ID OPENVAS:136141256231064661 Type openvas Reporter Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com Modified 2018-04-06T00:00:00
Description
The remote host is missing updates to httpd announced in
advisory CESA-2009:1205.
#CESA-2009:1205 64661 2
# $Id: ovcesa2009_1205.nasl 9350 2018-04-06 07:03:33Z cfischer $
# Description: Auto-generated from advisory CESA-2009:1205 (httpd)
#
# Authors:
# Thomas Reinke <reinke@securityspace.com>
#
# Copyright:
# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# or at your option, GNU General Public License version 3,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
include("revisions-lib.inc");
tag_insight = "For details on the issues addressed in this update,
please visit the referenced security advisories.";
tag_solution = "Update the appropriate packages on your system.
http://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1205
http://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1205
https://rhn.redhat.com/errata/RHSA-2009-1205.html";
tag_summary = "The remote host is missing updates to httpd announced in
advisory CESA-2009:1205.";
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.64661");
script_version("$Revision: 9350 $");
script_tag(name:"last_modification", value:"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $");
script_tag(name:"creation_date", value:"2009-08-17 16:54:45 +0200 (Mon, 17 Aug 2009)");
script_cve_id("CVE-2009-1891", "CVE-2009-2412");
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_name("CentOS Security Advisory CESA-2009:1205 (httpd)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
script_family("CentOS Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/centos", "ssh/login/rpms");
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "summary" , value : tag_summary);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
#
# The script code starts here
#
include("pkg-lib-rpm.inc");
res = "";
report = "";
if ((res = isrpmvuln(pkg:"httpd", rpm:"httpd~2.0.46~75.ent.centos", rls:"CentOS3")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"httpd-devel", rpm:"httpd-devel~2.0.46~75.ent.centos", rls:"CentOS3")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"mod_ssl", rpm:"mod_ssl~2.0.46~75.ent.centos", rls:"CentOS3")) != NULL) {
report += res;
}
if (report != "") {
security_message(data:report);
} else if (__pkg_match) {
exit(99); # Not vulnerable.
}
{"pluginID": "136141256231064661", "sourceData": "#CESA-2009:1205 64661 2\n# $Id: ovcesa2009_1205.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1205 (httpd)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1205\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1205\nhttps://rhn.redhat.com/errata/RHSA-2009-1205.html\";\ntag_summary = \"The remote host is missing updates to httpd announced in\nadvisory CESA-2009:1205.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64661\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-08-17 16:54:45 +0200 (Mon, 17 Aug 2009)\");\n script_cve_id(\"CVE-2009-1891\", \"CVE-2009-2412\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"CentOS Security Advisory CESA-2009:1205 (httpd)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.0.46~75.ent.centos\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.0.46~75.ent.centos\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.0.46~75.ent.centos\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "history": [], "description": "The remote host is missing updates to httpd announced in\nadvisory CESA-2009:1205.", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064661", "type": "openvas", "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cvelist", "hash": "a2ef2df61dd99dd94ce7f1e4026dbf5c"}, {"key": "cvss", "hash": "2bdabeb49c44761f9565717ab0e38165"}, {"key": "description", "hash": "6e29b465bc5660232ad2d0a24a385b48"}, {"key": "href", "hash": "a6f0ac450862b5fe734e5983ab411af2"}, {"key": "modified", "hash": "4fb7fd6149697e74d091717ea3f1ca84"}, {"key": "naslFamily", "hash": "8f8213e8b86855939d5beea715ce3045"}, {"key": "pluginID", "hash": "e4713123d3561664718e408f2a8c1013"}, {"key": "published", "hash": "d343a57bc47caffdc7141523079c38cf"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "b778055b37159119ce97e96620d4ff56"}, {"key": "sourceData", "hash": "27991c7072214915d0c5f3870292fd56"}, {"key": "title", "hash": "c811dd7575c07bab28fb3e588a89a726"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}], "viewCount": 1, "references": [], "lastseen": "2018-04-06T11:40:14", "published": "2009-08-17T00:00:00", "naslFamily": "CentOS Local Security Checks", "objectVersion": "1.3", "cvelist": ["CVE-2009-2412", "CVE-2009-1891"], "id": "OPENVAS:136141256231064661", "hash": "b9ac26dd463c5789c9a6d1aa1fe5d3f59d20c00a5169fb7e09a1503b2ab26b12", "modified": "2018-04-06T00:00:00", "title": "CentOS Security Advisory CESA-2009:1205 (httpd)", "edition": 1, "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "bulletinFamily": "scanner", "enchantments": {"score": {"value": 7.5, "vector": "NONE", "modified": "2018-04-06T11:40:14"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2009-1891", "CVE-2009-2412"]}, {"type": "f5", "idList": ["F5:K13277", "SOL13277"]}, {"type": "centos", "idList": ["CESA-2009:1205", "CESA-2009:1204"]}, {"type": "nessus", "idList": ["ORACLELINUX_ELSA-2009-1205.NASL", "SL_20090810_HTTPD_ON_SL3_X.NASL", "CENTOS_RHSA-2009-1205.NASL", "REDHAT-RHSA-2009-1205.NASL", "UBUNTU_USN-813-3.NASL", "FEDORA_2009-8336.NASL", "MANDRIVA_MDVSA-2009-195.NASL", "CENTOS_RHSA-2009-1204.NASL", "UBUNTU_USN-813-2.NASL", "DEBIAN_DSA-1854.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:64661", "OPENVAS:880842", "OPENVAS:136141256231064595", "OPENVAS:1361412562310880842", "OPENVAS:64595", "OPENVAS:1361412562310800837", "OPENVAS:66106", "OPENVAS:800837", "OPENVAS:136141256231066106", "OPENVAS:136141256231064601"]}, {"type": "redhat", "idList": ["RHSA-2009:1205", "RHSA-2009:1204"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-1205", "ELSA-2009-1204"]}, {"type": "httpd", "idList": ["HTTPD:9ABDC7E294E94BEDA47AC9B86645BD13", "HTTPD:AC71A08C99F9508200CA999C87E53165", "HTTPD:C538A9873CDC035E18FA06D6A02323B5", "HTTPD:C67FA15AC06B0B82FE19C7B9ECC66350", "HTTPD:4901C61501FDBE6F1DBAF673D472D534", "HTTPD:6A0D341DB569FACF7F8A423D96B149BD"]}, {"type": "seebug", "idList": ["SSV:11802", "SSV:11999"]}, {"type": "suse", "idList": ["SUSE-SA:2009:050"]}, {"type": "slackware", "idList": ["SSA-2009-219-02", "SSA-2009-219-03"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1854-1:672CD"]}, {"type": "gentoo", "idList": ["GLSA-200909-03"]}, {"type": "ubuntu", "idList": ["USN-813-1", "USN-813-2", "USN-813-3", "USN-802-2"]}], "modified": "2018-04-06T11:40:14"}, "vulnersScore": 7.5}}
{"cve": [{"lastseen": "2019-08-24T09:25:12", "bulletinFamily": "NVD", "description": "The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service (CPU consumption).", "modified": "2018-10-30T16:25:00", "id": "CVE-2009-1891", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1891", "published": "2009-07-10T15:30:00", "title": "CVE-2009-1891", "type": "cve", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-24T09:25:13", "bulletinFamily": "NVD", "description": "Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger crafted calls to the (1) allocator_alloc or (2) apr_palloc function in memory/unix/apr_pools.c in APR; or crafted calls to the (3) apr_rmm_malloc, (4) apr_rmm_calloc, or (5) apr_rmm_realloc function in misc/apr_rmm.c in APR-util; leading to buffer overflows. NOTE: some of these details are obtained from third party information.", "modified": "2017-09-19T01:29:00", "id": "CVE-2009-2412", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2412", "published": "2009-08-06T15:30:00", "title": "CVE-2009-2412", "type": "cve", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "f5": [{"lastseen": "2017-10-12T02:11:10", "bulletinFamily": "software", "description": "Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by way of vectors that trigger crafted calls to the (1) allocator_alloc or (2) apr_palloc function in memory/unix/apr_pools.c in APR; or crafted calls to the (3) apr_rmm_malloc, (4) apr_rmm_calloc, or (5) apr_rmm_realloc function in misc/apr_rmm.c in APR-util; leading to buffer overflows.\n\nImpact\n\nDenial of service for the ARX management API.\n\n**ARX**\n\nTo eliminate this vulnerability, upgrade to a version that is listed in the **Versions known to be not vulnerable** column of the table.\n\nTo mitigate this vulnerability, do not enable access to the ARX management API.\n\n * <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412>\n\n**Note**: The previous link takes you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n", "modified": "2016-01-09T02:25:00", "published": "2011-12-28T23:07:00", "href": "https://support.f5.com/csp/article/K13277", "id": "F5:K13277", "title": "Apache vulnerability CVE-2009-2412", "type": "f5", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-26T17:23:21", "bulletinFamily": "software", "description": "Recommended action\n\n**ARX**\n\nTo eliminate this vulnerability, upgrade to a version that is listed in the **Versions known to be not vulnerable** column of the table.\n\nTo mitigate this vulnerability, do not enable access to the ARX management API.\n\nSupplemental Information\n\n * <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412>\n\n**Note**: The previous link takes you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge.\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n", "modified": "2013-09-04T00:00:00", "published": "2011-12-28T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/13000/200/sol13277.html", "id": "SOL13277", "title": "SOL13277 - Apache vulnerability CVE-2009-2412", "type": "f5", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "centos": [{"lastseen": "2019-05-29T18:33:38", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2009:1205\n\n\nThe Apache HTTP Server is a popular Web server. The httpd package shipped\nwith Red Hat Enterprise Linux 3 contains embedded copies of the Apache\nPortable Runtime (APR) libraries, which provide a free library of C data\nstructures and routines, and also additional utility interfaces to support\nXML parsing, LDAP, database interfaces, URI parsing, and more.\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows,\nwere found in the way the Apache Portable Runtime (APR) manages memory pool\nand relocatable memory allocations. An attacker could use these flaws to\nissue a specially-crafted request for memory allocation, which would lead\nto a denial of service (application crash) or, potentially, execute\narbitrary code with the privileges of an application using the APR\nlibraries. (CVE-2009-2412)\n\nA denial of service flaw was found in the Apache mod_deflate module. This\nmodule continued to compress large files until compression was complete,\neven if the network connection that requested the content was closed\nbefore compression completed. This would cause mod_deflate to consume\nlarge amounts of CPU if mod_deflate was enabled for a large file.\n(CVE-2009-1891)\n\nThis update also fixes the following bug:\n\n* in some cases the Content-Length header was dropped from HEAD responses.\nThis resulted in certain sites not working correctly with mod_proxy, such\nas www.windowsupdate.com. (BZ#506016)\n\nAll httpd users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the httpd daemon must be restarted for the update to take effect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-August/016066.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-August/016067.html\n\n**Affected packages:**\nhttpd\nhttpd-devel\nmod_ssl\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-1205.html", "modified": "2009-08-10T22:35:46", "published": "2009-08-10T22:35:07", "href": "http://lists.centos.org/pipermail/centos-announce/2009-August/016066.html", "id": "CESA-2009:1205", "title": "httpd, mod_ssl security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:47", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2009:1204\n\n\nThe Apache Portable Runtime (APR) is a portability library used by the\nApache HTTP Server and other projects. It aims to provide a free library\nof C data structures and routines. apr-util is a utility library used with\nAPR. This library provides additional utility interfaces for APR; including\nsupport for XML parsing, LDAP, database interfaces, URI parsing, and more.\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows,\nwere found in the way the Apache Portable Runtime (APR) manages memory pool\nand relocatable memory allocations. An attacker could use these flaws to\nissue a specially-crafted request for memory allocation, which would lead\nto a denial of service (application crash) or, potentially, execute\narbitrary code with the privileges of an application using the APR\nlibraries. (CVE-2009-2412)\n\nAll apr and apr-util users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. Applications using the\nAPR libraries, such as httpd, must be restarted for this update to take\neffect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-August/016072.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-August/016073.html\n\n**Affected packages:**\napr\napr-devel\napr-docs\napr-util\napr-util-devel\napr-util-docs\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-1204.html", "modified": "2009-08-11T22:20:30", "published": "2009-08-11T22:20:30", "href": "http://lists.centos.org/pipermail/centos-announce/2009-August/016072.html", "id": "CESA-2009:1204", "title": "apr security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2017-07-25T10:55:40", "bulletinFamily": "scanner", "description": "Check for the Version of httpd", "modified": "2017-07-10T00:00:00", "published": "2011-08-09T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=880842", "id": "OPENVAS:880842", "title": "CentOS Update for httpd CESA-2009:1205 centos3 i386", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for httpd CESA-2009:1205 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Apache HTTP Server is a popular Web server. The httpd package shipped\n with Red Hat Enterprise Linux 3 contains embedded copies of the Apache\n Portable Runtime (APR) libraries, which provide a free library of C data\n structures and routines, and also additional utility interfaces to support\n XML parsing, LDAP, database interfaces, URI parsing, and more.\n\n Multiple integer overflow flaws, leading to heap-based buffer overflows,\n were found in the way the Apache Portable Runtime (APR) manages memory pool\n and relocatable memory allocations. An attacker could use these flaws to\n issue a specially-crafted request for memory allocation, which would lead\n to a denial of service (application crash) or, potentially, execute\n arbitrary code with the privileges of an application using the APR\n libraries. (CVE-2009-2412)\n \n A denial of service flaw was found in the Apache mod_deflate module. This\n module continued to compress large files until compression was complete,\n even if the network connection that requested the content was closed\n before compression completed. This would cause mod_deflate to consume\n large amounts of CPU if mod_deflate was enabled for a large file.\n (CVE-2009-1891)\n \n This update also fixes the following bug:\n \n * in some cases the Content-Length header was dropped from HEAD responses.\n This resulted in certain sites not working correctly with mod_proxy, such\n as www.windowsupdate.com. (BZ#506016)\n \n All httpd users should upgrade to these updated packages, which contain\n backported patches to correct these issues. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"httpd on CentOS 3\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-August/016066.html\");\n script_id(880842);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2009:1205\");\n script_cve_id(\"CVE-2009-1891\", \"CVE-2009-2412\");\n script_name(\"CentOS Update for httpd CESA-2009:1205 centos3 i386\");\n\n script_summary(\"Check for the Version of httpd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.0.46~75.ent.centos\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.0.46~75.ent.centos\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.0.46~75.ent.centos\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:05", "bulletinFamily": "scanner", "description": "The remote host is missing updates to httpd announced in\nadvisory CESA-2009:1205.", "modified": "2017-07-10T00:00:00", "published": "2009-08-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=64661", "id": "OPENVAS:64661", "title": "CentOS Security Advisory CESA-2009:1205 (httpd)", "type": "openvas", "sourceData": "#CESA-2009:1205 64661 2\n# $Id: ovcesa2009_1205.nasl 6650 2017-07-10 11:43:12Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1205 (httpd)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1205\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1205\nhttps://rhn.redhat.com/errata/RHSA-2009-1205.html\";\ntag_summary = \"The remote host is missing updates to httpd announced in\nadvisory CESA-2009:1205.\";\n\n\n\nif(description)\n{\n script_id(64661);\n script_version(\"$Revision: 6650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:43:12 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-08-17 16:54:45 +0200 (Mon, 17 Aug 2009)\");\n script_cve_id(\"CVE-2009-1891\", \"CVE-2009-2412\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"CentOS Security Advisory CESA-2009:1205 (httpd)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.0.46~75.ent.centos\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.0.46~75.ent.centos\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.0.46~75.ent.centos\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:11", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1205.\n\nThe Apache HTTP Server is a popular Web server. The httpd package shipped\nwith Red Hat Enterprise Linux 3 contains embedded copies of the Apache\nPortable Runtime (APR) libraries, which provide a free library of C data\nstructures and routines, and also additional utility interfaces to support\nXML parsing, LDAP, database interfaces, URI parsing, and more.\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows,\nwere found in the way the Apache Portable Runtime (APR) manages memory pool\nand relocatable memory allocations. An attacker could use these flaws to\nissue a specially-crafted request for memory allocation, which would lead\nto a denial of service (application crash) or, potentially, execute\narbitrary code with the privileges of an application using the APR\nlibraries. (CVE-2009-2412)\n\nA denial of service flaw was found in the Apache mod_deflate module. This\nmodule continued to compress large files until compression was complete,\neven if the network connection that requested the content was closed\nbefore compression completed. This would cause mod_deflate to consume\nlarge amounts of CPU if mod_deflate was enabled for a large file.\n(CVE-2009-1891)\n\nThis update also fixes the following bug:\n\n* in some cases the Content-Length header was dropped from HEAD responses.\nThis resulted in certain sites not working correctly with mod_proxy, such\nas www.windowsupdate.com. (BZ#506016)\n\nAll httpd users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the httpd daemon must be restarted for the update to take effect.", "modified": "2018-04-06T00:00:00", "published": "2009-08-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064595", "id": "OPENVAS:136141256231064595", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1205", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1205.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1205 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1205.\n\nThe Apache HTTP Server is a popular Web server. The httpd package shipped\nwith Red Hat Enterprise Linux 3 contains embedded copies of the Apache\nPortable Runtime (APR) libraries, which provide a free library of C data\nstructures and routines, and also additional utility interfaces to support\nXML parsing, LDAP, database interfaces, URI parsing, and more.\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows,\nwere found in the way the Apache Portable Runtime (APR) manages memory pool\nand relocatable memory allocations. An attacker could use these flaws to\nissue a specially-crafted request for memory allocation, which would lead\nto a denial of service (application crash) or, potentially, execute\narbitrary code with the privileges of an application using the APR\nlibraries. (CVE-2009-2412)\n\nA denial of service flaw was found in the Apache mod_deflate module. This\nmodule continued to compress large files until compression was complete,\neven if the network connection that requested the content was closed\nbefore compression completed. This would cause mod_deflate to consume\nlarge amounts of CPU if mod_deflate was enabled for a large file.\n(CVE-2009-1891)\n\nThis update also fixes the following bug:\n\n* in some cases the Content-Length header was dropped from HEAD responses.\nThis resulted in certain sites not working correctly with mod_proxy, such\nas www.windowsupdate.com. (BZ#506016)\n\nAll httpd users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the httpd daemon must be restarted for the update to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64595\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-08-17 16:54:45 +0200 (Mon, 17 Aug 2009)\");\n script_cve_id(\"CVE-2009-1891\", \"CVE-2009-2412\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1205\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1205.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#moderate\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.0.46~75.ent\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-debuginfo\", rpm:\"httpd-debuginfo~2.0.46~75.ent\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.0.46~75.ent\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.0.46~75.ent\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:29", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2011-08-09T00:00:00", "id": "OPENVAS:1361412562310880842", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880842", "title": "CentOS Update for httpd CESA-2009:1205 centos3 i386", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for httpd CESA-2009:1205 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-August/016066.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880842\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2009:1205\");\n script_cve_id(\"CVE-2009-1891\", \"CVE-2009-2412\");\n script_name(\"CentOS Update for httpd CESA-2009:1205 centos3 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'httpd'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS3\");\n script_tag(name:\"affected\", value:\"httpd on CentOS 3\");\n script_tag(name:\"insight\", value:\"The Apache HTTP Server is a popular Web server. The httpd package shipped\n with Red Hat Enterprise Linux 3 contains embedded copies of the Apache\n Portable Runtime (APR) libraries, which provide a free library of C data\n structures and routines, and also additional utility interfaces to support\n XML parsing, LDAP, database interfaces, URI parsing, and more.\n\n Multiple integer overflow flaws, leading to heap-based buffer overflows,\n were found in the way the Apache Portable Runtime (APR) manages memory pool\n and relocatable memory allocations. An attacker could use these flaws to\n issue a specially-crafted request for memory allocation, which would lead\n to a denial of service (application crash) or, potentially, execute\n arbitrary code with the privileges of an application using the APR\n libraries. (CVE-2009-2412)\n\n A denial of service flaw was found in the Apache mod_deflate module. This\n module continued to compress large files until compression was complete,\n even if the network connection that requested the content was closed\n before compression completed. This would cause mod_deflate to consume\n large amounts of CPU if mod_deflate was enabled for a large file.\n (CVE-2009-1891)\n\n This update also fixes the following bug:\n\n * in some cases the Content-Length header was dropped from HEAD responses.\n This resulted in certain sites not working correctly with mod_proxy, such\n as www.windowsupdate.com. (BZ#506016)\n\n All httpd users should upgrade to these updated packages, which contain\n backported patches to correct these issues. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.0.46~75.ent.centos\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.0.46~75.ent.centos\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.0.46~75.ent.centos\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-27T10:56:40", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1205.\n\nThe Apache HTTP Server is a popular Web server. The httpd package shipped\nwith Red Hat Enterprise Linux 3 contains embedded copies of the Apache\nPortable Runtime (APR) libraries, which provide a free library of C data\nstructures and routines, and also additional utility interfaces to support\nXML parsing, LDAP, database interfaces, URI parsing, and more.\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows,\nwere found in the way the Apache Portable Runtime (APR) manages memory pool\nand relocatable memory allocations. An attacker could use these flaws to\nissue a specially-crafted request for memory allocation, which would lead\nto a denial of service (application crash) or, potentially, execute\narbitrary code with the privileges of an application using the APR\nlibraries. (CVE-2009-2412)\n\nA denial of service flaw was found in the Apache mod_deflate module. This\nmodule continued to compress large files until compression was complete,\neven if the network connection that requested the content was closed\nbefore compression completed. This would cause mod_deflate to consume\nlarge amounts of CPU if mod_deflate was enabled for a large file.\n(CVE-2009-1891)\n\nThis update also fixes the following bug:\n\n* in some cases the Content-Length header was dropped from HEAD responses.\nThis resulted in certain sites not working correctly with mod_proxy, such\nas www.windowsupdate.com. (BZ#506016)\n\nAll httpd users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the httpd daemon must be restarted for the update to take effect.", "modified": "2017-07-12T00:00:00", "published": "2009-08-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=64595", "id": "OPENVAS:64595", "title": "RedHat Security Advisory RHSA-2009:1205", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1205.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1205 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1205.\n\nThe Apache HTTP Server is a popular Web server. The httpd package shipped\nwith Red Hat Enterprise Linux 3 contains embedded copies of the Apache\nPortable Runtime (APR) libraries, which provide a free library of C data\nstructures and routines, and also additional utility interfaces to support\nXML parsing, LDAP, database interfaces, URI parsing, and more.\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows,\nwere found in the way the Apache Portable Runtime (APR) manages memory pool\nand relocatable memory allocations. An attacker could use these flaws to\nissue a specially-crafted request for memory allocation, which would lead\nto a denial of service (application crash) or, potentially, execute\narbitrary code with the privileges of an application using the APR\nlibraries. (CVE-2009-2412)\n\nA denial of service flaw was found in the Apache mod_deflate module. This\nmodule continued to compress large files until compression was complete,\neven if the network connection that requested the content was closed\nbefore compression completed. This would cause mod_deflate to consume\nlarge amounts of CPU if mod_deflate was enabled for a large file.\n(CVE-2009-1891)\n\nThis update also fixes the following bug:\n\n* in some cases the Content-Length header was dropped from HEAD responses.\nThis resulted in certain sites not working correctly with mod_proxy, such\nas www.windowsupdate.com. (BZ#506016)\n\nAll httpd users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the httpd daemon must be restarted for the update to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(64595);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-08-17 16:54:45 +0200 (Mon, 17 Aug 2009)\");\n script_cve_id(\"CVE-2009-1891\", \"CVE-2009-2412\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1205\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1205.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#moderate\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.0.46~75.ent\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-debuginfo\", rpm:\"httpd-debuginfo~2.0.46~75.ent\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.0.46~75.ent\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.0.46~75.ent\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:40:18", "bulletinFamily": "scanner", "description": "This host is running Apache HTTP Server and is prone to Denial of Service\n vulnerability.", "modified": "2019-03-07T00:00:00", "published": "2009-07-15T00:00:00", "id": "OPENVAS:1361412562310800837", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310800837", "title": "Apache 'mod_deflate' Denial Of Service Vulnerability - July09", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apache_mod_deflate_dos_vuln_jul09.nasl 14031 2019-03-07 10:47:29Z cfischer $\n#\n# Apache 'mod_deflate' Denial Of Service Vulnerability - July09\n#\n# Authors:\n# Sharath S <sharaths@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apache:http_server\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.800837\");\n script_version(\"$Revision: 14031 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-07 11:47:29 +0100 (Thu, 07 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-15 13:05:34 +0200 (Wed, 15 Jul 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_cve_id(\"CVE-2009-1891\");\n script_bugtraq_id(35623);\n script_name(\"Apache 'mod_deflate' Denial Of Service Vulnerability - July09\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"secpod_apache_detect.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_mandatory_keys(\"apache/installed\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/35781\");\n script_xref(name:\"URL\", value:\"http://www.vupen.com/english/advisories/2009/1841\");\n script_xref(name:\"URL\", value:\"https://rhn.redhat.com/errata/RHSA-2009-1148.html\");\n script_xref(name:\"URL\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=509125\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to cause Denial of Service\n to the legitimate user by CPU consumption.\");\n\n script_tag(name:\"affected\", value:\"Apache HTTP Server version 2.2.11 and prior.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to error in 'mod_deflate' module which can cause a high CPU\n load by requesting large files which are compressed and then disconnecting.\");\n\n script_tag(name:\"summary\", value:\"This host is running Apache HTTP Server and is prone to Denial of Service\n vulnerability.\");\n\n script_tag(name:\"solution\", value:\"Update to version 2.2.12 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! port = get_app_port( cpe:CPE ) )\n exit( 0 );\n\nif( ! vers = get_app_version( cpe:CPE, port:port ) )\n exit( 0 );\n\nif( version_is_less_equal( version:vers, test_version:\"2.2.11\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"2.2.12\" );\n security_message( port:port, data:report );\n exit( 0 );\n}\n\nexit( 99 );", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-09-19T12:03:47", "bulletinFamily": "scanner", "description": "This host is running Apache HTTP Server and is prone to Denial of Service\n vulnerability.", "modified": "2017-09-18T00:00:00", "published": "2009-07-15T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=800837", "id": "OPENVAS:800837", "title": "Apache 'mod_deflate' Denial Of Service Vulnerability - July09", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apache_mod_deflate_dos_vuln_jul09.nasl 7176 2017-09-18 12:01:01Z cfischer $\n#\n# Apache 'mod_deflate' Denial Of Service Vulnerability - July09\n#\n# Authors:\n# Sharath S <sharaths@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_solution = \"Fixed in the SVN repository.\n http://svn.apache.org/viewvc?view=rev&revision=791454\n\n ******\n NOTE: Ignore this warning if above mentioned patch is already applied.\n ******\";\n\ntag_impact = \"Successful exploitation will allow remote attackers to cause Denial of Service\n to the legitimate user by CPU consumption.\n Impact Level: Application\";\ntag_affected = \"Apache HTTP Server version 2.2.11 and prior\";\ntag_insight = \"The flaw is due to error in 'mod_deflate' module which can cause a high CPU\n load by requesting large files which are compressed and then disconnecting.\";\ntag_summary = \"This host is running Apache HTTP Server and is prone to Denial of Service\n vulnerability.\";\n\nif(description)\n{\n script_id(800837);\n script_version(\"$Revision: 7176 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-09-18 14:01:01 +0200 (Mon, 18 Sep 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-15 13:05:34 +0200 (Wed, 15 Jul 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_cve_id(\"CVE-2009-1891\");\n script_bugtraq_id(35623);\n script_name(\"Apache 'mod_deflate' Denial Of Service Vulnerability - July09\");\n\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/35781\");\n script_xref(name : \"URL\" , value : \"http://www.vupen.com/english/advisories/2009/1841\");\n script_xref(name : \"URL\" , value : \"https://rhn.redhat.com/errata/RHSA-2009-1148.html\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=509125\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"secpod_apache_detect.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n exit(0);\n}\n\n\ninclude(\"http_func.inc\");\ninclude(\"version_func.inc\");\n\nhttpdPort = get_http_port(default:80);\nif(!httpdPort){\n exit(0);\n}\n\nhttpdVer = get_kb_item(\"www/\" + httpdPort + \"/Apache\");\n\nif(httpdVer != NULL)\n{\n if(version_is_less_equal(version:httpdVer, test_version:\"2.2.11\")){\n security_message(httpdPort);\n }\n}\n", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:18", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory SUSE-SA:2009:050.", "modified": "2017-07-11T00:00:00", "published": "2009-10-27T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=66106", "id": "OPENVAS:66106", "title": "SuSE Security Advisory SUSE-SA:2009:050 (apache2,libapr1)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sa_2009_050.nasl 6668 2017-07-11 13:34:29Z cfischer $\n# Description: Auto-generated from advisory SUSE-SA:2009:050 (apache2,libapr1)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Apache web server was updated to fix various security issues:\n- the option IncludesNOEXEC could be bypassed via .htaccess (CVE-2009-1195)\n- mod_proxy could run into an infinite loop when used as reverse proxy\n(CVE-2009-1890)\n- mod_deflate continued to compress large files even after a network\nconnection was closed, causing mod_deflate to consume large amounts\nof CPU (CVE-2009-1891)\n- The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in\nthe mod_proxy_ftp module allows remote FTP servers to cause a denial\nof service (NULL pointer dereference and child process crash) via a\nmalformed reply to an EPSV command. (CVE-2009-3094)\n- access restriction bypass in mod_proxy_ftp module (CVE-2009-3095)\n\nAlso the libapr1 and libapr-util1 Apache helper libraries were updated\nto fix multiple integer overflows that could probably be used to\nexecute arbitrary code remotely. (CVE-2009-2412)\";\ntag_solution = \"Update your system with the packages as indicated in\nthe referenced security advisory.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:050\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SA:2009:050.\";\n\n \n\nif(description)\n{\n script_id(66106);\n script_version(\"$Revision: 6668 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:34:29 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-27 01:37:56 +0100 (Tue, 27 Oct 2009)\");\n script_cve_id(\"CVE-2009-1195\", \"CVE-2009-1890\", \"CVE-2009-1891\", \"CVE-2009-2412\", \"CVE-2009-3094\", \"CVE-2009-3095\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Advisory SUSE-SA:2009:050 (apache2,libapr1)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apache2-debuginfo\", rpm:\"apache2-debuginfo~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-debugsource\", rpm:\"apache2-debugsource~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-debuginfo\", rpm:\"libapr-util1-debuginfo~1.3.4~13.3.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-debugsource\", rpm:\"libapr-util1-debugsource~1.3.4~13.3.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-debuginfo\", rpm:\"libapr1-debuginfo~1.3.3~12.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-debugsource\", rpm:\"libapr1-debugsource~1.3.3~12.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-utils\", rpm:\"apache2-utils~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1\", rpm:\"libapr-util1~1.3.4~13.3.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-mysql\", rpm:\"libapr-util1-dbd-mysql~1.3.4~13.3.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-pgsql\", rpm:\"libapr-util1-dbd-pgsql~1.3.4~13.3.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-sqlite3\", rpm:\"libapr-util1-dbd-sqlite3~1.3.4~13.3.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-devel\", rpm:\"libapr-util1-devel~1.3.4~13.3.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1\", rpm:\"libapr1~1.3.3~12.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-devel\", rpm:\"libapr1-devel~1.3.3~12.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-debuginfo\", rpm:\"apache2-debuginfo~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-debugsource\", rpm:\"apache2-debugsource~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-debuginfo\", rpm:\"libapr-util1-debuginfo~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-debugsource\", rpm:\"libapr-util1-debugsource~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-debuginfo\", rpm:\"libapr1-debuginfo~1.2.12~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-debugsource\", rpm:\"libapr1-debugsource~1.2.12~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-utils\", rpm:\"apache2-utils~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1\", rpm:\"libapr-util1~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-mysql\", rpm:\"libapr-util1-dbd-mysql~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-pgsql\", rpm:\"libapr-util1-dbd-pgsql~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-sqlite3\", rpm:\"libapr-util1-dbd-sqlite3~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-devel\", rpm:\"libapr-util1-devel~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1\", rpm:\"libapr1~1.2.12~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-devel\", rpm:\"libapr1-devel~1.2.12~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.2.4~70.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.2.4~70.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.2.4~70.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.2.4~70.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.2.4~70.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-utils\", rpm:\"apache2-utils~2.2.4~70.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.2.4~70.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1\", rpm:\"libapr-util1~1.2.8~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-mysql\", rpm:\"libapr-util1-dbd-mysql~1.2.8~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-pgsql\", rpm:\"libapr-util1-dbd-pgsql~1.2.8~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-sqlite3\", rpm:\"libapr-util1-dbd-sqlite3~1.2.8~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-devel\", rpm:\"libapr-util1-devel~1.2.8~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1\", rpm:\"libapr1~1.2.9~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-devel\", rpm:\"libapr1-devel~1.2.9~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-64bit\", rpm:\"libapr-util1-64bit~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-devel-64bit\", rpm:\"libapr-util1-devel-64bit~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-64bit\", rpm:\"libapr1-64bit~1.2.12~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-devel-64bit\", rpm:\"libapr1-devel-64bit~1.2.12~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-64bit\", rpm:\"libapr-util1-64bit~1.2.8~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-devel-64bit\", rpm:\"libapr-util1-devel-64bit~1.2.8~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-64bit\", rpm:\"libapr1-64bit~1.2.9~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-devel-64bit\", rpm:\"libapr1-devel-64bit~1.2.9~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:37:34", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory SUSE-SA:2009:050.", "modified": "2018-04-06T00:00:00", "published": "2009-10-27T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066106", "id": "OPENVAS:136141256231066106", "title": "SuSE Security Advisory SUSE-SA:2009:050 (apache2,libapr1)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sa_2009_050.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory SUSE-SA:2009:050 (apache2,libapr1)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Apache web server was updated to fix various security issues:\n- the option IncludesNOEXEC could be bypassed via .htaccess (CVE-2009-1195)\n- mod_proxy could run into an infinite loop when used as reverse proxy\n(CVE-2009-1890)\n- mod_deflate continued to compress large files even after a network\nconnection was closed, causing mod_deflate to consume large amounts\nof CPU (CVE-2009-1891)\n- The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in\nthe mod_proxy_ftp module allows remote FTP servers to cause a denial\nof service (NULL pointer dereference and child process crash) via a\nmalformed reply to an EPSV command. (CVE-2009-3094)\n- access restriction bypass in mod_proxy_ftp module (CVE-2009-3095)\n\nAlso the libapr1 and libapr-util1 Apache helper libraries were updated\nto fix multiple integer overflows that could probably be used to\nexecute arbitrary code remotely. (CVE-2009-2412)\";\ntag_solution = \"Update your system with the packages as indicated in\nthe referenced security advisory.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:050\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SA:2009:050.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66106\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-27 01:37:56 +0100 (Tue, 27 Oct 2009)\");\n script_cve_id(\"CVE-2009-1195\", \"CVE-2009-1890\", \"CVE-2009-1891\", \"CVE-2009-2412\", \"CVE-2009-3094\", \"CVE-2009-3095\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Advisory SUSE-SA:2009:050 (apache2,libapr1)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apache2-debuginfo\", rpm:\"apache2-debuginfo~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-debugsource\", rpm:\"apache2-debugsource~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-debuginfo\", rpm:\"libapr-util1-debuginfo~1.3.4~13.3.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-debugsource\", rpm:\"libapr-util1-debugsource~1.3.4~13.3.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-debuginfo\", rpm:\"libapr1-debuginfo~1.3.3~12.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-debugsource\", rpm:\"libapr1-debugsource~1.3.3~12.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-utils\", rpm:\"apache2-utils~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1\", rpm:\"libapr-util1~1.3.4~13.3.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-mysql\", rpm:\"libapr-util1-dbd-mysql~1.3.4~13.3.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-pgsql\", rpm:\"libapr-util1-dbd-pgsql~1.3.4~13.3.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-sqlite3\", rpm:\"libapr-util1-dbd-sqlite3~1.3.4~13.3.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-devel\", rpm:\"libapr-util1-devel~1.3.4~13.3.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1\", rpm:\"libapr1~1.3.3~12.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-devel\", rpm:\"libapr1-devel~1.3.3~12.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-debuginfo\", rpm:\"apache2-debuginfo~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-debugsource\", rpm:\"apache2-debugsource~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-debuginfo\", rpm:\"libapr-util1-debuginfo~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-debugsource\", rpm:\"libapr-util1-debugsource~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-debuginfo\", rpm:\"libapr1-debuginfo~1.2.12~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-debugsource\", rpm:\"libapr1-debugsource~1.2.12~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-utils\", rpm:\"apache2-utils~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1\", rpm:\"libapr-util1~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-mysql\", rpm:\"libapr-util1-dbd-mysql~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-pgsql\", rpm:\"libapr-util1-dbd-pgsql~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-sqlite3\", rpm:\"libapr-util1-dbd-sqlite3~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-devel\", rpm:\"libapr-util1-devel~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1\", rpm:\"libapr1~1.2.12~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-devel\", rpm:\"libapr1-devel~1.2.12~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.2.4~70.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.2.4~70.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.2.4~70.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.2.4~70.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.2.4~70.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-utils\", rpm:\"apache2-utils~2.2.4~70.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.2.4~70.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1\", rpm:\"libapr-util1~1.2.8~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-mysql\", rpm:\"libapr-util1-dbd-mysql~1.2.8~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-pgsql\", rpm:\"libapr-util1-dbd-pgsql~1.2.8~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-sqlite3\", rpm:\"libapr-util1-dbd-sqlite3~1.2.8~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-devel\", rpm:\"libapr-util1-devel~1.2.8~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1\", rpm:\"libapr1~1.2.9~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-devel\", rpm:\"libapr1-devel~1.2.9~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-64bit\", rpm:\"libapr-util1-64bit~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-devel-64bit\", rpm:\"libapr-util1-devel-64bit~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-64bit\", rpm:\"libapr1-64bit~1.2.12~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-devel-64bit\", rpm:\"libapr1-devel-64bit~1.2.12~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-64bit\", rpm:\"libapr-util1-64bit~1.2.8~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-devel-64bit\", rpm:\"libapr-util1-devel-64bit~1.2.8~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-64bit\", rpm:\"libapr1-64bit~1.2.9~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-devel-64bit\", rpm:\"libapr1-devel-64bit~1.2.9~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:12", "bulletinFamily": "scanner", "description": "The remote host is missing an update to apr\nannounced via advisory FEDORA-2009-8336.", "modified": "2017-07-10T00:00:00", "published": "2009-08-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=64614", "id": "OPENVAS:64614", "title": "Fedora Core 11 FEDORA-2009-8336 (apr)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_8336.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-8336 (apr)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The mission of the Apache Portable Runtime (APR) is to provide a\nfree library of C data structures and routines, forming a system\nportability layer to as many operating systems as possible,\nincluding Unices, MS Win32, BeOS and OS/2.\n\nUpdate Information:\n\nCVE-2009-2412: allocator alignment fixes Full details here:\nhttp://www.apache.org/dist/apr/patches/\nChangeLog:\n\n* Thu Aug 6 2009 Bojan Smojver - 1.3.8-1\n- bump up to 1.3.8\n- CVE-2009-2412\n- allocator alignment fixes\n* Mon Jun 8 2009 Bojan Smojver - 1.3.5-1\n- bump up to 1.3.5\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update apr' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8336\";\ntag_summary = \"The remote host is missing an update to apr\nannounced via advisory FEDORA-2009-8336.\";\n\n\n\nif(description)\n{\n script_id(64614);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-08-17 16:54:45 +0200 (Mon, 17 Aug 2009)\");\n script_cve_id(\"CVE-2009-2412\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 11 FEDORA-2009-8336 (apr)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=515698\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.3.8~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apr-devel\", rpm:\"apr-devel~1.3.8~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apr-debuginfo\", rpm:\"apr-debuginfo~1.3.8~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2019-02-21T01:19:22", "bulletinFamily": "scanner", "description": "From Red Hat Security Advisory 2009:1205 :\n\nUpdated httpd packages that fix multiple security issues and a bug are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe Apache HTTP Server is a popular Web server. The httpd package shipped with Red Hat Enterprise Linux 3 contains embedded copies of the Apache Portable Runtime (APR) libraries, which provide a free library of C data structures and routines, and also additional utility interfaces to support XML parsing, LDAP, database interfaces, URI parsing, and more.\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way the Apache Portable Runtime (APR) manages memory pool and relocatable memory allocations. An attacker could use these flaws to issue a specially crafted request for memory allocation, which would lead to a denial of service (application crash) or, potentially, execute arbitrary code with the privileges of an application using the APR libraries. (CVE-2009-2412)\n\nA denial of service flaw was found in the Apache mod_deflate module.\nThis module continued to compress large files until compression was complete, even if the network connection that requested the content was closed before compression completed. This would cause mod_deflate to consume large amounts of CPU if mod_deflate was enabled for a large file. (CVE-2009-1891)\n\nThis update also fixes the following bug :\n\n* in some cases the Content-Length header was dropped from HEAD responses. This resulted in certain sites not working correctly with mod_proxy, such as www.windowsupdate.com. (BZ#506016)\n\nAll httpd users should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "modified": "2018-06-29T00:00:00", "id": "ORACLELINUX_ELSA-2009-1205.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=67908", "published": "2013-07-12T00:00:00", "title": "Oracle Linux 3 : httpd (ELSA-2009-1205)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:1205 and \n# Oracle Linux Security Advisory ELSA-2009-1205 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(67908);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/06/29 12:01:01\");\n\n script_cve_id(\"CVE-2009-1891\", \"CVE-2009-2412\");\n script_bugtraq_id(35623, 35949);\n script_xref(name:\"RHSA\", value:\"2009:1205\");\n\n script_name(english:\"Oracle Linux 3 : httpd (ELSA-2009-1205)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:1205 :\n\nUpdated httpd packages that fix multiple security issues and a bug are\nnow available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Apache HTTP Server is a popular Web server. The httpd package\nshipped with Red Hat Enterprise Linux 3 contains embedded copies of\nthe Apache Portable Runtime (APR) libraries, which provide a free\nlibrary of C data structures and routines, and also additional utility\ninterfaces to support XML parsing, LDAP, database interfaces, URI\nparsing, and more.\n\nMultiple integer overflow flaws, leading to heap-based buffer\noverflows, were found in the way the Apache Portable Runtime (APR)\nmanages memory pool and relocatable memory allocations. An attacker\ncould use these flaws to issue a specially crafted request for memory\nallocation, which would lead to a denial of service (application\ncrash) or, potentially, execute arbitrary code with the privileges of\nan application using the APR libraries. (CVE-2009-2412)\n\nA denial of service flaw was found in the Apache mod_deflate module.\nThis module continued to compress large files until compression was\ncomplete, even if the network connection that requested the content\nwas closed before compression completed. This would cause mod_deflate\nto consume large amounts of CPU if mod_deflate was enabled for a large\nfile. (CVE-2009-1891)\n\nThis update also fixes the following bug :\n\n* in some cases the Content-Length header was dropped from HEAD\nresponses. This resulted in certain sites not working correctly with\nmod_proxy, such as www.windowsupdate.com. (BZ#506016)\n\nAll httpd users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the httpd daemon must be restarted for the\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-August/001113.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected httpd packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/08/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"httpd-2.0.46-75.0.1.ent\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"httpd-2.0.46-75.0.1.ent\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"httpd-devel-2.0.46-75.0.1.ent\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"httpd-devel-2.0.46-75.0.1.ent\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"mod_ssl-2.0.46-75.0.1.ent\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"mod_ssl-2.0.46-75.0.1.ent\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-devel / mod_ssl\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:17:12", "bulletinFamily": "scanner", "description": "CVE-2009-1891 httpd: possible temporary DoS (CPU consumption) in mod_deflate\n\nCVE-2009-2412 apr, apr-util: Integer overflows in memory pool (apr) and relocatable memory (apr-util) management\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way the Apache Portable Runtime (APR) manages memory pool and relocatable memory allocations. An attacker could use these flaws to issue a specially crafted request for memory allocation, which would lead to a denial of service (application crash) or, potentially, execute arbitrary code with the privileges of an application using the APR libraries. (CVE-2009-2412)\n\nA denial of service flaw was found in the Apache mod_deflate module.\nThis module continued to compress large files until compression was complete, even if the network connection that requested the content was closed before compression completed. This would cause mod_deflate to consume large amounts of CPU if mod_deflate was enabled for a large file. (CVE-2009-1891)\n\nThis update also fixes the following bug :\n\n - in some cases the Content-Length header was dropped from HEAD responses. This resulted in certain sites not working correctly with mod_proxy, such as www.windowsupdate.com. (BZ#506016)\n\nAfter installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "modified": "2019-01-02T00:00:00", "id": "SL_20090810_HTTPD_ON_SL3_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=60636", "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : httpd on SL3.x i386/x86_64", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(60636);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/01/02 10:36:42\");\n\n script_cve_id(\"CVE-2009-1891\", \"CVE-2009-2412\");\n\n script_name(english:\"Scientific Linux Security Update : httpd on SL3.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2009-1891 httpd: possible temporary DoS (CPU consumption) in\nmod_deflate\n\nCVE-2009-2412 apr, apr-util: Integer overflows in memory pool (apr)\nand relocatable memory (apr-util) management\n\nMultiple integer overflow flaws, leading to heap-based buffer\noverflows, were found in the way the Apache Portable Runtime (APR)\nmanages memory pool and relocatable memory allocations. An attacker\ncould use these flaws to issue a specially crafted request for memory\nallocation, which would lead to a denial of service (application\ncrash) or, potentially, execute arbitrary code with the privileges of\nan application using the APR libraries. (CVE-2009-2412)\n\nA denial of service flaw was found in the Apache mod_deflate module.\nThis module continued to compress large files until compression was\ncomplete, even if the network connection that requested the content\nwas closed before compression completed. This would cause mod_deflate\nto consume large amounts of CPU if mod_deflate was enabled for a large\nfile. (CVE-2009-1891)\n\nThis update also fixes the following bug :\n\n - in some cases the Content-Length header was dropped from\n HEAD responses. This resulted in certain sites not\n working correctly with mod_proxy, such as\n www.windowsupdate.com. (BZ#506016)\n\nAfter installing the updated packages, the httpd daemon must be\nrestarted for the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=506016\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0908&L=scientific-linux-errata&T=0&P=462\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?faaf4a09\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected httpd, httpd-devel and / or mod_ssl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/08/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL3\", reference:\"httpd-2.0.46-75.sl3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"httpd-devel-2.0.46-75.sl3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"mod_ssl-2.0.46-75.sl3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:12:15", "bulletinFamily": "scanner", "description": "Updated httpd packages that fix multiple security issues and a bug are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe Apache HTTP Server is a popular Web server. The httpd package shipped with Red Hat Enterprise Linux 3 contains embedded copies of the Apache Portable Runtime (APR) libraries, which provide a free library of C data structures and routines, and also additional utility interfaces to support XML parsing, LDAP, database interfaces, URI parsing, and more.\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way the Apache Portable Runtime (APR) manages memory pool and relocatable memory allocations. An attacker could use these flaws to issue a specially crafted request for memory allocation, which would lead to a denial of service (application crash) or, potentially, execute arbitrary code with the privileges of an application using the APR libraries. (CVE-2009-2412)\n\nA denial of service flaw was found in the Apache mod_deflate module.\nThis module continued to compress large files until compression was complete, even if the network connection that requested the content was closed before compression completed. This would cause mod_deflate to consume large amounts of CPU if mod_deflate was enabled for a large file. (CVE-2009-1891)\n\nThis update also fixes the following bug :\n\n* in some cases the Content-Length header was dropped from HEAD responses. This resulted in certain sites not working correctly with mod_proxy, such as www.windowsupdate.com. (BZ#506016)\n\nAll httpd users should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "modified": "2018-11-10T00:00:00", "id": "CENTOS_RHSA-2009-1205.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=40532", "published": "2009-08-11T00:00:00", "title": "CentOS 3 : httpd (CESA-2009:1205)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1205 and \n# CentOS Errata and Security Advisory 2009:1205 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40532);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/11/10 11:49:29\");\n\n script_cve_id(\"CVE-2009-1891\", \"CVE-2009-2412\");\n script_bugtraq_id(35623, 35949);\n script_xref(name:\"RHSA\", value:\"2009:1205\");\n\n script_name(english:\"CentOS 3 : httpd (CESA-2009:1205)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated httpd packages that fix multiple security issues and a bug are\nnow available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Apache HTTP Server is a popular Web server. The httpd package\nshipped with Red Hat Enterprise Linux 3 contains embedded copies of\nthe Apache Portable Runtime (APR) libraries, which provide a free\nlibrary of C data structures and routines, and also additional utility\ninterfaces to support XML parsing, LDAP, database interfaces, URI\nparsing, and more.\n\nMultiple integer overflow flaws, leading to heap-based buffer\noverflows, were found in the way the Apache Portable Runtime (APR)\nmanages memory pool and relocatable memory allocations. An attacker\ncould use these flaws to issue a specially crafted request for memory\nallocation, which would lead to a denial of service (application\ncrash) or, potentially, execute arbitrary code with the privileges of\nan application using the APR libraries. (CVE-2009-2412)\n\nA denial of service flaw was found in the Apache mod_deflate module.\nThis module continued to compress large files until compression was\ncomplete, even if the network connection that requested the content\nwas closed before compression completed. This would cause mod_deflate\nto consume large amounts of CPU if mod_deflate was enabled for a large\nfile. (CVE-2009-1891)\n\nThis update also fixes the following bug :\n\n* in some cases the Content-Length header was dropped from HEAD\nresponses. This resulted in certain sites not working correctly with\nmod_proxy, such as www.windowsupdate.com. (BZ#506016)\n\nAll httpd users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the httpd daemon must be restarted for the\nupdate to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-August/016066.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?692bb5f7\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-August/016067.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5345811c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected httpd packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/08/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"httpd-2.0.46-75.ent.centos\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"httpd-2.0.46-75.ent.centos\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"httpd-devel-2.0.46-75.ent.centos\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"httpd-devel-2.0.46-75.ent.centos\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"mod_ssl-2.0.46-75.ent.centos\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"mod_ssl-2.0.46-75.ent.centos\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:12:15", "bulletinFamily": "scanner", "description": "Updated httpd packages that fix multiple security issues and a bug are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe Apache HTTP Server is a popular Web server. The httpd package shipped with Red Hat Enterprise Linux 3 contains embedded copies of the Apache Portable Runtime (APR) libraries, which provide a free library of C data structures and routines, and also additional utility interfaces to support XML parsing, LDAP, database interfaces, URI parsing, and more.\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way the Apache Portable Runtime (APR) manages memory pool and relocatable memory allocations. An attacker could use these flaws to issue a specially crafted request for memory allocation, which would lead to a denial of service (application crash) or, potentially, execute arbitrary code with the privileges of an application using the APR libraries. (CVE-2009-2412)\n\nA denial of service flaw was found in the Apache mod_deflate module.\nThis module continued to compress large files until compression was complete, even if the network connection that requested the content was closed before compression completed. This would cause mod_deflate to consume large amounts of CPU if mod_deflate was enabled for a large file. (CVE-2009-1891)\n\nThis update also fixes the following bug :\n\n* in some cases the Content-Length header was dropped from HEAD responses. This resulted in certain sites not working correctly with mod_proxy, such as www.windowsupdate.com. (BZ#506016)\n\nAll httpd users should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "modified": "2018-11-27T00:00:00", "id": "REDHAT-RHSA-2009-1205.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=40543", "published": "2009-08-11T00:00:00", "title": "RHEL 3 : httpd (RHSA-2009:1205)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1205. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40543);\n script_version (\"1.23\");\n script_cvs_date(\"Date: 2018/11/27 13:31:32\");\n\n script_cve_id(\"CVE-2009-1891\", \"CVE-2009-2412\");\n script_bugtraq_id(35623, 35949);\n script_xref(name:\"RHSA\", value:\"2009:1205\");\n\n script_name(english:\"RHEL 3 : httpd (RHSA-2009:1205)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated httpd packages that fix multiple security issues and a bug are\nnow available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Apache HTTP Server is a popular Web server. The httpd package\nshipped with Red Hat Enterprise Linux 3 contains embedded copies of\nthe Apache Portable Runtime (APR) libraries, which provide a free\nlibrary of C data structures and routines, and also additional utility\ninterfaces to support XML parsing, LDAP, database interfaces, URI\nparsing, and more.\n\nMultiple integer overflow flaws, leading to heap-based buffer\noverflows, were found in the way the Apache Portable Runtime (APR)\nmanages memory pool and relocatable memory allocations. An attacker\ncould use these flaws to issue a specially crafted request for memory\nallocation, which would lead to a denial of service (application\ncrash) or, potentially, execute arbitrary code with the privileges of\nan application using the APR libraries. (CVE-2009-2412)\n\nA denial of service flaw was found in the Apache mod_deflate module.\nThis module continued to compress large files until compression was\ncomplete, even if the network connection that requested the content\nwas closed before compression completed. This would cause mod_deflate\nto consume large amounts of CPU if mod_deflate was enabled for a large\nfile. (CVE-2009-1891)\n\nThis update also fixes the following bug :\n\n* in some cases the Content-Length header was dropped from HEAD\nresponses. This resulted in certain sites not working correctly with\nmod_proxy, such as www.windowsupdate.com. (BZ#506016)\n\nAll httpd users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the httpd daemon must be restarted for the\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-1891\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-2412\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1205\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected httpd, httpd-devel and / or mod_ssl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/08/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1205\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"httpd-2.0.46-75.ent\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"httpd-devel-2.0.46-75.ent\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"mod_ssl-2.0.46-75.ent\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-devel / mod_ssl\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:12:15", "bulletinFamily": "scanner", "description": "USN-813-1 fixed vulnerabilities in apr. This update provides the corresponding updates for apr-util.\n\nMatt Lewis discovered that apr did not properly sanitize its input when allocating memory. If an application using apr processed crafted input, a remote attacker could cause a denial of service or potentially execute arbitrary code as the user invoking the application.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-11-28T00:00:00", "id": "UBUNTU_USN-813-3.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=40531", "published": "2009-08-10T00:00:00", "title": "Ubuntu 8.04 LTS / 8.10 / 9.04 : apr-util vulnerability (USN-813-3)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-813-3. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40531);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/11/28 22:47:45\");\n\n script_cve_id(\"CVE-2009-2412\");\n script_bugtraq_id(35949);\n script_xref(name:\"USN\", value:\"813-3\");\n\n script_name(english:\"Ubuntu 8.04 LTS / 8.10 / 9.04 : apr-util vulnerability (USN-813-3)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"USN-813-1 fixed vulnerabilities in apr. This update provides the\ncorresponding updates for apr-util.\n\nMatt Lewis discovered that apr did not properly sanitize its input\nwhen allocating memory. If an application using apr processed crafted\ninput, a remote attacker could cause a denial of service or\npotentially execute arbitrary code as the user invoking the\napplication.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/813-3/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected libaprutil1, libaprutil1-dbg and / or\nlibaprutil1-dev packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libaprutil1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libaprutil1-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libaprutil1-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/08/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2018 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(8\\.04|8\\.10|9\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04 / 8.10 / 9.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libaprutil1\", pkgver:\"1.2.12+dfsg-3ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libaprutil1-dbg\", pkgver:\"1.2.12+dfsg-3ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libaprutil1-dev\", pkgver:\"1.2.12+dfsg-3ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libaprutil1\", pkgver:\"1.2.12+dfsg-7ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libaprutil1-dbg\", pkgver:\"1.2.12+dfsg-7ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libaprutil1-dev\", pkgver:\"1.2.12+dfsg-7ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libaprutil1\", pkgver:\"1.2.12+dfsg-8ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libaprutil1-dbg\", pkgver:\"1.2.12+dfsg-8ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libaprutil1-dev\", pkgver:\"1.2.12+dfsg-8ubuntu0.3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libaprutil1 / libaprutil1-dbg / libaprutil1-dev\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:12:15", "bulletinFamily": "scanner", "description": "CVE-2009-2412: allocator alignment fixes Full details here:\nhttp://www.apache.org/dist/apr/patches/\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2016-05-11T00:00:00", "id": "FEDORA_2009-8336.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=40514", "published": "2009-08-10T00:00:00", "title": "Fedora 11 : apr-1.3.8-1.fc11 (2009-8336)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-8336.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40514);\n script_version (\"$Revision: 1.13 $\");\n script_cvs_date(\"$Date: 2016/05/11 13:16:07 $\");\n\n script_cve_id(\"CVE-2009-2412\");\n script_bugtraq_id(35949);\n script_xref(name:\"FEDORA\", value:\"2009-8336\");\n\n script_name(english:\"Fedora 11 : apr-1.3.8-1.fc11 (2009-8336)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2009-2412: allocator alignment fixes Full details here:\nhttp://www.apache.org/dist/apr/patches/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.apache.org/dist/apr/patches/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=515698\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-August/027590.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1160ae48\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected apr package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:apr\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/08/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^11([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 11.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC11\", reference:\"apr-1.3.8-1.fc11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apr\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:12:15", "bulletinFamily": "scanner", "description": "A vulnerability has been identified and corrected in apr and apr-util :\n\nMultiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger crafted calls to the (1) allocator_alloc or (2) apr_palloc function in memory/unix/apr_pools.c in APR; or crafted calls to the (3) apr_rmm_malloc, (4) apr_rmm_calloc, or (5) apr_rmm_realloc function in misc/apr_rmm.c in APR-util; leading to buffer overflows. NOTE: some of these details are obtained from third-party information (CVE-2009-2412).\n\nThis update provides fixes for these vulnerabilities.", "modified": "2018-07-19T00:00:00", "id": "MANDRIVA_MDVSA-2009-195.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=40509", "published": "2009-08-07T00:00:00", "title": "Mandriva Linux Security Advisory : apr (MDVSA-2009:195)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:195. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40509);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/07/19 20:59:16\");\n\n script_cve_id(\"CVE-2009-2412\");\n script_bugtraq_id(35949);\n script_xref(name:\"MDVSA\", value:\"2009:195\");\n\n script_name(english:\"Mandriva Linux Security Advisory : apr (MDVSA-2009:195)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability has been identified and corrected in apr and \napr-util :\n\nMultiple integer overflows in the Apache Portable Runtime (APR)\nlibrary and the Apache Portable Utility library (aka APR-util) 0.9.x\nand 1.3.x allow remote attackers to cause a denial of service\n(application crash) or possibly execute arbitrary code via vectors\nthat trigger crafted calls to the (1) allocator_alloc or (2)\napr_palloc function in memory/unix/apr_pools.c in APR; or crafted\ncalls to the (3) apr_rmm_malloc, (4) apr_rmm_calloc, or (5)\napr_rmm_realloc function in misc/apr_rmm.c in APR-util; leading to\nbuffer overflows. NOTE: some of these details are obtained from\nthird-party information (CVE-2009-2412).\n\nThis update provides fixes for these vulnerabilities.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apr-util-dbd-freetds\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apr-util-dbd-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apr-util-dbd-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apr-util-dbd-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apr-util-dbd-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apr-util-dbd-sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64apr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64apr-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64apr-util1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64apr1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libapr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libapr-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libapr-util1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libapr1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.1\", reference:\"apr-util-dbd-mysql-1.2.12-4.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"apr-util-dbd-pgsql-1.2.12-4.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"apr-util-dbd-sqlite3-1.2.12-4.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64apr-devel-1.2.12-3.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64apr-util-devel-1.2.12-4.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64apr-util1-1.2.12-4.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64apr1-1.2.12-3.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libapr-devel-1.2.12-3.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libapr-util-devel-1.2.12-4.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libapr-util1-1.2.12-4.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libapr1-1.2.12-3.1mdv2008.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.0\", reference:\"apr-util-dbd-freetds-1.3.4-2.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apr-util-dbd-ldap-1.3.4-2.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apr-util-dbd-mysql-1.3.4-2.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apr-util-dbd-odbc-1.3.4-2.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apr-util-dbd-pgsql-1.3.4-2.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apr-util-dbd-sqlite3-1.3.4-2.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64apr-devel-1.3.3-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64apr-util-devel-1.3.4-2.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64apr-util1-1.3.4-2.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64apr1-1.3.3-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libapr-devel-1.3.3-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libapr-util-devel-1.3.4-2.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libapr-util1-1.3.4-2.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libapr1-1.3.3-2.1mdv2009.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.1\", reference:\"apr-util-dbd-freetds-1.3.4-9.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apr-util-dbd-ldap-1.3.4-9.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apr-util-dbd-mysql-1.3.4-9.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apr-util-dbd-odbc-1.3.4-9.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apr-util-dbd-pgsql-1.3.4-9.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apr-util-dbd-sqlite3-1.3.4-9.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64apr-devel-1.3.3-5.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64apr-util-devel-1.3.4-9.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64apr-util1-1.3.4-9.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64apr1-1.3.3-5.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libapr-devel-1.3.3-5.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libapr-util-devel-1.3.4-9.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libapr-util1-1.3.4-9.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libapr1-1.3.3-5.1mdv2009.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:12:55", "bulletinFamily": "scanner", "description": "Updated apr and apr-util packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe Apache Portable Runtime (APR) is a portability library used by the Apache HTTP Server and other projects. It aims to provide a free library of C data structures and routines. apr-util is a utility library used with APR. This library provides additional utility interfaces for APR; including support for XML parsing, LDAP, database interfaces, URI parsing, and more.\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way the Apache Portable Runtime (APR) manages memory pool and relocatable memory allocations. An attacker could use these flaws to issue a specially crafted request for memory allocation, which would lead to a denial of service (application crash) or, potentially, execute arbitrary code with the privileges of an application using the APR libraries. (CVE-2009-2412)\n\nAll apr and apr-util users should upgrade to these updated packages, which contain backported patches to correct these issues. Applications using the APR libraries, such as httpd, must be restarted for this update to take effect.", "modified": "2018-11-10T00:00:00", "id": "CENTOS_RHSA-2009-1204.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=43776", "published": "2010-01-06T00:00:00", "title": "CentOS 5 : apr (CESA-2009:1204)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1204 and \n# CentOS Errata and Security Advisory 2009:1204 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(43776);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/11/10 11:49:29\");\n\n script_cve_id(\"CVE-2009-2412\");\n script_bugtraq_id(35949);\n script_xref(name:\"RHSA\", value:\"2009:1204\");\n\n script_name(english:\"CentOS 5 : apr (CESA-2009:1204)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated apr and apr-util packages that fix multiple security issues\nare now available for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Apache Portable Runtime (APR) is a portability library used by the\nApache HTTP Server and other projects. It aims to provide a free\nlibrary of C data structures and routines. apr-util is a utility\nlibrary used with APR. This library provides additional utility\ninterfaces for APR; including support for XML parsing, LDAP, database\ninterfaces, URI parsing, and more.\n\nMultiple integer overflow flaws, leading to heap-based buffer\noverflows, were found in the way the Apache Portable Runtime (APR)\nmanages memory pool and relocatable memory allocations. An attacker\ncould use these flaws to issue a specially crafted request for memory\nallocation, which would lead to a denial of service (application\ncrash) or, potentially, execute arbitrary code with the privileges of\nan application using the APR libraries. (CVE-2009-2412)\n\nAll apr and apr-util users should upgrade to these updated packages,\nwhich contain backported patches to correct these issues. Applications\nusing the APR libraries, such as httpd, must be restarted for this\nupdate to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-August/016072.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?eab52a61\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-August/016073.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4f4407b1\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected apr packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:apr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:apr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:apr-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:apr-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:apr-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:apr-util-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/08/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"apr-1.2.7-11.el5_3.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"apr-devel-1.2.7-11.el5_3.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"apr-docs-1.2.7-11.el5_3.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"apr-util-1.2.7-7.el5_3.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"apr-util-devel-1.2.7-7.el5_3.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"apr-util-docs-1.2.7-7.el5_3.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:12:38", "bulletinFamily": "scanner", "description": "This update of libapr-util1 and libapr1 fixes multiple integer overflows that could probably be used to execute arbitrary code remotely. (CVE-2009-2412)", "modified": "2014-06-13T00:00:00", "id": "SUSE_LIBAPR-UTIL1-6547.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=42323", "published": "2009-10-30T00:00:00", "title": "openSUSE 10 Security Update : libapr-util1 (libapr-util1-6547)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libapr-util1-6547.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42323);\n script_version (\"$Revision: 1.5 $\");\n script_cvs_date(\"$Date: 2014/06/13 20:11:36 $\");\n\n script_cve_id(\"CVE-2009-2412\");\n\n script_name(english:\"openSUSE 10 Security Update : libapr-util1 (libapr-util1-6547)\");\n script_summary(english:\"Check for the libapr-util1-6547 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of libapr-util1 and libapr1 fixes multiple integer\noverflows that could probably be used to execute arbitrary code\nremotely. (CVE-2009-2412)\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libapr-util1 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapr-util1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapr-util1-dbd-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapr-util1-dbd-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapr-util1-dbd-sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapr-util1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapr1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapr1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libapr-util1-1.2.8-68.4\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libapr-util1-dbd-mysql-1.2.8-68.4\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libapr-util1-dbd-pgsql-1.2.8-68.4\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libapr-util1-dbd-sqlite3-1.2.8-68.4\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libapr-util1-devel-1.2.8-68.4\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libapr1-1.2.9-9.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libapr1-devel-1.2.9-9.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libapr1\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:19:22", "bulletinFamily": "scanner", "description": "From Red Hat Security Advisory 2009:1204 :\n\nUpdated apr and apr-util packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe Apache Portable Runtime (APR) is a portability library used by the Apache HTTP Server and other projects. It aims to provide a free library of C data structures and routines. apr-util is a utility library used with APR. This library provides additional utility interfaces for APR; including support for XML parsing, LDAP, database interfaces, URI parsing, and more.\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way the Apache Portable Runtime (APR) manages memory pool and relocatable memory allocations. An attacker could use these flaws to issue a specially crafted request for memory allocation, which would lead to a denial of service (application crash) or, potentially, execute arbitrary code with the privileges of an application using the APR libraries. (CVE-2009-2412)\n\nAll apr and apr-util users should upgrade to these updated packages, which contain backported patches to correct these issues. Applications using the APR libraries, such as httpd, must be restarted for this update to take effect.", "modified": "2016-05-06T00:00:00", "id": "ORACLELINUX_ELSA-2009-1204.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=67907", "published": "2013-07-12T00:00:00", "title": "Oracle Linux 4 / 5 : apr / apr-util (ELSA-2009-1204)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:1204 and \n# Oracle Linux Security Advisory ELSA-2009-1204 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(67907);\n script_version(\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2016/05/06 16:53:47 $\");\n\n script_cve_id(\"CVE-2009-2412\");\n script_bugtraq_id(35949);\n script_xref(name:\"RHSA\", value:\"2009:1204\");\n\n script_name(english:\"Oracle Linux 4 / 5 : apr / apr-util (ELSA-2009-1204)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:1204 :\n\nUpdated apr and apr-util packages that fix multiple security issues\nare now available for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Apache Portable Runtime (APR) is a portability library used by the\nApache HTTP Server and other projects. It aims to provide a free\nlibrary of C data structures and routines. apr-util is a utility\nlibrary used with APR. This library provides additional utility\ninterfaces for APR; including support for XML parsing, LDAP, database\ninterfaces, URI parsing, and more.\n\nMultiple integer overflow flaws, leading to heap-based buffer\noverflows, were found in the way the Apache Portable Runtime (APR)\nmanages memory pool and relocatable memory allocations. An attacker\ncould use these flaws to issue a specially crafted request for memory\nallocation, which would lead to a denial of service (application\ncrash) or, potentially, execute arbitrary code with the privileges of\nan application using the APR libraries. (CVE-2009-2412)\n\nAll apr and apr-util users should upgrade to these updated packages,\nwhich contain backported patches to correct these issues. Applications\nusing the APR libraries, such as httpd, must be restarted for this\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-August/001107.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-August/001111.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apr and / or apr-util packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:apr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:apr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:apr-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:apr-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:apr-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:apr-util-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/08/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4 / 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"apr-0.9.4-24.9.el4_8.2\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"apr-devel-0.9.4-24.9.el4_8.2\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"apr-util-0.9.4-22.el4_8.2\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"apr-util-devel-0.9.4-22.el4_8.2\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"apr-1.2.7-11.el5_3.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"apr-devel-1.2.7-11.el5_3.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"apr-docs-1.2.7-11.el5_3.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"apr-util-1.2.7-7.el5_3.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"apr-util-devel-1.2.7-7.el5_3.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"apr-util-docs-1.2.7-7.el5_3.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apr / apr-devel / apr-docs / apr-util / apr-util-devel / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2019-08-13T18:44:53", "bulletinFamily": "unix", "description": "The Apache HTTP Server is a popular Web server. The httpd package shipped\nwith Red Hat Enterprise Linux 3 contains embedded copies of the Apache\nPortable Runtime (APR) libraries, which provide a free library of C data\nstructures and routines, and also additional utility interfaces to support\nXML parsing, LDAP, database interfaces, URI parsing, and more.\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows,\nwere found in the way the Apache Portable Runtime (APR) manages memory pool\nand relocatable memory allocations. An attacker could use these flaws to\nissue a specially-crafted request for memory allocation, which would lead\nto a denial of service (application crash) or, potentially, execute\narbitrary code with the privileges of an application using the APR\nlibraries. (CVE-2009-2412)\n\nA denial of service flaw was found in the Apache mod_deflate module. This\nmodule continued to compress large files until compression was complete,\neven if the network connection that requested the content was closed\nbefore compression completed. This would cause mod_deflate to consume\nlarge amounts of CPU if mod_deflate was enabled for a large file.\n(CVE-2009-1891)\n\nThis update also fixes the following bug:\n\n* in some cases the Content-Length header was dropped from HEAD responses.\nThis resulted in certain sites not working correctly with mod_proxy, such\nas www.windowsupdate.com. (BZ#506016)\n\nAll httpd users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the httpd daemon must be restarted for the update to take effect.", "modified": "2018-05-26T04:26:18", "published": "2009-08-10T04:00:00", "id": "RHSA-2009:1205", "href": "https://access.redhat.com/errata/RHSA-2009:1205", "type": "redhat", "title": "(RHSA-2009:1205) Moderate: httpd security and bug fix update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:46:39", "bulletinFamily": "unix", "description": "The Apache Portable Runtime (APR) is a portability library used by the\nApache HTTP Server and other projects. It aims to provide a free library\nof C data structures and routines. apr-util is a utility library used with\nAPR. This library provides additional utility interfaces for APR; including\nsupport for XML parsing, LDAP, database interfaces, URI parsing, and more.\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows,\nwere found in the way the Apache Portable Runtime (APR) manages memory pool\nand relocatable memory allocations. An attacker could use these flaws to\nissue a specially-crafted request for memory allocation, which would lead\nto a denial of service (application crash) or, potentially, execute\narbitrary code with the privileges of an application using the APR\nlibraries. (CVE-2009-2412)\n\nAll apr and apr-util users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. Applications using the\nAPR libraries, such as httpd, must be restarted for this update to take\neffect.", "modified": "2017-09-08T11:47:44", "published": "2009-08-10T04:00:00", "id": "RHSA-2009:1204", "href": "https://access.redhat.com/errata/RHSA-2009:1204", "type": "redhat", "title": "(RHSA-2009:1204) Moderate: apr and apr-util security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:38:38", "bulletinFamily": "unix", "description": "[2.0.46-75.0.1.ent]\n- use oracle index page oracle_index.html\n- remove logos in powered_by.gif and powered_by_rh.png\n- add apr-configure.patch\n[2.0.46-75.ent]\n- add security fix for CVE-2009-1891 (#515705)\n- include fix for upstream PR 39605\n[2.0.46-74.ent]\n- add security fixes for CVE-2009-2412 (#515705)\n- add fix to preserve Content-Length for proxied HEAD (#506016) ", "modified": "2009-08-10T00:00:00", "published": "2009-08-10T00:00:00", "id": "ELSA-2009-1205", "href": "http://linux.oracle.com/errata/ELSA-2009-1205.html", "title": "httpd security and bug fix update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:22", "bulletinFamily": "unix", "description": " \napr:\r\n \n[1.2.7-11.1]\r\n- add security fix for CVE-2009-2412 (#515709)\r\n \napr-util:\r\n \n[1.2.7-7.el5_3.2]\r\n- add security fix for CVE-2009-2412 (#515713)", "modified": "2009-08-10T00:00:00", "published": "2009-08-10T00:00:00", "id": "ELSA-2009-1204", "href": "http://linux.oracle.com/errata/ELSA-2009-1204.html", "title": "apr and apr-util security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:13", "bulletinFamily": "unix", "description": "[2.2.3-22.0.1.el5_3.2]\n- Replace index.html with Oracle's index page oracle_index.html\n- Update vstring and distro in specfile\n[2.2.3-22.el5_3.2]\n- add security fixes for CVE-2009-1890, CVE-2009-1891 (#509782)", "modified": "2009-07-09T00:00:00", "published": "2009-07-09T00:00:00", "id": "ELSA-2009-1148", "href": "http://linux.oracle.com/errata/ELSA-2009-1148.html", "title": "httpd security update", "type": "oraclelinux", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "httpd": [{"lastseen": "2016-09-26T21:39:37", "bulletinFamily": "software", "description": "\nA denial of service flaw was found in the mod_deflate module. This\nmodule continued to compress large files until compression was\ncomplete, even if the network connection that requested the content\nwas closed before compression completed. This would cause mod_deflate\nto consume large amounts of CPU if mod_deflate was enabled for a large\nfile.", "modified": "2009-07-27T00:00:00", "published": "2009-06-26T00:00:00", "id": "HTTPD:9ABDC7E294E94BEDA47AC9B86645BD13", "href": "https://httpd.apache.org/security_report.html", "type": "httpd", "title": "Apache Httpd < 2.2.12: mod_deflate DoS", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-26T21:39:37", "bulletinFamily": "software", "description": "\nA denial of service flaw was found in the mod_deflate module. This\nmodule continued to compress large files until compression was\ncomplete, even if the network connection that requested the content\nwas closed before compression completed. This would cause mod_deflate\nto consume large amounts of CPU if mod_deflate was enabled for a large\nfile.", "modified": "2010-10-19T00:00:00", "published": "2009-06-26T00:00:00", "id": "HTTPD:AC71A08C99F9508200CA999C87E53165", "href": "https://httpd.apache.org/security_report.html", "type": "httpd", "title": "Apache Httpd < 2.0.64: mod_deflate DoS", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T17:19:10", "bulletinFamily": "software", "description": "\nA denial of service flaw was found in the mod_deflate module. This\nmodule continued to compress large files until compression was\ncomplete, even if the network connection that requested the content\nwas closed before compression completed. This would cause mod_deflate\nto consume large amounts of CPU if mod_deflate was enabled for a large\nfile.", "modified": "2009-06-26T00:00:00", "published": "2009-06-26T00:00:00", "id": "HTTPD:C538A9873CDC035E18FA06D6A02323B5", "href": "https://httpd.apache.org/security_report.html", "title": "Apache Httpd < None: mod_deflate DoS", "type": "httpd", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2016-09-26T21:39:37", "bulletinFamily": "software", "description": "\nA flaw in apr_palloc() in the bundled copy of APR could\ncause heap overflows in programs that try to apr_palloc() a user\ncontrolled size. The Apache HTTP Server itself does not pass \nunsanitized user-provided sizes to this function, so it could only\nbe triggered through some other application which uses apr_palloc()\nin a vulnerable way.\n", "modified": "2010-10-19T00:00:00", "published": "2009-07-27T00:00:00", "id": "HTTPD:C67FA15AC06B0B82FE19C7B9ECC66350", "href": "https://httpd.apache.org/security_report.html", "type": "httpd", "title": "Apache Httpd < 2.0.64: APR apr_palloc heap overflow", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T17:19:10", "bulletinFamily": "software", "description": "\nA flaw in apr_palloc() in the bundled copy of APR could\ncause heap overflows in programs that try to apr_palloc() a user\ncontrolled size. The Apache HTTP Server itself does not pass \nunsanitized user-provided sizes to this function, so it could only\nbe triggered through some other application which uses apr_palloc()\nin a vulnerable way.\n", "modified": "2009-08-04T00:00:00", "published": "2009-07-27T00:00:00", "id": "HTTPD:4901C61501FDBE6F1DBAF673D472D534", "href": "https://httpd.apache.org/security_report.html", "title": "Apache Httpd < None: APR apr_palloc heap overflow", "type": "httpd", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2016-09-26T21:39:37", "bulletinFamily": "software", "description": "\nA flaw in apr_palloc() in the bundled copy of APR could\ncause heap overflows in programs that try to apr_palloc() a user\ncontrolled size. The Apache HTTP Server itself does not pass \nunsanitized user-provided sizes to this function, so it could only\nbe triggered through some other application which uses apr_palloc()\nin a vulnerable way.\n", "modified": "2009-08-09T00:00:00", "published": "2009-07-27T00:00:00", "id": "HTTPD:6A0D341DB569FACF7F8A423D96B149BD", "href": "https://httpd.apache.org/security_report.html", "type": "httpd", "title": "Apache Httpd < 2.2.13: APR apr_palloc heap overflow", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "seebug": [{"lastseen": "2017-11-19T18:50:43", "bulletinFamily": "exploit", "description": "Bugraq ID: 35623\r\nCVE ID\uff1aCVE-2009-1891\r\n\r\nApache\u662f\u4e00\u6b3e\u6d41\u884cHTTP\u670d\u52a1\u7a0b\u5e8f\u3002\r\nApache mod_deflat\u6a21\u5757\u4e0d\u6b63\u786e\u5904\u7406\u7279\u6b8a\u8bf7\u6c42\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u4f7f\u670d\u52a1\u7a0b\u5e8f\u5d29\u6e83\u3002\r\n\u5f53mod_deflate\u542f\u7528\u65f6\u4e0b\u8f7d\u4e00\u4e2a\u6587\u4ef6\uff0c\u5728\u7ed3\u675f\u4e4b\u524d\u4e2d\u6b62\u8fde\u63a5\uff0c\u4f1a\u4f7fCPU\u538b\u7f29\u6587\u4ef6\u8fbe\u5230100%\u5229\u7528\u7387\u3002\r\n\u5373\u4f7f\u4e00\u4e2a\u4e0d\u592a\u5927\u7684\u6587\u4ef6(\u51e0MB)\uff0c\u901a\u8fc7\u5728\u8fd9\u4e2a\u6587\u4ef6\u4e2d\u63d0\u4ea4\u540c\u6b65\u8bf7\u6c42\u5e76\u9a6c\u4e0a\u4e2d\u6b62\u8fde\u63a5\uff0c\u7531\u4e8e\u8fd9\u4e2a\u6587\u4ef6\u5728\u5e73\u884c\u8fc7\u7a0b\u4e2d\u591a\u6b21\u538b\u7f29\uff0c\u53ef\u5bfc\u81f4\u6d88\u8017\u5927\u91cfCPU\u65f6\u95f4\u800c\u9020\u6210\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\n\nApache Software Foundation Apache 2.2.11\r\nApache Software Foundation Apache 2.2.10\r\nApache Software Foundation Apache 2.2.9\r\nApache Software Foundation Apache 2.2.8\r\nApache Software Foundation Apache 2.2.6\r\nApache Software Foundation Apache 2.2.5\r\nApache Software Foundation Apache 2.2.4\r\nApache Software Foundation Apache 2.2.3\r\nApache Software Foundation Apache 2.2.2\r\nApache Software Foundation Apache 2.2.7-dev\r\nApache Software Foundation Apache 2.2.6-dev\r\nApache Software Foundation Apache 2.2.5-dev\r\nApache Software Foundation Apache 2.2.1\r\nApache Software Foundation Apache 2.2\n\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u94fe\u63a5\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttp://svn.apache.org/viewvc?view=rev&revision=791454", "modified": "2009-07-13T00:00:00", "published": "2009-07-13T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-11802", "id": "SSV:11802", "type": "seebug", "title": "Apache 'mod_deflate'\u8fdc\u7a0b\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "sourceData": "", "sourceHref": "", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-11-19T18:41:15", "bulletinFamily": "exploit", "description": "Bugraq ID: 35949\r\nCVE ID\uff1aCVE-2009-2412\r\n\r\nApache APR-util\u662f\u4e00\u6b3e\u53ef\u79fb\u690d\u8fd0\u884c\u5e93\uff0c\u5168\u540d\u4e3aApache Portable Runtime\u3002\r\nApache APR (Apache Portable Runtime)\u548c'APR-util'\u5b58\u5728\u6574\u6570\u6ea2\u51fa\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u4ee5\u5229\u7528\u6b64\u5e93\u7684\u5e94\u7528\u7a0b\u5e8f\u5b89\u5168\u4e0a\u4e0b\u6587\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\r\n-\u5f53\u5bf9\u9f50\u91cd\u5b9a\u4f4d\u5185\u5b58\u5757\u65f6memory/unix/apr_pools.c\u5b58\u5728\u6574\u6570\u6ea2\u51fa\u9519\u8bef\uff0c\u53ef\u5bfc\u81f4\u7f13\u51b2\u533a\u6ea2\u51fa\u3002\r\n-\u5f53\u5bf9\u9f50\u91cd\u5b9a\u4f4d\u5185\u5b58\u5757\u65f6misc/apr_rmm.c\u4e2d\u7684"apr_rmm_malloc()", "apr_rmm_calloc()", \u548c"apr_rmm_realloc()"\u51fd\u6570\u5b58\u5728\u6574\u6570\u6ea2\u51fa\uff0c\u53ef\u5bfc\u81f4\u4ee5\u5e94\u7528\u7a0b\u5e8f\u6743\u9650\u6267\u884c\u4efb\u610f\u6307\u4ee4\u3002\n\nApache Software Foundation APR-util 1.3.8\r\nApache Software Foundation APR-util 1.3.7\r\nApache Software Foundation APR-util 1.3.6\r\nApache Software Foundation APR-util 1.3.5\r\nApache Software Foundation APR-util 1.3.4\r\nApache Software Foundation APR-util 0.9.17\r\nApache Software Foundation APR-util 0.9.16\r\nApache Software Foundation APR-util 0.9.7\r\nApache Software Foundation Apache Portable Runtime 1.3.7\r\nApache Software Foundation Apache Portable Runtime 0.9.18\n\u5382\u5546\u89e3\u51b3\u65b9\u6848\r\nAPache SVN\u5e93\u4e2d\u5df2\u7ecf\u4fee\u590d\u6b64\u6f0f\u6d1e\uff1a\r\nhttp://svn.apache.org/viewvc/apr/apr-...isc/apr_rmm.c?r1=647687&r2=800735\r\nhttp://svn.apache.org/viewvc/apr/apr-...isc/apr_rmm.c?r1=230441&r2=800736", "modified": "2009-08-06T00:00:00", "published": "2009-08-06T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-11999", "id": "SSV:11999", "title": "Apache APR\u548cAPR-util\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e", "type": "seebug", "sourceData": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": ""}], "suse": [{"lastseen": "2016-09-04T12:33:55", "bulletinFamily": "unix", "description": "The Apache web server was updated to fix various security issues: - the option IncludesNOEXEC could be bypassed via .htaccess (CVE-2009-1195) - mod_proxy could run into an infinite loop when used as reverse proxy (CVE-2009-1890) - mod_deflate continued to compress large files even after a network connection was closed, causing mod_deflate to consume large amounts of CPU (CVE-2009-1891) - The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command. (CVE-2009-3094) - access restriction bypass in mod_proxy_ftp module (CVE-2009-3095)\n#### Solution\nThere is no known workaround, please install the update packages.", "modified": "2009-10-26T13:21:56", "published": "2009-10-26T13:21:56", "id": "SUSE-SA:2009:050", "href": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00006.html", "title": "potential code execution in apache2,libapr1", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "slackware": [{"lastseen": "2019-05-30T07:37:08", "bulletinFamily": "unix", "description": "New apr packages are available for Slackware 11.0, 12.0, 12.1, 12.2,\nand -current to fix a security issue.\n\nMore details about this issue may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412\n\n\nHere are the details from the Slackware 12.2 ChangeLog:\n\npatches/packages/apr-1.3.8-i486-1_slack12.2.tgz: Upgraded.\n Fix overflow in pools and rmm, where size alignment was taking place.\n [Matt Lewis <mattlewis@google.com>, Sander Striker]\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 11.0:\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/apr-1.3.8-i486-1_slack11.0.tgz apr-util-1.3.9-i486-1_slack11.0.tgz\n\nUpdated package for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/apr-1.3.8-i486-1_slack12.0.tgz apr-util-1.3.9-i486-1_slack12.0.tgz\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/apr-1.3.8-i486-1_slack12.1.tgz apr-util-1.3.9-i486-1_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/apr-1.3.8-i486-1_slack12.2.tgz apr-util-1.3.9-i486-1_slack12.2.tgz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/apr-1.3.8-i486-1.txz l/apr-util-1.3.9-i486-1.txz\n\nUpdated package for Slackware64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/apr-1.3.8-x86_64-1.txz l/apr-util-1.3.9-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 11.0 package:\ndfb02bf26c81e640916ab1ad9b3a67ae apr-1.3.8-i486-1_slack11.0.tgz\n\nSlackware 12.0 package:\n30a9120cc1e77e07e48f1f4b2fa75f40 apr-1.3.8-i486-1_slack12.0.tgz\n\nSlackware 12.1 package:\nc1e7dcb613541281b1fd491442d5e94f apr-1.3.8-i486-1_slack12.1.tgz\n\nSlackware 12.2 package:\ncfb3a4a245b83a25f51e5552e39b2aa4 apr-1.3.8-i486-1_slack12.2.tgz\n\nSlackware -current package:\n4807d86a16ffff5f1d4974f1d5151cc1 apr-1.3.8-i486-1.txz\n\nSlackware64 -current package:\n223252fbe0ffb7aa836eab131a1bef84 apr-1.3.8-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg apr-1.3.8-i486-1_slack12.2.tgz", "modified": "2009-08-07T00:59:06", "published": "2009-08-07T00:59:06", "id": "SSA-2009-219-02", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.431437", "title": "apr", "type": "slackware", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-30T07:37:21", "bulletinFamily": "unix", "description": "New apr-util packages are available for Slackware 11.0, 12.0, 12.1, 12.2,\nand -current to fix a security issue.\n\nMore details about this issue may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412\n\n\nHere are the details from the Slackware 12.2 ChangeLog:\n\npatches/packages/apr-util-1.3.9-i486-1_slack12.2.tgz: Upgraded.\n Fix overflow in rmm, where size alignment was taking place.\n [Matt Lewis <mattlewis@google.com>, Sander Striker]\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 11.0:\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/apr-util-1.3.9-i486-1_slack11.0.tgz\n\nUpdated package for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/apr-util-1.3.9-i486-1_slack12.0.tgz\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/apr-util-1.3.9-i486-1_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/apr-util-1.3.9-i486-1_slack12.2.tgz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/apr-util-1.3.9-i486-1.txz\n\nUpdated package for Slackware64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/apr-util-1.3.9-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 11.0 package:\n9baa25b2f587ffad1d159f1fba16076c apr-util-1.3.9-i486-1_slack11.0.tgz\n\nSlackware 12.0 package:\na77d38c2aaeb33defdd21341d333aeec apr-util-1.3.9-i486-1_slack12.0.tgz\n\nSlackware 12.1 package:\n1c7e513180d33583902815b8134ea79c apr-util-1.3.9-i486-1_slack12.1.tgz\n\nSlackware 12.2 package:\n439f26a9493f12ef98ff6bc22eb61c09 apr-util-1.3.9-i486-1_slack12.2.tgz\n\nSlackware -current package:\na968abfacb66fa6959384b995af5f3bf apr-util-1.3.9-i486-1.txz\n\nSlackware64 -current package:\nab0b42a896f38d3d9309e9af1428bce9 apr-util-1.3.9-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg apr-util-1.3.9-i486-1_slack12.2.tgz", "modified": "2009-08-07T00:59:27", "published": "2009-08-07T00:59:27", "id": "SSA-2009-219-03", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.423906", "title": "apr-util", "type": "slackware", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2019-05-30T02:22:58", "bulletinFamily": "unix", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1854-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nAugust 08, 2009 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : apr, apr-util\nVulnerability : heap buffer overflow\nDebian-specific: no\nCVE Id(s) : CVE-2009-2412\n\nMatt Lewis discovered that the memory management code in the Apache\nPortable Runtime (APR) library does not guard against a wrap-around\nduring size computations. This could cause the library to return a\nmemory area which smaller than requested, resulting a heap overflow\nand possibly arbitrary code execution.\n\nFor the old stable distribution (etch), this problem has been fixed in\nversion 1.2.7-9 of the apr package, and version 1.2.7+dfsg-2+etch3 of\nthe apr-util package.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.2.12-5+lenny1 of the apr package and version 1.2.12-5+lenny1\nof the apr-util package.\n\nFor the unstable distribution (sid), this problem will be fixed soon.\n\nWe recommend that you upgrade your APR packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.7+dfsg.orig.tar.gz\n Size/MD5 checksum: 643328 a3117be657f99e92316be40add59b9ff\n http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.7+dfsg-2+etch3.dsc\n Size/MD5 checksum: 1036 9dc256c005a7f544c4d5c410b226fb74\n http://security.debian.org/pool/updates/main/a/apr/apr_1.2.7-9.diff.gz\n Size/MD5 checksum: 26613 021ef3aa5b3a9fc021779a0b6a6a4ec9\n http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.7+dfsg-2+etch3.diff.gz\n Size/MD5 checksum: 21651 e090ebfd7174c90bae4e4935a3d3db15\n http://security.debian.org/pool/updates/main/a/apr/apr_1.2.7.orig.tar.gz\n Size/MD5 checksum: 1102370 aea926cbe588f844ad9e317157d60175\n http://security.debian.org/pool/updates/main/a/apr/apr_1.2.7-9.dsc\n Size/MD5 checksum: 856 89662625fd7a34ceb514087de869d918\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_alpha.deb\n Size/MD5 checksum: 121726 df1e2d6e8bf9ed485ad417fe274eb0e3\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_alpha.deb\n Size/MD5 checksum: 83690 b5873275f420b15f9868ea0dde699c60\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_alpha.deb\n Size/MD5 checksum: 371668 4e8bd42151f3cdf8cee91c49599aab42\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_alpha.deb\n Size/MD5 checksum: 129158 5074639b4b0d9877ff29b96540fdfaec\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_alpha.deb\n Size/MD5 checksum: 185420 ddf84849ff3bee792dc187c6d21958bd\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_alpha.deb\n Size/MD5 checksum: 148140 079cff06535a7e3f4e9a5d682d80bb1b\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_amd64.deb\n Size/MD5 checksum: 72946 6b11e4b65bdf67981a091177d9644007\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_amd64.deb\n Size/MD5 checksum: 126156 b420f555d02504e0497a0ba3c27e0cac\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_amd64.deb\n Size/MD5 checksum: 127742 1606857f3291ccb10e038219f1f2eab3\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_amd64.deb\n Size/MD5 checksum: 187302 bb1a4aa5768fa012201ad1e72bc27e93\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_amd64.deb\n Size/MD5 checksum: 348120 b5d6b4e7c628dffe867159b54b6c82f1\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_amd64.deb\n Size/MD5 checksum: 111664 6b51dc29ea4defa975902d246188086f\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_arm.deb\n Size/MD5 checksum: 121504 3ba789c274f2ed7030aa286ea57dbb3d\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_arm.deb\n Size/MD5 checksum: 175146 86ff258e9181fa424cb043dc22e2c0e0\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_arm.deb\n Size/MD5 checksum: 117302 97d701c8f9d6746eb14448bfde8e8588\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_arm.deb\n Size/MD5 checksum: 104934 45a976662beb7ec3b15ee7c7a45f3de7\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_arm.deb\n Size/MD5 checksum: 66110 09c54142359236f50654bd9c7b375781\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_arm.deb\n Size/MD5 checksum: 335520 14d06ecfb54247718b780c893df8f4cc\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_hppa.deb\n Size/MD5 checksum: 126186 9494353aa42e983a245af2890dd2c6d7\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_hppa.deb\n Size/MD5 checksum: 78668 60c87b0e86c1ed31deecddd88cdf5fa5\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_hppa.deb\n Size/MD5 checksum: 133918 ae993c733053a326603c5b750505bee9\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_i386.deb\n Size/MD5 checksum: 116052 6238f10eb5077bb53b9664b82b985c40\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_i386.deb\n Size/MD5 checksum: 338694 262cec472ec3aaeb1b4d38eebaa940c8\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_i386.deb\n Size/MD5 checksum: 68854 78ab4f6425153d8b746b99842994d555\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_i386.deb\n Size/MD5 checksum: 109138 4aa254cacd4e95785ae823cedb1cce2f\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_i386.deb\n Size/MD5 checksum: 122136 4a16475bb5780625902c79069681ae74\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_i386.deb\n Size/MD5 checksum: 180654 481471d06045a2e348b55de6dbdf5f94\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_ia64.deb\n Size/MD5 checksum: 156562 52761fff3e82e21728e0c6a79bf4508f\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_ia64.deb\n Size/MD5 checksum: 99446 3ad58d882e434e39be525e7aa41d9e93\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_ia64.deb\n Size/MD5 checksum: 141894 5b7351a6b4c3765e3d76b9d22e04cf0e\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_ia64.deb\n Size/MD5 checksum: 118716 8c73712293cd4d9a5935aefd18a3e4c9\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_ia64.deb\n Size/MD5 checksum: 171514 f474001e4f852a44af517b5d6f737a65\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_ia64.deb\n Size/MD5 checksum: 385514 76d0bbda16c749f6a5b40fd6297a180a\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_mips.deb\n Size/MD5 checksum: 188816 de1ecb467042d2c1891cc1d2f5db83d9\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_mips.deb\n Size/MD5 checksum: 130394 fc34d9b137c080b63374d809c1d6bf8b\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_mips.deb\n Size/MD5 checksum: 130492 4d7cdffabbef214eeea0c02a346d0eb8\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_mips.deb\n Size/MD5 checksum: 70776 6fe66f5cb81c2a3af2fa0cd64a85cfd8\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_mips.deb\n Size/MD5 checksum: 357368 aab08f1596aead97cc48924ebf99c80e\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_mips.deb\n Size/MD5 checksum: 112644 9c6d720999259453daaa13e8ec3c8336\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_mipsel.deb\n Size/MD5 checksum: 186464 5b2392a143ff8a173a771b819377ab47\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_mipsel.deb\n Size/MD5 checksum: 128052 02e3c278190e92d7131c275aab5f5c44\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_mipsel.deb\n Size/MD5 checksum: 358010 480087a77642a8ff99a32bb323b62600\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_mipsel.deb\n Size/MD5 checksum: 130712 50da703a75deb2ba87d4be171e80bd5b\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_mipsel.deb\n Size/MD5 checksum: 113352 d363370bcba834268202db5271b20aa3\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_mipsel.deb\n Size/MD5 checksum: 70794 1f57c4362c286bd0d2df40d775690612\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_powerpc.deb\n Size/MD5 checksum: 125106 92d5d46effd18aaa8e849254d9da8acd\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_powerpc.deb\n Size/MD5 checksum: 348504 2f4f96652c28e3f5f1cfae8e5265ec83\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_powerpc.deb\n Size/MD5 checksum: 130380 dacdce767bcff6b0ecbe66add6838e8b\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_powerpc.deb\n Size/MD5 checksum: 189780 ae1e23e3080fbfe3ba26b8acf9561d6c\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_powerpc.deb\n Size/MD5 checksum: 113956 1e2ba4da9ee0775325b351887c182f52\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_powerpc.deb\n Size/MD5 checksum: 72472 3a47c9eca3ec7b6f4e87609b3aca7f65\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_s390.deb\n Size/MD5 checksum: 124802 cdd46922b57a51fedb25ae401d8dc753\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_s390.deb\n Size/MD5 checksum: 121978 71edc1d101933b1a43a9c395427a4aed\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_s390.deb\n Size/MD5 checksum: 128570 f0f7d5dfecb61c6212e0803a325e8a01\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_s390.deb\n Size/MD5 checksum: 186320 cca313c55848e6161810ff16fb71390f\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_s390.deb\n Size/MD5 checksum: 349848 b9cbaa0a70b9bfa28d74ac4a6e107428\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_s390.deb\n Size/MD5 checksum: 76668 f6b5e093ae1c3c5d4442e223115052de\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_sparc.deb\n Size/MD5 checksum: 338056 ab06437e18c1cc36dab35779cc4102d8\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_sparc.deb\n Size/MD5 checksum: 103200 1c6f94d15f4e3052e9ed80fc232f96b5\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_sparc.deb\n Size/MD5 checksum: 117840 5f0671d301a9e2ea8020d0dcaa71a42b\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_sparc.deb\n Size/MD5 checksum: 66374 668815a44c99c366ae8e3f624613932e\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_sparc.deb\n Size/MD5 checksum: 167962 f338f71eeb38be58c67d1ac0fd92d1ff\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_sparc.deb\n Size/MD5 checksum: 117510 63dd9c471f24472eb46a5fd9dcb92077\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/a/apr/apr_1.2.12.orig.tar.gz\n Size/MD5 checksum: 1127522 020ea947446dca2d1210c099c7a4c837\n http://security.debian.org/pool/updates/main/a/apr/apr_1.2.12-5+lenny1.diff.gz\n Size/MD5 checksum: 12398 b407ff7dac7363278f4f060e121aa611\n http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.12+dfsg.orig.tar.gz\n Size/MD5 checksum: 658687 4ef3e41037fe0cdd3a0d107335a008eb\n http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.12+dfsg-8+lenny4.dsc\n Size/MD5 checksum: 1530 dccceaa89d58074be3b7b7738a99756b\n http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.12+dfsg-8+lenny4.diff.gz\n Size/MD5 checksum: 23138 a2222477de9ad92015416542a2c250ed\n http://security.debian.org/pool/updates/main/a/apr/apr_1.2.12-5+lenny1.dsc\n Size/MD5 checksum: 1284 4330306f892fd7c0950b1ccf2537b38d\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_alpha.deb\n Size/MD5 checksum: 806236 3689d5ee779d3846fe67c9dad2f213dc\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_alpha.deb\n Size/MD5 checksum: 53204 92bb2e8a7c48e6f8437680e08607a3f7\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_alpha.deb\n Size/MD5 checksum: 147658 edba141e93c382fbf0ab2bbec1dba899\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_alpha.deb\n Size/MD5 checksum: 158060 b80ad32790c6c8d89f0007a69d9ce0b8\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_alpha.deb\n Size/MD5 checksum: 90740 c715b55d060a2d4e8d7684477d0b9014\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_alpha.deb\n Size/MD5 checksum: 121774 565a4fdd123d04698907456e40d4df0b\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_amd64.deb\n Size/MD5 checksum: 54232 3f23cc38f68bbf926b801b82b3fea917\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_amd64.deb\n Size/MD5 checksum: 80046 f6158018f26ddd6369687b8f9f64aa75\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_amd64.deb\n Size/MD5 checksum: 114326 851cc08504589c09f08ec9e6efa52ef1\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_amd64.deb\n Size/MD5 checksum: 147928 136a5a5c0d558d8f252d1ed44efed217\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_amd64.deb\n Size/MD5 checksum: 133850 6b71ac477650c688863ef33fc58216a0\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_amd64.deb\n Size/MD5 checksum: 825740 bf80dbc726c5b691b023e96e463ba88c\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_arm.deb\n Size/MD5 checksum: 818438 8e6c8a9964650a793e4a0e5ec51a8619\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_arm.deb\n Size/MD5 checksum: 54912 a853d8175d2bee56c6f37aada02fc2ca\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_arm.deb\n Size/MD5 checksum: 107790 85e0815ff8f340d99052a9c9f604cccd\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_arm.deb\n Size/MD5 checksum: 71112 20a4c9fd130c188166c0ebc6ceff5fcf\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_arm.deb\n Size/MD5 checksum: 138982 c84f95cff9713ed403fae7b712456ade\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_arm.deb\n Size/MD5 checksum: 124090 c4fc3663255a416725a69818e3523731\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_armel.deb\n Size/MD5 checksum: 109676 e26ebffcc101ffc87963c9a65b3543f6\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_armel.deb\n Size/MD5 checksum: 124626 4c34337eb3d1d55900a067f2c8412abc\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_armel.deb\n Size/MD5 checksum: 821990 19c68f5f904bb3bbdfd44349f8544e83\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_armel.deb\n Size/MD5 checksum: 55820 f39b0928bc4b91fb60bd6259c6ae6e02\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_armel.deb\n Size/MD5 checksum: 70086 1d3032e0879ed1ea6fa2f04c34af1782\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_armel.deb\n Size/MD5 checksum: 139434 e802e42577998c62fadfc335edb3b81a\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_hppa.deb\n Size/MD5 checksum: 83668 3c8893214d7375303eaf1eec6e27212b\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_hppa.deb\n Size/MD5 checksum: 827762 2fd0d8dd54c92c828e42100bb8816b00\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_hppa.deb\n Size/MD5 checksum: 142916 14e1e2f8fa50b0eb1772f1e4bbc26e50\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_hppa.deb\n Size/MD5 checksum: 140872 7fef63f2cd282e44c51b5e69d94d8706\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_hppa.deb\n Size/MD5 checksum: 113954 926b8c39fee1787a94b3d6cc1c6d420b\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_hppa.deb\n Size/MD5 checksum: 54332 18751dc2275828a126b2dbe568678f32\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_i386.deb\n Size/MD5 checksum: 73814 2ef03972ed5b2232fe5782c4960bc362\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_i386.deb\n Size/MD5 checksum: 54582 edc98ca59cebd14195602929def1da31\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_i386.deb\n Size/MD5 checksum: 141438 5a54e1cac30640ca5e9922586d9983a8\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_i386.deb\n Size/MD5 checksum: 108882 075f37cd43e483d27ff0b94ad01f2d08\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_i386.deb\n Size/MD5 checksum: 121138 fc2411e049936d12702713c82377c9e5\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_i386.deb\n Size/MD5 checksum: 809460 a5648e0404f1cb4244c156cf85bfe0f5\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_ia64.deb\n Size/MD5 checksum: 135404 8f7a4964b22e5e9e5297380c15d8818d\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_ia64.deb\n Size/MD5 checksum: 170110 412b51e1e3c1ed4e309459dd17844e68\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_ia64.deb\n Size/MD5 checksum: 154362 2fc1441f28ef4f90446464627c8ef36d\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_ia64.deb\n Size/MD5 checksum: 837496 6862607faf59e42525f5205d8a967818\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_ia64.deb\n Size/MD5 checksum: 111140 12f0bf9e6264cc9c170c2b8365428cc0\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_ia64.deb\n Size/MD5 checksum: 53428 a6a55d644fb58a0f7ea6a9b509cb71d0\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_mips.deb\n Size/MD5 checksum: 110932 feb666e4f402bcb1954bc194c37496d7\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_mips.deb\n Size/MD5 checksum: 147482 e2508cc75520518ccbe4c3a5cf0cc50c\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_mips.deb\n Size/MD5 checksum: 56582 5134a012017e629239cc543fedf4edf3\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_mips.deb\n Size/MD5 checksum: 74584 2fbb1b76079126fd701f32e45a9cf7f0\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_mips.deb\n Size/MD5 checksum: 792650 126585d9fe0def77f7632f9d098eb11d\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_mips.deb\n Size/MD5 checksum: 136438 ae62dc1d5a32fac11615f4b67cfa4a6b\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_mipsel.deb\n Size/MD5 checksum: 56414 ecca7e3643ccb91fc962b886bdddbc0e\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_mipsel.deb\n Size/MD5 checksum: 136390 d45f956c14ea9fe22b77bce3810c32b7\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_mipsel.deb\n Size/MD5 checksum: 144740 05411f88615592531468cdd89bb4b5d0\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_mipsel.deb\n Size/MD5 checksum: 74366 a15e15331a62f33d33481b7e53f07b48\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_mipsel.deb\n Size/MD5 checksum: 792762 dc1e4748e106c82e9f8bf6c3ecce4a38\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_mipsel.deb\n Size/MD5 checksum: 110974 a5dd28b5c9b3106da8e4c81abea6777d\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_powerpc.deb\n Size/MD5 checksum: 82512 f8a18fb94a4ef3cabec01c288a26eef5\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_powerpc.deb\n Size/MD5 checksum: 55708 555d64273f15c6ebd503b7cb84f0fb29\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_powerpc.deb\n Size/MD5 checksum: 132338 66e77820b5b9d2a05d6df5c4ec2c76b0\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_powerpc.deb\n Size/MD5 checksum: 116238 1a291989c32ea21ac8eef9ca51831fc5\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_powerpc.deb\n Size/MD5 checksum: 147180 cc9f274b349dbbb9ce9b69b0d0edf493\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_powerpc.deb\n Size/MD5 checksum: 821948 fc3acf3dec16223caf6f932e8b7c0c01\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_s390.deb\n Size/MD5 checksum: 126058 474bddd0f3c5a69cc21fc2d403fe90f6\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_s390.deb\n Size/MD5 checksum: 148614 89cc7bb2619f28e5e6e9d0042050a924\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_s390.deb\n Size/MD5 checksum: 133044 fb35625937e6fae551d97df283a32dd9\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_s390.deb\n Size/MD5 checksum: 787872 2dc32425bfbd17b841218064599d80ed\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_s390.deb\n Size/MD5 checksum: 85496 c41f2fdebd22ec066815211768dcdc3a\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_s390.deb\n Size/MD5 checksum: 54414 c36fa2538d8077a8ef09842e07bd989a\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_sparc.deb\n Size/MD5 checksum: 814624 613a70f3443404f5939e91e229d01d25\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_sparc.deb\n Size/MD5 checksum: 54370 4c12839718c73a2b96b607d77fcbc583\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_sparc.deb\n Size/MD5 checksum: 131706 5c2ad3da38aaaab8ac2c14656602c532\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_sparc.deb\n Size/MD5 checksum: 108712 c1f66be9c2daa447d5bfbd1f7639aada\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_sparc.deb\n Size/MD5 checksum: 72738 ec558ed4277ca676f07e3181ffad0335\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_sparc.deb\n Size/MD5 checksum: 124976 22385c13d934c3877ce2f9eeaa4584e3\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "modified": "2009-08-08T18:55:20", "published": "2009-08-08T18:55:20", "id": "DEBIAN:DSA-1854-1:672CD", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2009/msg00170.html", "title": "[SECURITY] [DSA 1854-1] New APR packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2019-05-29T17:22:11", "bulletinFamily": "unix", "description": "USN-813-1 fixed vulnerabilities in apr. This update provides the corresponding updates for apr as provided by Apache on Ubuntu 6.06 LTS.\n\nOriginal advisory details:\n\nMatt Lewis discovered that apr did not properly sanitize its input when allocating memory. If an application using apr processed crafted input, a remote attacker could cause a denial of service or potentially execute arbitrary code as the user invoking the application.", "modified": "2009-08-08T00:00:00", "published": "2009-08-08T00:00:00", "id": "USN-813-2", "href": "https://usn.ubuntu.com/813-2/", "title": "Apache vulnerability", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T17:22:44", "bulletinFamily": "unix", "description": "USN-813-1 fixed vulnerabilities in apr. This update provides the corresponding updates for apr-util.\n\nOriginal advisory details:\n\nMatt Lewis discovered that apr did not properly sanitize its input when allocating memory. If an application using apr processed crafted input, a remote attacker could cause a denial of service or potentially execute arbitrary code as the user invoking the application.", "modified": "2009-08-08T00:00:00", "published": "2009-08-08T00:00:00", "id": "USN-813-3", "href": "https://usn.ubuntu.com/813-3/", "title": "apr-util vulnerability", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T17:21:19", "bulletinFamily": "unix", "description": "Matt Lewis discovered that apr did not properly sanitize its input when allocating memory. If an application using apr processed crafted input, a remote attacker could cause a denial of service or potentially execute arbitrary code as the user invoking the application.", "modified": "2009-08-08T00:00:00", "published": "2009-08-08T00:00:00", "id": "USN-813-1", "href": "https://usn.ubuntu.com/813-1/", "title": "apr vulnerability", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T17:23:08", "bulletinFamily": "unix", "description": "USN-802-1 fixed vulnerabilities in Apache. The upstream fix for CVE-2009-1891 introduced a regression that would cause Apache children to occasionally segfault when mod_deflate is used. This update fixes the problem.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\nIt was discovered that mod_proxy_http did not properly handle a large amount of streamed data when used as a reverse proxy. A remote attacker could exploit this and cause a denial of service via memory resource consumption. This issue affected Ubuntu 8.04 LTS, 8.10 and 9.04. (CVE-2009-1890)\n\nIt was discovered that mod_deflate did not abort compressing large files when the connection was closed. A remote attacker could exploit this and cause a denial of service via CPU resource consumption. (CVE-2009-1891)", "modified": "2009-08-19T00:00:00", "published": "2009-08-19T00:00:00", "id": "USN-802-2", "href": "https://usn.ubuntu.com/802-2/", "title": "Apache regression", "type": "ubuntu", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T17:21:34", "bulletinFamily": "unix", "description": "It was discovered that mod_proxy_http did not properly handle a large amount of streamed data when used as a reverse proxy. A remote attacker could exploit this and cause a denial of service via memory resource consumption. This issue affected Ubuntu 8.04 LTS, 8.10 and 9.04. (CVE-2009-1890)\n\nIt was discovered that mod_deflate did not abort compressing large files when the connection was closed. A remote attacker could exploit this and cause a denial of service via CPU resource consumption. (CVE-2009-1891)", "modified": "2009-07-13T00:00:00", "published": "2009-07-13T00:00:00", "id": "USN-802-1", "href": "https://usn.ubuntu.com/802-1/", "title": "Apache vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:32", "bulletinFamily": "unix", "description": "### Background\n\nThe Apache Portable Runtime (aka APR) provides a set of APIs for creating platform-independent applications. The Apache Portable Runtime Utility Library (aka APR-Util) provides an interface to functionality such as XML parsing, string matching and databases connections. \n\n### Description\n\nMatt Lewis reported multiple Integer overflows in the apr_rmm_malloc(), apr_rmm_calloc(), and apr_rmm_realloc() functions in misc/apr_rmm.c of APR-Util and in memory/unix/apr_pools.c of APR, both occurring when aligning memory blocks. \n\n### Impact\n\nA remote attacker could entice a user to connect to a malicious server with software that uses the APR or act as a malicious client to a server that uses the APR (such as Subversion or Apache servers), possibly resulting in the execution of arbitrary code with the privileges of the user running the application. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Apache Portable Runtime users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/apr-1.3.8\"\n\nAll APR Utility Library users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/apr-util-1.3.9\"", "modified": "2009-09-09T00:00:00", "published": "2009-09-09T00:00:00", "id": "GLSA-200909-03", "href": "https://security.gentoo.org/glsa/200909-03", "type": "gentoo", "title": "Apache Portable Runtime, APR Utility Library: Execution of arbitrary code", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
