue only affected Ubuntu 9.04. (CVE-2009-1191)\n\nJonathan Peatfield discovered that Apache did not process Includes options correctly. With certain configurations of Options and AllowOverride, a local attacker could use an .htaccess file to override intended restrictions and execute arbitrary code via a Server-Side-Include file. This issue affected Ubuntu 8.04 LTS, 8.10 and 9.04. (CVE-2009-1195)\n\nIt was discovered that the XML parser did not properly handle entity expansion. A remote attacker could cause a denial of service via memory resource consumption by sending a crafted request to an Apache server configured to use mod_dav or mod_dav_svn. This issue only affected Ubuntu 6.06 LTS. (CVE-2009-1955)\n\nC. Michael Pilato discovered an off-by-one buffer overflow in apr-util when formatting certain strings. For big-endian machines (powerpc, hppa and sparc in Ubuntu), a remote attacker could cause a denial of service or information disclosure leak. All other architectures for Ubuntu are not considered to be at risk. This issue only affected Ubuntu 6.06 LTS. (CVE-2009-1956)", "modified": "2009-06-11T00:00:00", "published": "2009-06-11T00:00:00", "id": "USN-787-1", "href": "https://usn.ubuntu.com/787-1/", "title": "Apache vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:33", "bulletinFamily": "software", "description": "Memory consuption on large number of Entity elements.", "modified": "2009-06-05T00:00:00", "published": "2009-06-05T00:00:00", "id": "SECURITYVULNS:VULN:9954", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9954", "title": "Apache apr-util webDav DoS", "type": "securityvulns", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:30", "bulletinFamily": "software", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- ------------------------------------------------------------------------\r\nDebian Security Advisory DSA-1812-1 security@debian.org\r\nhttp://www.debian.org/security/ Stefan Fritsch\r\nJune 04, 2009 http://www.debian.org/security/faq\r\n- ------------------------------------------------------------------------\r\n\r\nPackage : apr-util\r\nVulnerability : denial of service\r\nProblem type : remote\r\nDebian-specific: no\r\nCVE ID : CVE-2009-0023\r\n\r\nApr-util, the Apache Portable Runtime Utility library, is used by\r\nApache 2.x, Subversion, and other applications. Two denial of service\r\nvulnerabilities have been found in apr-util:\r\n\r\n"kcope" discovered a flaw in the handling of internal XML entities in\r\nthe apr_xml_* interface that can be exploited to use all available\r\nmemory. This denial of service can be triggered remotely in the Apache\r\nmod_dav and mod_dav_svn modules. (No CVE id yet)\r\n\r\nMatthew Palmer discovered an underflow flaw in the\r\napr_strmatch_precompile function that can be exploited to cause a\r\ndaemon crash. The vulnerability can be triggered (1) remotely in\r\nmod_dav_svn for Apache if the "SVNMasterURI"directive is in use, (2)\r\nremotely in mod_apreq2 for Apache or other applications using\r\nlibapreq2, or (3) locally in Apache by a crafted ".htaccess" file.\r\n(CVE-2009-0023)\r\n\r\nOther exploit paths in other applications using apr-util may exist.\r\n\r\nIf you use Apache, or if you use svnserve in standalone mode, you need\r\nto restart the services after you upgraded the libaprutil1 package.\r\n\r\n\r\nFor the stable distribution (lenny), these problems have been fixed in\r\nversion 1.2.12+dfsg-8+lenny2.\r\n\r\nThe oldstable distribution (etch), these problems have been fixed in\r\nversion 1.2.7+dfsg-2+etch2.\r\n\r\nFor the testing distribution (squeeze) and the unstable distribution\r\n(sid), these problems will be fixed soon.\r\n\r\nWe recommend that you upgrade your apr-util packages.\r\n\r\nUpgrade instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\n\r\nDebian GNU/Linux 4.0 alias etch\r\n- -------------------------------\r\n\r\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc,\r\ns390 and sparc.\r\n\r\nSource archives:\r\n\r\n http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.7+dfsg-2+etch2.diff.gz\r\n Size/MD5 checksum: 33117 ed3dc8bd1a5891432d7fc0614b94becd\r\n http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.7+dfsg.orig.tar.gz\r\n Size/MD5 checksum: 643328 a3117be657f99e92316be40add59b9ff\r\n http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.7+dfsg-2+etch2.dsc\r\n Size/MD5 checksum: 1036 982d6c15afd4477277b01c004b7c8ac0\r\n\r\nalpha architecture (DEC Alpha)\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_alpha.deb\r\n Size/MD5 checksum: 83614 7bc2f02a403bb653dde89fc6efd34e7b\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_alpha.deb\r\n Size/MD5 checksum: 148054 45641c57b04ca3470eda5df4ce26742c\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_alpha.deb\r\n Size/MD5 checksum: 128914 03bc9c912b8b625af79f39284d45eeed\r\n\r\namd64 architecture (AMD x86_64 (AMD64))\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_amd64.deb\r\n Size/MD5 checksum: 72828 4fc0d12955c259cf26aab065b174ccf3\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_amd64.deb\r\n Size/MD5 checksum: 127854 fec6f28c19ad170d97e431a8657d6d3b\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_amd64.deb\r\n Size/MD5 checksum: 124516 6097da9f80f44b379f1b1d46aa13867a\r\n\r\narm architecture (ARM)\r\n\r\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_arm.deb\r\n Size/MD5 checksum: 66038 d7c116a4589f3f280d3a8f6f698afc8a\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_arm.deb\r\n Size/MD5 checksum: 116800 e46133d4e4e2191dae95e7d70df22b41\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_arm.deb\r\n Size/MD5 checksum: 121028 8d1d8a51de432ecdca221d3aab3a0342\r\n\r\nhppa architecture (HP PA RISC)\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_hppa.deb\r\n Size/MD5 checksum: 133822 0060e1aa0428f163fd8a2391afd42d86\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_hppa.deb\r\n Size/MD5 checksum: 126066 a197984d5f90879bfd5f5161d82fb793\r\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_hppa.deb\r\n Size/MD5 checksum: 78586 4dce52054b7fd81027e5f002d36b9ca1\r\n\r\ni386 architecture (Intel ia32)\r\n\r\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_i386.deb\r\n Size/MD5 checksum: 68680 d65d8158a672fc285a5329a96f927ff0\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_i386.deb\r\n Size/MD5 checksum: 116416 0fffc0910d45788aa2e5632913f97b5e\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_i386.deb\r\n Size/MD5 checksum: 122170 5c6fe8e442ec6aa146cc5f534d045e70\r\n\r\nia64 architecture (Intel ia64)\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_ia64.deb\r\n Size/MD5 checksum: 118768 c240a8957e74b4133d14524d65a0ca84\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_ia64.deb\r\n Size/MD5 checksum: 156554 75f7ef24fb756f82c41c376fbb976eb2\r\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_ia64.deb\r\n Size/MD5 checksum: 99380 31a30996ae576e028cd7d1b0e248096d\r\n\r\nmips architecture (MIPS (Big Endian))\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_mips.deb\r\n Size/MD5 checksum: 130216 64f856948c06a836e1e7ccb5288a8fd5\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_mips.deb\r\n Size/MD5 checksum: 130378 5c2bcd90e3e764b63fad5e7108f2f5c7\r\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_mips.deb\r\n Size/MD5 checksum: 70666 d8f16a952a9b49f1c1cce2dba45d4b67\r\n\r\nmipsel architecture (MIPS (Little Endian))\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_mipsel.deb\r\n Size/MD5 checksum: 130588 d24b45d678dd58b62518ddf1f6d9fd2f\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_mipsel.deb\r\n Size/MD5 checksum: 127794 2d8ed73655993e12cdb0d4b316315f2c\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_mipsel.deb\r\n Size/MD5 checksum: 70674 5242004658e91c173b717bde60a8085e\r\n\r\npowerpc architecture (PowerPC)\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_powerpc.deb\r\n Size/MD5 checksum: 130406 0016513b87ff4564f5ff69621d431e13\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_powerpc.deb\r\n Size/MD5 checksum: 125072 bc5539dda0daa900abfe77a088899f16\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_powerpc.deb\r\n Size/MD5 checksum: 72400 28647bd35db14975a678c4424f0fb4aa\r\n\r\ns390 architecture (IBM S/390)\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_s390.deb\r\n Size/MD5 checksum: 128360 df7691e2ac57d344c7c341ea7f606f3a\r\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_s390.deb\r\n Size/MD5 checksum: 76592 482e412db007c81e2174a6bd729fc2a0\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_s390.deb\r\n Size/MD5 checksum: 124716 9405781379de1b80fc8c7bd18260bd3c\r\n\r\nsparc architecture (Sun SPARC/UltraSPARC)\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_sparc.deb\r\n Size/MD5 checksum: 117158 bb4555e88f9b7f2a1127f24970b0863b\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_sparc.deb\r\n Size/MD5 checksum: 118574 366b392d5b9ba2771b08bec842ecca9a\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_sparc.deb\r\n Size/MD5 checksum: 66320 895fccdd633a9323f2e892a333e2f1f1\r\n\r\n\r\nDebian GNU/Linux 5.0 alias lenny\r\n- --------------------------------\r\n\r\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel,\r\npowerpc, s390 and sparc.\r\n\r\nSource archives:\r\n\r\n http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.12+dfsg.orig.tar.gz\r\n Size/MD5 checksum: 658687 4ef3e41037fe0cdd3a0d107335a008eb\r\n http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.12+dfsg-8+lenny2.dsc\r\n Size/MD5 checksum: 1530 2e0b102b714edffebe80b7522b60eb93\r\n http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.12+dfsg-8+lenny2.diff.gz\r\n Size/MD5 checksum: 22021 5ac66e9e3e4a3b3f93f25a075d7087ea\r\n\r\nalpha architecture (DEC Alpha)\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_alpha.deb\r\n Size/MD5 checksum: 146564 57902eabc0f7164fdb65f99742e774a9\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_alpha.deb\r\n Size/MD5 checksum: 157358 74fe3e8f488bca9d715a91852748215a\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_alpha.deb\r\n Size/MD5 checksum: 90574 78164e1209b66d8358931a4c783abf9e\r\n\r\namd64 architecture (AMD x86_64 (AMD64))\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_amd64.deb\r\n Size/MD5 checksum: 132654 20dc399a6c86153c0021d273b34eceaf\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_amd64.deb\r\n Size/MD5 checksum: 147538 ed67540d4baa9bce263df53c180e883e\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_amd64.deb\r\n Size/MD5 checksum: 79814 4b71fcc802a207c1d1e1f54c4460c775\r\n\r\narm architecture (ARM)\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_arm.deb\r\n Size/MD5 checksum: 124566 bddd5c3e65dfbe7cba72edf1872f6612\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_arm.deb\r\n Size/MD5 checksum: 71258 44658bee5eb78ff87e93008dd2d5ef1b\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_arm.deb\r\n Size/MD5 checksum: 138786 06343f2a0707a8aab17cf292da23ab7c\r\n\r\narmel architecture (ARM EABI)\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_armel.deb\r\n Size/MD5 checksum: 125382 63b253107c09d8f22a74daf4e75c0d4f\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_armel.deb\r\n Size/MD5 checksum: 138852 d19e3658c9d0659845c2b27c9130c871\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_armel.deb\r\n Size/MD5 checksum: 69786 22e9c23a71adec339b6048e4909e7b64\r\n\r\nhppa architecture (HP PA RISC)\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_hppa.deb\r\n Size/MD5 checksum: 139700 67e358018e90e3a0a112f2b0ecb5c8e1\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_hppa.deb\r\n Size/MD5 checksum: 83228 5e90a7a8e2f17dbe1099b4275dbfecce\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_hppa.deb\r\n Size/MD5 checksum: 142974 bdac87da2eb60b9c2dc5f2cb77065135\r\n\r\ni386 architecture (Intel ia32)\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_i386.deb\r\n Size/MD5 checksum: 120742 8f22bb0169bb8adfafb8295cd8e11a5d\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_i386.deb\r\n Size/MD5 checksum: 73636 e8bafce964601ca062a3e8dc3e9ab887\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_i386.deb\r\n Size/MD5 checksum: 141210 9cfb5f9c9a81d8c9d246bcda411330d5\r\n\r\nia64 architecture (Intel ia64)\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_ia64.deb\r\n Size/MD5 checksum: 135222 6e69a6671e161d561c74db4328f83002\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_ia64.deb\r\n Size/MD5 checksum: 110928 6edc23e6b3e254d9e3a945eb8b201549\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_ia64.deb\r\n Size/MD5 checksum: 169954 af3e28f3b3f42df488885d2bf8025a4b\r\n\r\nmips architecture (MIPS (Big Endian))\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_mips.deb\r\n Size/MD5 checksum: 147132 96b0bf6e077e8abc8ce12fff05b4151d\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_mips.deb\r\n Size/MD5 checksum: 74196 128cbbed2eaaa51c2e92a4bfe6076cd0\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_mips.deb\r\n Size/MD5 checksum: 137308 af2189d769dd968ef38b47a22664de82\r\n\r\nmipsel architecture (MIPS (Little Endian))\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_mipsel.deb\r\n Size/MD5 checksum: 74124 4894b4b56cc740ca877af667681ebfaa\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_mipsel.deb\r\n Size/MD5 checksum: 144442 37c6b6c54ab1b0539d10565d4c668f6b\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_mipsel.deb\r\n Size/MD5 checksum: 136152 e0b1e255aabc2db28542107ad15f5b46\r\n\r\npowerpc architecture (PowerPC)\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_powerpc.deb\r\n Size/MD5 checksum: 146778 34fd3aab3b62f4e3ccaa3ce6a27aa08d\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_powerpc.deb\r\n Size/MD5 checksum: 82798 4f81cdc2bb6a92c9add30ce0c5566226\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_powerpc.deb\r\n Size/MD5 checksum: 132238 5fc82f511183058f4138c4cd07ec1ca9\r\n\r\ns390 architecture (IBM S/390)\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_s390.deb\r\n Size/MD5 checksum: 85280 c185347abe5db6c3c5c797714a476454\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_s390.deb\r\n Size/MD5 checksum: 148334 b3bfbab7f4e064ab3065070879c28faf\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_s390.deb\r\n Size/MD5 checksum: 132826 d547ee5465f7bef60c954de4d6721b31\r\n\r\nsparc architecture (Sun SPARC/UltraSPARC)\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_sparc.deb\r\n Size/MD5 checksum: 72812 9b27f0c316fd15a2535fd571bca5faa9\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_sparc.deb\r\n Size/MD5 checksum: 124558 e3e07157b4bb28ec91168b6a038474d0\r\n \r\nhttp://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_sparc.deb\r\n Size/MD5 checksum: 132136 f82857755ceba785fe679c16fe865f1d\r\n\r\n\r\n These files will probably be moved into the stable distribution on\r\n its next update.\r\n\r\n- ---------------------------------------------------------------------------------\r\nFor apt-get: deb http://security.debian.org/ stable/updates main\r\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\r\nMailing list: debian-security-announce@lists.debian.org\r\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 (GNU/Linux)\r\n\r\niEYEARECAAYFAkooHqoACgkQXm3vHE4uylqWLACgrmHwQvY31zOkkz13KzOjDnrU\r\niuwAn0pivdsNaFbtP2y7ScRu1kAP6N8S\r\n=onLw\r\n-----END PGP SIGNATURE-----", "modified": "2009-06-05T00:00:00", "published": "2009-06-05T00:00:00", "id": "SECURITYVULNS:DOC:21953", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:21953", "title": "[SECURITY] [DSA 1812-1] New apr-util packages fix several vulnerabilities", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2018-08-31T01:15:26", "bulletinFamily": "unix", "description": "\nSecunia reports:\n\nSome vulnerabilities have been reported in APR-util, which\n\t can be exploited by malicious users and malicious people to\n\t cause a DoS (Denial of Service).\nA vulnerability is caused due to an error in the processing\n\t of XML files and can be exploited to exhaust all available\n\t memory via a specially crafted XML file containing a\n\t predefined entity inside an entity definition.\nA vulnerability is caused due to an error within the\n\t \"apr_strmatch_precompile()\" function in\n\t strmatch/apr_strmatch.c, which can be exploited to crash an\n\t application using the library.\n\nRedHat reports:\n\nA single NULL byte buffer overflow flaw was found in\n\t apr-util's apr_brigade_vprintf() function.\n\n", "modified": "2009-06-05T00:00:00", "published": "2009-06-05T00:00:00", "id": "EB9212F7-526B-11DE-BBF2-001B77D09812", "href": "https://vuxml.freebsd.org/freebsd/eb9212f7-526b-11de-bbf2-001b77d09812.html", "title": "apr -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:15:24", "bulletinFamily": "unix", "description": "\nApache ChangeLog reports:\n\nCVE-2009-1891: Fix a potential Denial-of-Service attack against mod_deflate or other modules.\nCVE-2009-1195: Prevent the \"Includes\" Option from being enabled in an .htaccess file if the AllowOverride restrictions do not permit it.\nCVE-2009-1890: Fix a potential Denial-of-Service attack against mod_proxy in a reverse proxy configuration.\nCVE-2009-1191: mod_proxy_ajp: Avoid delivering content from a previous request which failed to send a request body.\nCVE-2009-0023, CVE-2009-1955, CVE-2009-1956: The bundled copy of the APR-util library has been updated, fixing three different security issues which may affect particular configurations and third-party modules (was already fixed in 2.2.11_5).\n\n", "modified": "2009-07-28T00:00:00", "published": "2009-07-28T00:00:00", "id": "E15F2356-9139-11DE-8F42-001AA0166822", "href": "https://vuxml.freebsd.org/freebsd/e15f2356-9139-11de-8f42-001aa0166822.html", "title": "apache22 -- several vulnerabilities", "type": "freebsd", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "slackware": [{"lastseen": "2018-08-31T02:37:12", "bulletinFamily": "unix", "description": "New apr-util (and apr) packages are available for Slackware 11.0, 12.0, 12.1,\n12.2, and -current to fix security issues. The issues are with apr-util, but\nolder Slackware releases will require a new version of the apr package as well.\n\nMore details about the issues may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955\n\n\nHere are the details from the Slackware 12.2 ChangeLog:\n\npatches/packages/apr-1.3.5-i486-1_slack12.2.tgz: Upgraded.\npatches/packages/apr-util-1.3.7-i486-1_slack12.2.tgz: Upgraded.\n Fix underflow in apr_strmatch_precompile.\n Fix a denial of service attack against the apr_xml_* interface\n using the "billion laughs" entity expansion technique.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated packages for Slackware 11.0:\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/apr-1.3.5-i486-1_slack11.0.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/apr-util-1.3.7-i486-1_slack11.0.tgz\n\nUpdated packages for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/apr-1.3.5-i486-1_slack12.0.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/apr-util-1.3.7-i486-1_slack12.0.tgz\n\nUpdated packages for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/apr-1.3.5-i486-1_slack12.1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/apr-util-1.3.7-i486-1_slack12.1.tgz\n\nUpdated packages for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/apr-1.3.5-i486-1_slack12.2.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/apr-util-1.3.7-i486-1_slack12.2.tgz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/apr-1.3.5-i486-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/apr-util-1.3.7-i486-1.txz\n\nUpdated packages for Slackware64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/apr-1.3.5-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/apr-util-1.3.7-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 11.0 packages:\nac9c2bd1c832b3c0c6591e5093d22574 apr-1.3.5-i486-1_slack11.0.tgz\n11c43b25594f4f80d2e9a57d2c5e7529 apr-util-1.3.7-i486-1_slack11.0.tgz\n\nSlackware 12.0 packages:\n7530bd4fabcfb8bfead159317deb1d9d apr-1.3.5-i486-1_slack12.0.tgz\n920adee38b69d8ab622ae7e24f02b6f5 apr-util-1.3.7-i486-1_slack12.0.tgz\n\nSlackware 12.1 packages:\na37e104e2f1e7fe431fdfe8dd9f9419b apr-1.3.5-i486-1_slack12.1.tgz\n74c0246803ed50eab16ef77bf65a2d6a apr-util-1.3.7-i486-1_slack12.1.tgz\n\nSlackware 12.2 packages:\ne276ed3382240e432c10f36617713413 apr-1.3.5-i486-1_slack12.2.tgz\n49fa603e108d01ade6314b9a1c436ef1 apr-util-1.3.7-i486-1_slack12.2.tgz\n\nSlackware -current packages:\n606c7f33edb9de39b1fd79aa3b87fe0a apr-1.3.5-i486-1.txz\n453715fe39f01072d03a694ac3efd3f1 apr-util-1.3.7-i486-1.txz\n\nSlackware64 -current packages:\ne461c38f40409b9116ba961a54da158b apr-1.3.5-x86_64-1.txz\n4575a1349995790b06f7063fdd389f01 apr-util-1.3.7-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the packages as root:\n > upgradepkg apr-1.3.5-i486-1_slack12.2.tgz apr-util-1.3.7-i486-1_slack12.2.tgz\n\nThen restart any services that use apr-util.", "modified": "2009-06-16T17:40:37", "published": "2009-06-16T17:40:37", "id": "SSA-2009-167-02", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.538210", "title": "apr-util", "type": "slackware", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T02:37:09", "bulletinFamily": "unix", "description": "New httpd packages are available for Slackware 12.0, 12.1, 12.2, and -current\nto fix security issues.\n\nMore details about these issues may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1956\n\n\nHere are the details from the Slackware 12.2 ChangeLog:\n\npatches/packages/httpd-2.2.12-i486-1_slack12.2.tgz: Upgraded.\n This update fixes some security issues (from the CHANGES file):\n *) SECURITY: CVE-2009-1891 (cve.mitre.org)\n Fix a potential Denial-of-Service attack against mod_deflate or other\n modules, by forcing the server to consume CPU time in compressing a\n large file after a client disconnects. PR 39605.\n [Joe Orton, Ruediger Pluem]\n *) SECURITY: CVE-2009-1195 (cve.mitre.org)\n Prevent the "Includes" Option from being enabled in an .htaccess\n file if the AllowOverride restrictions do not permit it.\n [Jonathan Peatfield <j.s.peatfield damtp.cam.ac.uk>, Joe Orton,\n Ruediger Pluem, Jeff Trawick]\n *) SECURITY: CVE-2009-1890 (cve.mitre.org)\n Fix a potential Denial-of-Service attack against mod_proxy in a\n reverse proxy configuration, where a remote attacker can force a\n proxy process to consume CPU time indefinitely. [Nick Kew, Joe Orton]\n *) SECURITY: CVE-2009-1191 (cve.mitre.org)\n mod_proxy_ajp: Avoid delivering content from a previous request which\n failed to send a request body. PR 46949 [Ruediger Pluem]\n *) SECURITY: CVE-2009-0023, CVE-2009-1955, CVE-2009-1956 (cve.mitre.org)\n The bundled copy of the APR-util library has been updated, fixing three\n different security issues which may affect particular configurations\n and third-party modules.\n These last three CVEs were addressed in Slackware previously with an\n update to new system apr and apr-util packages.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1956\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/httpd-2.2.12-i486-1_slack12.0.tgz\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/httpd-2.2.12-i486-1_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/httpd-2.2.12-i486-1_slack12.2.tgz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/httpd-2.2.12-i486-1.txz\n\nUpdated package for Slackware64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/httpd-2.2.12-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 12.0 package:\n1ef7c8d65f8d7398abfcde3dd46aed7f httpd-2.2.12-i486-1_slack12.0.tgz\n\nSlackware 12.1 package:\n349f4437fb4c2573a134c3485dda0265 httpd-2.2.12-i486-1_slack12.1.tgz\n\nSlackware 12.2 package:\n253406ed8801276a635008d7749db55f httpd-2.2.12-i486-1_slack12.2.tgz\n\nSlackware -current package:\n4a2ffd0ef9184fed93f651b83f6eaf6a httpd-2.2.12-i486-1.txz\n\nSlackware64 -current package:\n560b607f09a934a46fc3112a2659b06b httpd-2.2.12-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg httpd-2.2.12-i486-1_slack12.2.tgz\n\nThen, restart the httpd server.", "modified": "2009-08-02T15:33:03", "published": "2009-08-02T15:33:03", "id": "SSA-2009-214-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.566124", "title": "httpd", "type": "slackware", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "debian": [{"lastseen": "2018-10-16T22:14:38", "bulletinFamily": "unix", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1812-1 security@debian.org\nhttp://www.debian.org/security/ Stefan Fritsch\nJune 04, 2009 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : apr-util\nVulnerability : denial of service\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2009-0023\n\nApr-util, the Apache Portable Runtime Utility library, is used by\nApache 2.x, Subversion, and other applications. Two denial of service\nvulnerabilities have been found in apr-util:\n\n"kcope" discovered a flaw in the handling of internal XML entities in\nthe apr_xml_* interface that can be exploited to use all available\nmemory. This denial of service can be triggered remotely in the Apache\nmod_dav and mod_dav_svn modules. (No CVE id yet)\n\nMatthew Palmer discovered an underflow flaw in the\napr_strmatch_precompile function that can be exploited to cause a\ndaemon crash. The vulnerability can be triggered (1) remotely in\nmod_dav_svn for Apache if the "SVNMasterURI"directive is in use, (2)\nremotely in mod_apreq2 for Apache or other applications using\nlibapreq2, or (3) locally in Apache by a crafted ".htaccess" file.\n(CVE-2009-0023)\n\nOther exploit paths in other applications using apr-util may exist.\n\nIf you use Apache, or if you use svnserve in standalone mode, you need\nto restart the services after you upgraded the libaprutil1 package.\n\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1.2.12+dfsg-8+lenny2.\n\nThe oldstable distribution (etch), these problems have been fixed in\nversion 1.2.7+dfsg-2+etch2.\n\nFor the testing distribution (squeeze) and the unstable distribution\n(sid), these problems will be fixed soon.\n\nWe recommend that you upgrade your apr-util packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.7+dfsg-2+etch2.diff.gz\n Size/MD5 checksum: 33117 ed3dc8bd1a5891432d7fc0614b94becd\n http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.7+dfsg.orig.tar.gz\n Size/MD5 checksum: 643328 a3117be657f99e92316be40add59b9ff\n http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.7+dfsg-2+etch2.dsc\n Size/MD5 checksum: 1036 982d6c15afd4477277b01c004b7c8ac0\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_alpha.deb\n Size/MD5 checksum: 83614 7bc2f02a403bb653dde89fc6efd34e7b\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_alpha.deb\n Size/MD5 checksum: 148054 45641c57b04ca3470eda5df4ce26742c\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_alpha.deb\n Size/MD5 checksum: 128914 03bc9c912b8b625af79f39284d45eeed\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_amd64.deb\n Size/MD5 checksum: 72828 4fc0d12955c259cf26aab065b174ccf3\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_amd64.deb\n Size/MD5 checksum: 127854 fec6f28c19ad170d97e431a8657d6d3b\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_amd64.deb\n Size/MD5 checksum: 124516 6097da9f80f44b379f1b1d46aa13867a\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_arm.deb\n Size/MD5 checksum: 66038 d7c116a4589f3f280d3a8f6f698afc8a\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_arm.deb\n Size/MD5 checksum: 116800 e46133d4e4e2191dae95e7d70df22b41\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_arm.deb\n Size/MD5 checksum: 121028 8d1d8a51de432ecdca221d3aab3a0342\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_hppa.deb\n Size/MD5 checksum: 133822 0060e1aa0428f163fd8a2391afd42d86\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_hppa.deb\n Size/MD5 checksum: 126066 a197984d5f90879bfd5f5161d82fb793\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_hppa.deb\n Size/MD5 checksum: 78586 4dce52054b7fd81027e5f002d36b9ca1\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_i386.deb\n Size/MD5 checksum: 68680 d65d8158a672fc285a5329a96f927ff0\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_i386.deb\n Size/MD5 checksum: 116416 0fffc0910d45788aa2e5632913f97b5e\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_i386.deb\n Size/MD5 checksum: 122170 5c6fe8e442ec6aa146cc5f534d045e70\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_ia64.deb\n Size/MD5 checksum: 118768 c240a8957e74b4133d14524d65a0ca84\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_ia64.deb\n Size/MD5 checksum: 156554 75f7ef24fb756f82c41c376fbb976eb2\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_ia64.deb\n Size/MD5 checksum: 99380 31a30996ae576e028cd7d1b0e248096d\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_mips.deb\n Size/MD5 checksum: 130216 64f856948c06a836e1e7ccb5288a8fd5\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_mips.deb\n Size/MD5 checksum: 130378 5c2bcd90e3e764b63fad5e7108f2f5c7\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_mips.deb\n Size/MD5 checksum: 70666 d8f16a952a9b49f1c1cce2dba45d4b67\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_mipsel.deb\n Size/MD5 checksum: 130588 d24b45d678dd58b62518ddf1f6d9fd2f\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_mipsel.deb\n Size/MD5 checksum: 127794 2d8ed73655993e12cdb0d4b316315f2c\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_mipsel.deb\n Size/MD5 checksum: 70674 5242004658e91c173b717bde60a8085e\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_powerpc.deb\n Size/MD5 checksum: 130406 0016513b87ff4564f5ff69621d431e13\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_powerpc.deb\n Size/MD5 checksum: 125072 bc5539dda0daa900abfe77a088899f16\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_powerpc.deb\n Size/MD5 checksum: 72400 28647bd35db14975a678c4424f0fb4aa\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_s390.deb\n Size/MD5 checksum: 128360 df7691e2ac57d344c7c341ea7f606f3a\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_s390.deb\n Size/MD5 checksum: 76592 482e412db007c81e2174a6bd729fc2a0\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_s390.deb\n Size/MD5 checksum: 124716 9405781379de1b80fc8c7bd18260bd3c\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_sparc.deb\n Size/MD5 checksum: 117158 bb4555e88f9b7f2a1127f24970b0863b\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_sparc.deb\n Size/MD5 checksum: 118574 366b392d5b9ba2771b08bec842ecca9a\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_sparc.deb\n Size/MD5 checksum: 66320 895fccdd633a9323f2e892a333e2f1f1\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.12+dfsg.orig.tar.gz\n Size/MD5 checksum: 658687 4ef3e41037fe0cdd3a0d107335a008eb\n http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.12+dfsg-8+lenny2.dsc\n Size/MD5 checksum: 1530 2e0b102b714edffebe80b7522b60eb93\n http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.12+dfsg-8+lenny2.diff.gz\n Size/MD5 checksum: 22021 5ac66e9e3e4a3b3f93f25a075d7087ea\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_alpha.deb\n Size/MD5 checksum: 146564 57902eabc0f7164fdb65f99742e774a9\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_alpha.deb\n Size/MD5 checksum: 157358 74fe3e8f488bca9d715a91852748215a\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_alpha.deb\n Size/MD5 checksum: 90574 78164e1209b66d8358931a4c783abf9e\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_amd64.deb\n Size/MD5 checksum: 132654 20dc399a6c86153c0021d273b34eceaf\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_amd64.deb\n Size/MD5 checksum: 147538 ed67540d4baa9bce263df53c180e883e\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_amd64.deb\n Size/MD5 checksum: 79814 4b71fcc802a207c1d1e1f54c4460c775\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_arm.deb\n Size/MD5 checksum: 124566 bddd5c3e65dfbe7cba72edf1872f6612\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_arm.deb\n Size/MD5 checksum: 71258 44658bee5eb78ff87e93008dd2d5ef1b\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_arm.deb\n Size/MD5 checksum: 138786 06343f2a0707a8aab17cf292da23ab7c\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_armel.deb\n Size/MD5 checksum: 125382 63b253107c09d8f22a74daf4e75c0d4f\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_armel.deb\n Size/MD5 checksum: 138852 d19e3658c9d0659845c2b27c9130c871\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_armel.deb\n Size/MD5 checksum: 69786 22e9c23a71adec339b6048e4909e7b64\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_hppa.deb\n Size/MD5 checksum: 139700 67e358018e90e3a0a112f2b0ecb5c8e1\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_hppa.deb\n Size/MD5 checksum: 83228 5e90a7a8e2f17dbe1099b4275dbfecce\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_hppa.deb\n Size/MD5 checksum: 142974 bdac87da2eb60b9c2dc5f2cb77065135\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_i386.deb\n Size/MD5 checksum: 120742 8f22bb0169bb8adfafb8295cd8e11a5d\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_i386.deb\n Size/MD5 checksum: 73636 e8bafce964601ca062a3e8dc3e9ab887\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_i386.deb\n Size/MD5 checksum: 141210 9cfb5f9c9a81d8c9d246bcda411330d5\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_ia64.deb\n Size/MD5 checksum: 135222 6e69a6671e161d561c74db4328f83002\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_ia64.deb\n Size/MD5 checksum: 110928 6edc23e6b3e254d9e3a945eb8b201549\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_ia64.deb\n Size/MD5 checksum: 169954 af3e28f3b3f42df488885d2bf8025a4b\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_mips.deb\n Size/MD5 checksum: 147132 96b0bf6e077e8abc8ce12fff05b4151d\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_mips.deb\n Size/MD5 checksum: 74196 128cbbed2eaaa51c2e92a4bfe6076cd0\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_mips.deb\n Size/MD5 checksum: 137308 af2189d769dd968ef38b47a22664de82\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_mipsel.deb\n Size/MD5 checksum: 74124 4894b4b56cc740ca877af667681ebfaa\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_mipsel.deb\n Size/MD5 checksum: 144442 37c6b6c54ab1b0539d10565d4c668f6b\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_mipsel.deb\n Size/MD5 checksum: 136152 e0b1e255aabc2db28542107ad15f5b46\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_powerpc.deb\n Size/MD5 checksum: 146778 34fd3aab3b62f4e3ccaa3ce6a27aa08d\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_powerpc.deb\n Size/MD5 checksum: 82798 4f81cdc2bb6a92c9add30ce0c5566226\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_powerpc.deb\n Size/MD5 checksum: 132238 5fc82f511183058f4138c4cd07ec1ca9\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_s390.deb\n Size/MD5 checksum: 85280 c185347abe5db6c3c5c797714a476454\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_s390.deb\n Size/MD5 checksum: 148334 b3bfbab7f4e064ab3065070879c28faf\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_s390.deb\n Size/MD5 checksum: 132826 d547ee5465f7bef60c954de4d6721b31\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_sparc.deb\n Size/MD5 checksum: 72812 9b27f0c316fd15a2535fd571bca5faa9\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_sparc.deb\n Size/MD5 checksum: 124558 e3e07157b4bb28ec91168b6a038474d0\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_sparc.deb\n Size/MD5 checksum: 132136 f82857755ceba785fe679c16fe865f1d\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "modified": "2009-06-04T19:22:58", "published": "2009-06-04T19:22:58", "id": "DEBIAN:DSA-1812-1:7EC83", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2009/msg00124.html", "title": "[SECURITY] [DSA 1812-1] New apr-util packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "seebug": [{"lastseen": "2017-11-19T18:48:46", "bulletinFamily": "exploit", "description": "BUGTRAQ ID: 35221\r\nCVE(CAN) ID: CVE-2009-0023\r\n\r\nApr-util\u662fApache\u6240\u4f7f\u7528\u7684Apache\u53ef\u79fb\u690d\u8fd0\u884c\u65f6\u5de5\u5177\u5e93\u3002\r\n\r\nApr-util\u5e93\u7684strmatch/apr_strmatch.c\u6587\u4ef6\u4e2d\u7684apr_strmatch_precompile\u51fd\u6570\u5b58\u5728\u6574\u6570\u4e0b\u6ea2\u6f0f\u6d1e\u3002\u5982\u679c\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7.htaccess\u6587\u4ef6\u3001mod_dav_svn\u6a21\u5757\u4e2d\u7684SVNMasterURI\u6307\u4ee4\u3001mod_apreq2\u6a21\u5757\u6216libapreq2 \u5e93\u7b49\u65b9\u5f0f\u4f20\u9001\u4e86\u7279\u5236\u8f93\u5165\u7684\u8bdd\uff0c\u5c31\u53ef\u80fd\u5bfc\u81f4\u5b88\u62a4\u7a0b\u5e8f\u5d29\u6e83\u3002\n\nAPR-util 1.3.4\n \u5382\u5546\u8865\u4e01\uff1a\r\n\r\nApache Group\r\n------------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\n<a href=\"http://svn.apache.org/viewvc?view=rev&revision=779880\" target=\"_blank\" rel=external nofollow>http://svn.apache.org/viewvc?view=rev&revision=779880</a>\r\n\r\nDebian\r\n------\r\nDebian\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08DSA-1812-1\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nDSA-1812-1\uff1aNew apr-util packages fix several vulnerabilities\r\n\u94fe\u63a5\uff1a<a href=\"http://www.debian.org/security/2009/dsa-1812\" target=\"_blank\" rel=external nofollow>http://www.debian.org/security/2009/dsa-1812</a>\r\n\r\n\u8865\u4e01\u4e0b\u8f7d\uff1a\r\n\r\nSource archives:\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.7+dfsg-2+etch2.diff.gz\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.7+dfsg-2+etch2.diff.gz</a>\r\nSize/MD5 checksum: 33117 ed3dc8bd1a5891432d7fc0614b94becd\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.7+dfsg.orig.tar.gz\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.7+dfsg.orig.tar.gz</a>\r\nSize/MD5 checksum: 643328 a3117be657f99e92316be40add59b9ff\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.7+dfsg-2+etch2.dsc\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.7+dfsg-2+etch2.dsc</a>\r\nSize/MD5 checksum: 1036 982d6c15afd4477277b01c004b7c8ac0\r\n\r\nalpha architecture (DEC Alpha)\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_alpha.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_alpha.deb</a>\r\nSize/MD5 checksum: 83614 7bc2f02a403bb653dde89fc6efd34e7b\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_alpha.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_alpha.deb</a>\r\nSize/MD5 checksum: 148054 45641c57b04ca3470eda5df4ce26742c\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_alpha.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_alpha.deb</a>\r\nSize/MD5 checksum: 128914 03bc9c912b8b625af79f39284d45eeed\r\n\r\namd64 architecture (AMD x86_64 (AMD64))\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_amd64.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_amd64.deb</a>\r\nSize/MD5 checksum: 72828 4fc0d12955c259cf26aab065b174ccf3\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_amd64.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_amd64.deb</a>\r\nSize/MD5 checksum: 127854 fec6f28c19ad170d97e431a8657d6d3b\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_amd64.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_amd64.deb</a>\r\nSize/MD5 checksum: 124516 6097da9f80f44b379f1b1d46aa13867a\r\n\r\narm architecture (ARM)\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_arm.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_arm.deb</a>\r\nSize/MD5 checksum: 66038 d7c116a4589f3f280d3a8f6f698afc8a\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_arm.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_arm.deb</a>\r\nSize/MD5 checksum: 116800 e46133d4e4e2191dae95e7d70df22b41\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_arm.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_arm.deb</a>\r\nSize/MD5 checksum: 121028 8d1d8a51de432ecdca221d3aab3a0342\r\n\r\nhppa architecture (HP PA RISC)\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_hppa.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_hppa.deb</a>\r\nSize/MD5 checksum: 133822 0060e1aa0428f163fd8a2391afd42d86\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_hppa.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_hppa.deb</a>\r\nSize/MD5 checksum: 126066 a197984d5f90879bfd5f5161d82fb793\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_hppa.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_hppa.deb</a>\r\nSize/MD5 checksum: 78586 4dce52054b7fd81027e5f002d36b9ca1\r\n\r\ni386 architecture (Intel ia32)\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_i386.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_i386.deb</a>\r\nSize/MD5 checksum: 68680 d65d8158a672fc285a5329a96f927ff0\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_i386.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_i386.deb</a>\r\nSize/MD5 checksum: 116416 0fffc0910d45788aa2e5632913f97b5e\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_i386.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_i386.deb</a>\r\nSize/MD5 checksum: 122170 5c6fe8e442ec6aa146cc5f534d045e70\r\n\r\nia64 architecture (Intel ia64)\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_ia64.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_ia64.deb</a>\r\nSize/MD5 checksum: 118768 c240a8957e74b4133d14524d65a0ca84\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_ia64.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_ia64.deb</a>\r\nSize/MD5 checksum: 156554 75f7ef24fb756f82c41c376fbb976eb2\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_ia64.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_ia64.deb</a>\r\nSize/MD5 checksum: 99380 31a30996ae576e028cd7d1b0e248096d\r\n\r\nmips architecture (MIPS (Big Endian))\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_mips.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_mips.deb</a>\r\nSize/MD5 checksum: 130216 64f856948c06a836e1e7ccb5288a8fd5\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_mips.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_mips.deb</a>\r\nSize/MD5 checksum: 130378 5c2bcd90e3e764b63fad5e7108f2f5c7\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_mips.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_mips.deb</a>\r\nSize/MD5 checksum: 70666 d8f16a952a9b49f1c1cce2dba45d4b67\r\n\r\nmipsel architecture (MIPS (Little Endian))\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_mipsel.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_mipsel.deb</a>\r\nSize/MD5 checksum: 130588 d24b45d678dd58b62518ddf1f6d9fd2f\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_mipsel.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_mipsel.deb</a>\r\nSize/MD5 checksum: 127794 2d8ed73655993e12cdb0d4b316315f2c\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_mipsel.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_mipsel.deb</a>\r\nSize/MD5 checksum: 70674 5242004658e91c173b717bde60a8085e\r\n\r\npowerpc architecture (PowerPC)\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_powerpc.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_powerpc.deb</a>\r\nSize/MD5 checksum: 130406 0016513b87ff4564f5ff69621d431e13\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_powerpc.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_powerpc.deb</a>\r\nSize/MD5 checksum: 125072 bc5539dda0daa900abfe77a088899f16\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_powerpc.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_powerpc.deb</a>\r\nSize/MD5 checksum: 72400 28647bd35db14975a678c4424f0fb4aa\r\n\r\ns390 architecture (IBM S/390)\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_s390.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_s390.deb</a>\r\nSize/MD5 checksum: 128360 df7691e2ac57d344c7c341ea7f606f3a\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_s390.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_s390.deb</a>\r\nSize/MD5 checksum: 76592 482e412db007c81e2174a6bd729fc2a0\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_s390.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_s390.deb</a>\r\nSize/MD5 checksum: 124716 9405781379de1b80fc8c7bd18260bd3c\r\n\r\nsparc architecture (Sun SPARC/UltraSPARC)\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_sparc.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_sparc.deb</a>\r\nSize/MD5 checksum: 117158 bb4555e88f9b7f2a1127f24970b0863b\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_sparc.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_sparc.deb</a>\r\nSize/MD5 checksum: 118574 366b392d5b9ba2771b08bec842ecca9a\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_sparc.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_sparc.deb</a>\r\nSize/MD5 checksum: 66320 895fccdd633a9323f2e892a333e2f1f1\r\n\r\n\r\nDebian GNU/Linux 5.0 alias lenny\r\n- --------------------------------\r\n\r\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\r\n\r\nSource archives:\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.12+dfsg.orig.tar.gz\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.12+dfsg.orig.tar.gz</a>\r\nSize/MD5 checksum: 658687 4ef3e41037fe0cdd3a0d107335a008eb\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.12+dfsg-8+lenny2.dsc\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.12+dfsg-8+lenny2.dsc</a>\r\nSize/MD5 checksum: 1530 2e0b102b714edffebe80b7522b60eb93\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.12+dfsg-8+lenny2.diff.gz\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.12+dfsg-8+lenny2.diff.gz</a>\r\nSize/MD5 checksum: 22021 5ac66e9e3e4a3b3f93f25a075d7087ea\r\n\r\nalpha architecture (DEC Alpha)\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_alpha.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_alpha.deb</a>\r\nSize/MD5 checksum: 146564 57902eabc0f7164fdb65f99742e774a9\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_alpha.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_alpha.deb</a>\r\nSize/MD5 checksum: 157358 74fe3e8f488bca9d715a91852748215a\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_alpha.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_alpha.deb</a>\r\nSize/MD5 checksum: 90574 78164e1209b66d8358931a4c783abf9e\r\n\r\namd64 architecture (AMD x86_64 (AMD64))\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_amd64.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_amd64.deb</a>\r\nSize/MD5 checksum: 132654 20dc399a6c86153c0021d273b34eceaf\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_amd64.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_amd64.deb</a>\r\nSize/MD5 checksum: 147538 ed67540d4baa9bce263df53c180e883e\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_amd64.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_amd64.deb</a>\r\nSize/MD5 checksum: 79814 4b71fcc802a207c1d1e1f54c4460c775\r\n\r\narm architecture (ARM)\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_arm.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_arm.deb</a>\r\nSize/MD5 checksum: 124566 bddd5c3e65dfbe7cba72edf1872f6612\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_arm.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_arm.deb</a>\r\nSize/MD5 checksum: 71258 44658bee5eb78ff87e93008dd2d5ef1b\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_arm.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_arm.deb</a>\r\nSize/MD5 checksum: 138786 06343f2a0707a8aab17cf292da23ab7c\r\n\r\narmel architecture (ARM EABI)\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_armel.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_armel.deb</a>\r\nSize/MD5 checksum: 125382 63b253107c09d8f22a74daf4e75c0d4f\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_armel.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_armel.deb</a>\r\nSize/MD5 checksum: 138852 d19e3658c9d0659845c2b27c9130c871\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_armel.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_armel.deb</a>\r\nSize/MD5 checksum: 69786 22e9c23a71adec339b6048e4909e7b64\r\n\r\nhppa architecture (HP PA RISC)\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_hppa.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_hppa.deb</a>\r\nSize/MD5 checksum: 139700 67e358018e90e3a0a112f2b0ecb5c8e1\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_hppa.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_hppa.deb</a>\r\nSize/MD5 checksum: 83228 5e90a7a8e2f17dbe1099b4275dbfecce\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_hppa.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_hppa.deb</a>\r\nSize/MD5 checksum: 142974 bdac87da2eb60b9c2dc5f2cb77065135\r\n\r\ni386 architecture (Intel ia32)\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_i386.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_i386.deb</a>\r\nSize/MD5 checksum: 120742 8f22bb0169bb8adfafb8295cd8e11a5d\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_i386.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_i386.deb</a>\r\nSize/MD5 checksum: 73636 e8bafce964601ca062a3e8dc3e9ab887\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_i386.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_i386.deb</a>\r\nSize/MD5 checksum: 141210 9cfb5f9c9a81d8c9d246bcda411330d5\r\n\r\nia64 architecture (Intel ia64)\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_ia64.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_ia64.deb</a>\r\nSize/MD5 checksum: 135222 6e69a6671e161d561c74db4328f83002\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_ia64.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_ia64.deb</a>\r\nSize/MD5 checksum: 110928 6edc23e6b3e254d9e3a945eb8b201549\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_ia64.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_ia64.deb</a>\r\nSize/MD5 checksum: 169954 af3e28f3b3f42df488885d2bf8025a4b\r\n\r\nmips architecture (MIPS (Big Endian))\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_mips.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_mips.deb</a>\r\nSize/MD5 checksum: 147132 96b0bf6e077e8abc8ce12fff05b4151d\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_mips.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_mips.deb</a>\r\nSize/MD5 checksum: 74196 128cbbed2eaaa51c2e92a4bfe6076cd0\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_mips.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_mips.deb</a>\r\nSize/MD5 checksum: 137308 af2189d769dd968ef38b47a22664de82\r\n\r\nmipsel architecture (MIPS (Little Endian))\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_mipsel.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_mipsel.deb</a>\r\nSize/MD5 checksum: 74124 4894b4b56cc740ca877af667681ebfaa\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_mipsel.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_mipsel.deb</a>\r\nSize/MD5 checksum: 144442 37c6b6c54ab1b0539d10565d4c668f6b\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_mipsel.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_mipsel.deb</a>\r\nSize/MD5 checksum: 136152 e0b1e255aabc2db28542107ad15f5b46\r\n\r\npowerpc architecture (PowerPC)\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_powerpc.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_powerpc.deb</a>\r\nSize/MD5 checksum: 146778 34fd3aab3b62f4e3ccaa3ce6a27aa08d\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_powerpc.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_powerpc.deb</a>\r\nSize/MD5 checksum: 82798 4f81cdc2bb6a92c9add30ce0c5566226\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_powerpc.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_powerpc.deb</a>\r\nSize/MD5 checksum: 132238 5fc82f511183058f4138c4cd07ec1ca9\r\n\r\ns390 architecture (IBM S/390)\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_s390.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_s390.deb</a>\r\nSize/MD5 checksum: 85280 c185347abe5db6c3c5c797714a476454\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_s390.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_s390.deb</a>\r\nSize/MD5 checksum: 148334 b3bfbab7f4e064ab3065070879c28faf\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_s390.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_s390.deb</a>\r\nSize/MD5 checksum: 132826 d547ee5465f7bef60c954de4d6721b31\r\n\r\nsparc architecture (Sun SPARC/UltraSPARC)\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_sparc.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_sparc.deb</a>\r\nSize/MD5 checksum: 72812 9b27f0c316fd15a2535fd571bca5faa9\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_sparc.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_sparc.deb</a>\r\nSize/MD5 checksum: 124558 e3e07157b4bb28ec91168b6a038474d0\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_sparc.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_sparc.deb</a>\r\nSize/MD5 checksum: 132136 f82857755ceba785fe679c16fe865f1d\r\n\r\n\u8865\u4e01\u5b89\u88c5\u65b9\u6cd5\uff1a\r\n\r\n1. \u624b\u5de5\u5b89\u88c5\u8865\u4e01\u5305\uff1a\r\n\r\n \u9996\u5148\uff0c\u4f7f\u7528\u4e0b\u9762\u7684\u547d\u4ee4\u6765\u4e0b\u8f7d\u8865\u4e01\u8f6f\u4ef6\uff1a\r\n # wget url (url\u662f\u8865\u4e01\u4e0b\u8f7d\u94fe\u63a5\u5730\u5740)\r\n\r\n \u7136\u540e\uff0c\u4f7f\u7528\u4e0b\u9762\u7684\u547d\u4ee4\u6765\u5b89\u88c5\u8865\u4e01\uff1a \r\n # dpkg -i file.deb (file\u662f\u76f8\u5e94\u7684\u8865\u4e01\u540d)\r\n\r\n2. \u4f7f\u7528apt-get\u81ea\u52a8\u5b89\u88c5\u8865\u4e01\u5305\uff1a\r\n\r\n \u9996\u5148\uff0c\u4f7f\u7528\u4e0b\u9762\u7684\u547d\u4ee4\u66f4\u65b0\u5185\u90e8\u6570\u636e\u5e93\uff1a\r\n # apt-get update\r\n \r\n \u7136\u540e\uff0c\u4f7f\u7528\u4e0b\u9762\u7684\u547d\u4ee4\u5b89\u88c5\u66f4\u65b0\u8f6f\u4ef6\u5305\uff1a\r\n # apt-get upgrade", "modified": "2009-06-09T00:00:00", "published": "2009-06-09T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-11558", "id": "SSV:11558", "type": "seebug", "title": "Apache APR-util\u5e93apr_strmatch_precompile()\u51fd\u6570\u6574\u6570\u4e0b\u6ea2\u6f0f\u6d1e", "sourceData": "", "sourceHref": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-11-19T18:47:51", "bulletinFamily": "exploit", "description": "BUGTRAQ ID: 35253\r\nCVE(CAN) ID: CVE-2009-1955\r\n\r\nApr-util\u662fApache\u6240\u4f7f\u7528\u7684Apache\u53ef\u79fb\u690d\u8fd0\u884c\u65f6\u5de5\u5177\u5e93\u3002\r\n\r\nAPR-util\u5e93\u6240\u4f7f\u7528\u7684expat XML\u89e3\u6790\u5668\uff08\u4f4d\u4e8exml/apr_xml.c\u6587\u4ef6\u7684apr_xml_*\u63a5\u53e3\uff09\u5728\u5904\u7406\u5b9e\u4f53\u5b9a\u4e49\u4e2d\u5305\u542b\u6709\u5927\u91cf\u5d4c\u5957\u5b9e\u4f53\u5f15\u7528\u7684XML\u6587\u4ef6\u65f6\u53ef\u80fd\u4f1a\u8017\u5c3d\u6240\u6709\u53ef\u7528\u7684\u5185\u5b58\uff0c\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u7684\u60c5\u51b5\u3002\u6240\u6709\u4f7f\u7528APR-util\u5e93\u7684expat wrapper\u63a5\u53e3\u89e3\u6790\u4e0d\u53ef\u4fe1\u4efbXML\u6587\u6863\u7684\u7f51\u7edc\u670d\u52a1\u90fd\u53d7\u8fd9\u4e2a\u6f0f\u6d1e\u5f71\u54cd\uff0c\u5982Apache httpd WebDAV\u6a21\u5757mod_dav\u3002\n\nApache Group APR-util 1.3.x\n \u5382\u5546\u8865\u4e01\uff1a\r\n\r\nApache Group\r\n------------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\n<a href=\"http://en.securitylab.ru/bitrix/redirect.php?event3=381000&goto=http%3A%2F%2Fsvn.apache.org%2Fviewvc%3Fview%3Drev%26revision%3D781403\" target=\"_blank\" rel=external nofollow>http://en.securitylab.ru/bitrix/redirect.php?event3=381000&goto=http%3A%2F%2Fsvn.apache.org%2Fviewvc%3Fview%3Drev%26revision%3D781403</a>\r\n\r\nDebian\r\n------\r\nDebian\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08DSA-1812-1\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nDSA-1812-1\uff1aNew apr-util packages fix several vulnerabilities\r\n\u94fe\u63a5\uff1a<a href=\"http://www.debian.org/security/2009/dsa-1812\" target=\"_blank\" rel=external nofollow>http://www.debian.org/security/2009/dsa-1812</a>\r\n\r\n\u8865\u4e01\u4e0b\u8f7d\uff1a\r\n\r\nSource archives:\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.7+dfsg-2+etch2.diff.gz\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.7+dfsg-2+etch2.diff.gz</a>\r\nSize/MD5 checksum: 33117 ed3dc8bd1a5891432d7fc0614b94becd\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.7+dfsg.orig.tar.gz\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.7+dfsg.orig.tar.gz</a>\r\nSize/MD5 checksum: 643328 a3117be657f99e92316be40add59b9ff\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.7+dfsg-2+etch2.dsc\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.7+dfsg-2+etch2.dsc</a>\r\nSize/MD5 checksum: 1036 982d6c15afd4477277b01c004b7c8ac0\r\n\r\nalpha architecture (DEC Alpha)\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_alpha.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_alpha.deb</a>\r\nSize/MD5 checksum: 83614 7bc2f02a403bb653dde89fc6efd34e7b\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_alpha.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_alpha.deb</a>\r\nSize/MD5 checksum: 148054 45641c57b04ca3470eda5df4ce26742c\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_alpha.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_alpha.deb</a>\r\nSize/MD5 checksum: 128914 03bc9c912b8b625af79f39284d45eeed\r\n\r\namd64 architecture (AMD x86_64 (AMD64))\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_amd64.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_amd64.deb</a>\r\nSize/MD5 checksum: 72828 4fc0d12955c259cf26aab065b174ccf3\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_amd64.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_amd64.deb</a>\r\nSize/MD5 checksum: 127854 fec6f28c19ad170d97e431a8657d6d3b\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_amd64.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_amd64.deb</a>\r\nSize/MD5 checksum: 124516 6097da9f80f44b379f1b1d46aa13867a\r\n\r\narm architecture (ARM)\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_arm.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_arm.deb</a>\r\nSize/MD5 checksum: 66038 d7c116a4589f3f280d3a8f6f698afc8a\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_arm.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_arm.deb</a>\r\nSize/MD5 checksum: 116800 e46133d4e4e2191dae95e7d70df22b41\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_arm.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_arm.deb</a>\r\nSize/MD5 checksum: 121028 8d1d8a51de432ecdca221d3aab3a0342\r\n\r\nhppa architecture (HP PA RISC)\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_hppa.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_hppa.deb</a>\r\nSize/MD5 checksum: 133822 0060e1aa0428f163fd8a2391afd42d86\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_hppa.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_hppa.deb</a>\r\nSize/MD5 checksum: 126066 a197984d5f90879bfd5f5161d82fb793\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_hppa.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_hppa.deb</a>\r\nSize/MD5 checksum: 78586 4dce52054b7fd81027e5f002d36b9ca1\r\n\r\ni386 architecture (Intel ia32)\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_i386.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_i386.deb</a>\r\nSize/MD5 checksum: 68680 d65d8158a672fc285a5329a96f927ff0\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_i386.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_i386.deb</a>\r\nSize/MD5 checksum: 116416 0fffc0910d45788aa2e5632913f97b5e\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_i386.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_i386.deb</a>\r\nSize/MD5 checksum: 122170 5c6fe8e442ec6aa146cc5f534d045e70\r\n\r\nia64 architecture (Intel ia64)\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_ia64.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_ia64.deb</a>\r\nSize/MD5 checksum: 118768 c240a8957e74b4133d14524d65a0ca84\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_ia64.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_ia64.deb</a>\r\nSize/MD5 checksum: 156554 75f7ef24fb756f82c41c376fbb976eb2\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_ia64.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_ia64.deb</a>\r\nSize/MD5 checksum: 99380 31a30996ae576e028cd7d1b0e248096d\r\n\r\nmips architecture (MIPS (Big Endian))\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_mips.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_mips.deb</a>\r\nSize/MD5 checksum: 130216 64f856948c06a836e1e7ccb5288a8fd5\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_mips.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_mips.deb</a>\r\nSize/MD5 checksum: 130378 5c2bcd90e3e764b63fad5e7108f2f5c7\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_mips.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_mips.deb</a>\r\nSize/MD5 checksum: 70666 d8f16a952a9b49f1c1cce2dba45d4b67\r\n\r\nmipsel architecture (MIPS (Little Endian))\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_mipsel.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_mipsel.deb</a>\r\nSize/MD5 checksum: 130588 d24b45d678dd58b62518ddf1f6d9fd2f\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_mipsel.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_mipsel.deb</a>\r\nSize/MD5 checksum: 127794 2d8ed73655993e12cdb0d4b316315f2c\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_mipsel.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_mipsel.deb</a>\r\nSize/MD5 checksum: 70674 5242004658e91c173b717bde60a8085e\r\n\r\npowerpc architecture (PowerPC)\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_powerpc.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_powerpc.deb</a>\r\nSize/MD5 checksum: 130406 0016513b87ff4564f5ff69621d431e13\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_powerpc.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_powerpc.deb</a>\r\nSize/MD5 checksum: 125072 bc5539dda0daa900abfe77a088899f16\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_powerpc.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_powerpc.deb</a>\r\nSize/MD5 checksum: 72400 28647bd35db14975a678c4424f0fb4aa\r\n\r\ns390 architecture (IBM S/390)\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_s390.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_s390.deb</a>\r\nSize/MD5 checksum: 128360 df7691e2ac57d344c7c341ea7f606f3a\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_s390.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_s390.deb</a>\r\nSize/MD5 checksum: 76592 482e412db007c81e2174a6bd729fc2a0\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_s390.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_s390.deb</a>\r\nSize/MD5 checksum: 124716 9405781379de1b80fc8c7bd18260bd3c\r\n\r\nsparc architecture (Sun SPARC/UltraSPARC)\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_sparc.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_sparc.deb</a>\r\nSize/MD5 checksum: 117158 bb4555e88f9b7f2a1127f24970b0863b\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_sparc.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_sparc.deb</a>\r\nSize/MD5 checksum: 118574 366b392d5b9ba2771b08bec842ecca9a\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_sparc.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_sparc.deb</a>\r\nSize/MD5 checksum: 66320 895fccdd633a9323f2e892a333e2f1f1\r\n\r\n\r\nDebian GNU/Linux 5.0 alias lenny\r\n- --------------------------------\r\n\r\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\r\n\r\nSource archives:\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.12+dfsg.orig.tar.gz\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.12+dfsg.orig.tar.gz</a>\r\nSize/MD5 checksum: 658687 4ef3e41037fe0cdd3a0d107335a008eb\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.12+dfsg-8+lenny2.dsc\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.12+dfsg-8+lenny2.dsc</a>\r\nSize/MD5 checksum: 1530 2e0b102b714edffebe80b7522b60eb93\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.12+dfsg-8+lenny2.diff.gz\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.12+dfsg-8+lenny2.diff.gz</a>\r\nSize/MD5 checksum: 22021 5ac66e9e3e4a3b3f93f25a075d7087ea\r\n\r\nalpha architecture (DEC Alpha)\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_alpha.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_alpha.deb</a>\r\nSize/MD5 checksum: 146564 57902eabc0f7164fdb65f99742e774a9\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_alpha.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_alpha.deb</a>\r\nSize/MD5 checksum: 157358 74fe3e8f488bca9d715a91852748215a\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_alpha.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_alpha.deb</a>\r\nSize/MD5 checksum: 90574 78164e1209b66d8358931a4c783abf9e\r\n\r\namd64 architecture (AMD x86_64 (AMD64))\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_amd64.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_amd64.deb</a>\r\nSize/MD5 checksum: 132654 20dc399a6c86153c0021d273b34eceaf\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_amd64.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_amd64.deb</a>\r\nSize/MD5 checksum: 147538 ed67540d4baa9bce263df53c180e883e\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_amd64.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_amd64.deb</a>\r\nSize/MD5 checksum: 79814 4b71fcc802a207c1d1e1f54c4460c775\r\n\r\narm architecture (ARM)\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_arm.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_arm.deb</a>\r\nSize/MD5 checksum: 124566 bddd5c3e65dfbe7cba72edf1872f6612\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_arm.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_arm.deb</a>\r\nSize/MD5 checksum: 71258 44658bee5eb78ff87e93008dd2d5ef1b\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_arm.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_arm.deb</a>\r\nSize/MD5 checksum: 138786 06343f2a0707a8aab17cf292da23ab7c\r\n\r\narmel architecture (ARM EABI)\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_armel.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_armel.deb</a>\r\nSize/MD5 checksum: 125382 63b253107c09d8f22a74daf4e75c0d4f\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_armel.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_armel.deb</a>\r\nSize/MD5 checksum: 138852 d19e3658c9d0659845c2b27c9130c871\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_armel.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_armel.deb</a>\r\nSize/MD5 checksum: 69786 22e9c23a71adec339b6048e4909e7b64\r\n\r\nhppa architecture (HP PA RISC)\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_hppa.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_hppa.deb</a>\r\nSize/MD5 checksum: 139700 67e358018e90e3a0a112f2b0ecb5c8e1\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_hppa.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_hppa.deb</a>\r\nSize/MD5 checksum: 83228 5e90a7a8e2f17dbe1099b4275dbfecce\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_hppa.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_hppa.deb</a>\r\nSize/MD5 checksum: 142974 bdac87da2eb60b9c2dc5f2cb77065135\r\n\r\ni386 architecture (Intel ia32)\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_i386.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_i386.deb</a>\r\nSize/MD5 checksum: 120742 8f22bb0169bb8adfafb8295cd8e11a5d\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_i386.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_i386.deb</a>\r\nSize/MD5 checksum: 73636 e8bafce964601ca062a3e8dc3e9ab887\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_i386.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_i386.deb</a>\r\nSize/MD5 checksum: 141210 9cfb5f9c9a81d8c9d246bcda411330d5\r\n\r\nia64 architecture (Intel ia64)\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_ia64.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_ia64.deb</a>\r\nSize/MD5 checksum: 135222 6e69a6671e161d561c74db4328f83002\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_ia64.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_ia64.deb</a>\r\nSize/MD5 checksum: 110928 6edc23e6b3e254d9e3a945eb8b201549\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_ia64.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_ia64.deb</a>\r\nSize/MD5 checksum: 169954 af3e28f3b3f42df488885d2bf8025a4b\r\n\r\nmips architecture (MIPS (Big Endian))\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_mips.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_mips.deb</a>\r\nSize/MD5 checksum: 147132 96b0bf6e077e8abc8ce12fff05b4151d\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_mips.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_mips.deb</a>\r\nSize/MD5 checksum: 74196 128cbbed2eaaa51c2e92a4bfe6076cd0\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_mips.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_mips.deb</a>\r\nSize/MD5 checksum: 137308 af2189d769dd968ef38b47a22664de82\r\n\r\nmipsel architecture (MIPS (Little Endian))\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_mipsel.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_mipsel.deb</a>\r\nSize/MD5 checksum: 74124 4894b4b56cc740ca877af667681ebfaa\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_mipsel.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_mipsel.deb</a>\r\nSize/MD5 checksum: 144442 37c6b6c54ab1b0539d10565d4c668f6b\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_mipsel.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_mipsel.deb</a>\r\nSize/MD5 checksum: 136152 e0b1e255aabc2db28542107ad15f5b46\r\n\r\npowerpc architecture (PowerPC)\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_powerpc.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_powerpc.deb</a>\r\nSize/MD5 checksum: 146778 34fd3aab3b62f4e3ccaa3ce6a27aa08d\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_powerpc.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_powerpc.deb</a>\r\nSize/MD5 checksum: 82798 4f81cdc2bb6a92c9add30ce0c5566226\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_powerpc.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_powerpc.deb</a>\r\nSize/MD5 checksum: 132238 5fc82f511183058f4138c4cd07ec1ca9\r\n\r\ns390 architecture (IBM S/390)\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_s390.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_s390.deb</a>\r\nSize/MD5 checksum: 85280 c185347abe5db6c3c5c797714a476454\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_s390.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_s390.deb</a>\r\nSize/MD5 checksum: 148334 b3bfbab7f4e064ab3065070879c28faf\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_s390.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_s390.deb</a>\r\nSize/MD5 checksum: 132826 d547ee5465f7bef60c954de4d6721b31\r\n\r\nsparc architecture (Sun SPARC/UltraSPARC)\r\n\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_sparc.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_sparc.deb</a>\r\nSize/MD5 checksum: 72812 9b27f0c316fd15a2535fd571bca5faa9\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_sparc.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_sparc.deb</a>\r\nSize/MD5 checksum: 124558 e3e07157b4bb28ec91168b6a038474d0\r\n<a href=\"http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_sparc.deb\" target=\"_blank\" rel=external nofollow>http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_sparc.deb</a>\r\nSize/MD5 checksum: 132136 f82857755ceba785fe679c16fe865f1d\r\n\r\n\u8865\u4e01\u5b89\u88c5\u65b9\u6cd5\uff1a\r\n\r\n1. \u624b\u5de5\u5b89\u88c5\u8865\u4e01\u5305\uff1a\r\n\r\n \u9996\u5148\uff0c\u4f7f\u7528\u4e0b\u9762\u7684\u547d\u4ee4\u6765\u4e0b\u8f7d\u8865\u4e01\u8f6f\u4ef6\uff1a\r\n # wget url (url\u662f\u8865\u4e01\u4e0b\u8f7d\u94fe\u63a5\u5730\u5740)\r\n\r\n \u7136\u540e\uff0c\u4f7f\u7528\u4e0b\u9762\u7684\u547d\u4ee4\u6765\u5b89\u88c5\u8865\u4e01\uff1a \r\n # dpkg -i file.deb (file\u662f\u76f8\u5e94\u7684\u8865\u4e01\u540d)\r\n\r\n2. \u4f7f\u7528apt-get\u81ea\u52a8\u5b89\u88c5\u8865\u4e01\u5305\uff1a\r\n\r\n \u9996\u5148\uff0c\u4f7f\u7528\u4e0b\u9762\u7684\u547d\u4ee4\u66f4\u65b0\u5185\u90e8\u6570\u636e\u5e93\uff1a\r\n # apt-get update\r\n \r\n \u7136\u540e\uff0c\u4f7f\u7528\u4e0b\u9762\u7684\u547d\u4ee4\u5b89\u88c5\u66f4\u65b0\u8f6f\u4ef6\u5305\uff1a\r\n # apt-get upgrade", "modified": "2009-06-11T00:00:00", "published": "2009-06-11T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-11569", "id": "SSV:11569", "type": "seebug", "title": "Apache APR-util xml/apr_xml.c\u6587\u4ef6\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "sourceData": "\n http://sebug.net/exploit/11495/\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-11569", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-11-19T18:47:33", "bulletinFamily": "exploit", "description": "BUGTRAQ ID: 35251\r\nCVE(CAN) ID: CVE-2009-1956\r\n\r\nApr-util\u662fApache\u6240\u4f7f\u7528\u7684Apache\u53ef\u79fb\u690d\u8fd0\u884c\u65f6\u5de5\u5177\u5e93\u3002\r\n\r\nbig-endian\u5e73\u53f0\u4e0a\u6240\u8fd0\u884c\u7684APR-util\u5e93\u7684apr_brigade_vprintf()\u51fd\u6570\u4e2d\u5b58\u5728\u5355\u5b57\u8282\u6ea2\u51fa\u6f0f\u6d1e\uff1a\r\n\r\n 632 APU_DECLARE(apr_status_t) apr_brigade_vprintf(apr_bucket_brigade *b,\r\n...\r\n 638 struct brigade_vprintf_data_t vd;\r\n 639 char buf[APR_BUCKET_BUFF_SIZE];\r\n 640 apr_size_t written;\r\n...\r\n 656 *(vd.vbuff.curpos) = '\\0';\r\n...\r\n 659 return apr_brigade_write(b, flush, ctx, buf, vd.vbuff.curpos -\r\nbuf);\r\n\r\n\u5982\u679c\u8fdc\u7a0b\u653b\u51fb\u8005\u63d0\u4ea4\u4e86\u6076\u610f\u8f93\u5165\u7684\u8bdd\uff0c\u5c31\u53ef\u80fd\u89e6\u53d1\u8fd9\u4e2a\u6ea2\u51fa\uff0c\u5bfc\u81f4apr_brigade_write dump\u5927\u91cf\u7684\u5185\u5b58\uff0c\u9020\u6210\u4fe1\u606f\u6cc4\u9732\u6216\u670d\u52a1\u5668\u5d29\u6e83\u3002\r\n\n\nApache Group APR-util 1.3.4\n \u5382\u5546\u8865\u4e01\uff1a\r\n\r\nApache Group\r\n------------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\n<a href=\"http://apache.mirrors.esat.net/apr/apr-1.3.5-win32-src.zip\" target=\"_blank\" rel=external nofollow>http://apache.mirrors.esat.net/apr/apr-1.3.5-win32-src.zip</a>\r\n<a href=\"http://apache.mirrors.esat.net/apr/apr-1.3.5.tar.gz\" target=\"_blank\" rel=external nofollow>http://apache.mirrors.esat.net/apr/apr-1.3.5.tar.gz</a>", "modified": "2009-06-11T00:00:00", "published": "2009-06-11T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-11568", "id": "SSV:11568", "type": "seebug", "title": "Apache APR-util apr_brigade_vprintf\u51fd\u6570\u5355\u5b57\u8282\u6ea2\u51fa\u6f0f\u6d1e", "sourceData": "", "sourceHref": "", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}], "httpd": [{"lastseen": "2018-08-31T00:35:47", "bulletinFamily": "software", "description": "\nA heap-based underwrite flaw was found in the way the bundled copy of\nthe APR-util library created compiled forms of particular search\npatterns. An attacker could formulate a specially-crafted search\nkeyword, that would overwrite arbitrary heap memory locations when\nprocessed by the pattern preparation engine.\n", "modified": "2009-06-01T00:00:00", "published": "2008-12-25T00:00:00", "id": "HTTPD:1C2FBBF56925162ED41A62B394B7E0BD", "href": "https://httpd.apache.org/security_report.html", "title": "Apache Httpd < None: APR-util heap underwrite", "type": "httpd", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-26T21:39:37", "bulletinFamily": "software", "description": "\nA heap-based underwrite flaw was found in the way the bundled copy of\nthe APR-util library created compiled forms of particular search\npatterns. An attacker could formulate a specially-crafted search\nkeyword, that would overwrite arbitrary heap memory locations when\nprocessed by the pattern preparation engine.\n", "modified": "2009-07-27T00:00:00", "published": "2008-12-25T00:00:00", "id": "HTTPD:267D87D7598A6B9AF1BDE6F51188D387", "href": "https://httpd.apache.org/security_report.html", "type": "httpd", "title": "Apache Httpd < 2.2.12: APR-util heap underwrite", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T00:35:47", "bulletinFamily": "software", "description": "\nA denial of service flaw was found in the bundled copy of the APR-util\nlibrary Extensible Markup Language (XML) parser. A remote attacker\ncould create a specially-crafted XML document that would cause\nexcessive memory consumption when processed by the XML decoding\nengine.\n", "modified": "2009-06-01T00:00:00", "published": "2009-06-06T00:00:00", "id": "HTTPD:624F5487666F9D8F639D9C3A3BD39864", "href": "https://httpd.apache.org/security_report.html", "title": "Apache Httpd < None: APR-util XML DoS", "type": "httpd", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}]}