4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.01 Low
EPSS
Percentile
81.3%
Apr-util, the Apache Portable Runtime Utility library, is used by
Apache 2.x, Subversion, and other applications. Two denial of service
vulnerabilities have been found in apr-util:
Other exploit paths in other applications using apr-util may exist.
If you use Apache, or if you use svnserve in standalone mode, you need
to restart the services after you upgraded the libaprutil1 package.
The oldstable distribution (etch), these problems have been fixed in
version 1.2.7+dfsg-2+etch2.
For the stable distribution (lenny), these problems have been fixed in
version 1.2.12+dfsg-8+lenny2.
For the testing distribution (squeeze) and the unstable distribution
(sid), these problems will be fixed soon.
We recommend that you upgrade your apr-util packages.
CPE | Name | Operator | Version |
---|---|---|---|
apr-util | eq | 1.2.12+dfsg-8 |