Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2010:0950
HistoryDec 07, 2010 - 12:00 a.m.

(RHSA-2010:0950) Moderate: apr-util security update

2010-12-0700:00:00
access.redhat.com
9

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.425 Medium

EPSS

Percentile

97.0%

JSON

The Apache Portable Runtime (APR) is a portability library used by the
Apache HTTP Server and other projects. apr-util is a library which provides
additional utility interfaces for APR; including support for XML parsing,
LDAP, database interfaces, URI parsing, and more.

It was found that certain input could cause the apr-util library to
allocate more memory than intended in the apr_brigade_split_line()
function. An attacker able to provide input in small chunks to an
application using the apr-util library (such as httpd) could possibly use
this flaw to trigger high memory consumption. (CVE-2010-1623)

All apr-util users should upgrade to these updated packages, which contain
a backported patch to correct this issue. Applications using the apr-util
library, such as httpd, must be restarted for this update to take effect.

OSVersionArchitecturePackageVersionFilename
RedHat6x86_64apr-util-sqlite< 1.3.9-3.el6_0.1apr-util-sqlite-1.3.9-3.el6_0.1.x86_64.rpm
RedHat5s390xapr-util-devel< 1.2.7-11.el5_5.2apr-util-devel-1.2.7-11.el5_5.2.s390x.rpm
RedHat5s390xapr-util-docs< 1.2.7-11.el5_5.2apr-util-docs-1.2.7-11.el5_5.2.s390x.rpm
RedHat4i386apr-util< 0.9.4-22.el4_8.3apr-util-0.9.4-22.el4_8.3.i386.rpm
RedHat6srcapr-util< 1.3.9-3.el6_0.1apr-util-1.3.9-3.el6_0.1.src.rpm
RedHat5i386apr-util-mysql< 1.2.7-11.el5_5.2apr-util-mysql-1.2.7-11.el5_5.2.i386.rpm
RedHat5ppc64apr-util< 1.2.7-11.el5_5.2apr-util-1.2.7-11.el5_5.2.ppc64.rpm
RedHat6i686apr-util-mysql< 1.3.9-3.el6_0.1apr-util-mysql-1.3.9-3.el6_0.1.i686.rpm
RedHat4s390xapr-util-devel< 0.9.4-22.el4_8.3apr-util-devel-0.9.4-22.el4_8.3.s390x.rpm
RedHat6ppc64apr-util-debuginfo< 1.3.9-3.el6_0.1apr-util-debuginfo-1.3.9-3.el6_0.1.ppc64.rpm
Rows per page:
1-10 of 771

Related

openvas 32
nessus 26
prion 1
cve 1
ubuntu 2
fedora 3
veracode 1
f5 2
oraclelinux 1
httpd 2
ubuntucve 2
debian 2
slackware 2
centos 1
debiancve 1
freebsd 1
gentoo 1
suse 1
redhat 1
kaspersky 1
hackerone 1
openvas
openvas
RedHat Update for apr-util RHSA-2010:0950-01
2010-12-23 00:00:00
Slackware: Security Advisory (SSA:2011-041-01)
2012-09-10 00:00:00
CentOS Update for apr-util CESA-2010:0950 centos4 x86_64
2012-07-30 00:00:00
nessus
nessus
Debian DSA-2117-1 : apr-util - denial of service
2010-10-06 00:00:00
Fedora 14 : apr-util-1.3.10-1.fc14 (2010-16178)
2010-11-10 00:00:00
F5 Networks BIG-IP : Apache vulnerability (SOL15902)
2015-09-16 00:00:00
prion
prion
Design/Logic Flaw
2010-10-04 21:00:00
cve
cve
CVE-2010-1623
2010-10-04 21:00:00
ubuntu
ubuntu
APR-util vulnerability
2010-11-25 00:00:00
Apache vulnerabilities
2010-11-25 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: apr-util-1.3.10-1.fc13
2010-10-28 05:47:25
[SECURITY] Fedora 12 Update: apr-util-1.3.10-1.fc12
2010-10-28 05:58:28
[SECURITY] Fedora 14 Update: apr-util-1.3.10-1.fc14
2010-11-10 01:19:10
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:51:33
f5
f5
K15902 : Apache vulnerability CVE-2010-1623
2015-09-16 00:00:00
SOL15902 - Apache vulnerability CVE-2010-1623
2014-12-11 00:00:00
oraclelinux
oraclelinux
apr-util security update
2010-12-07 00:00:00
httpd
httpd
Apache Httpd < 2.0.64 : apr_bridage_split_line DoS
2010-03-03 00:00:00
Apache Httpd < 2.2.17 : apr_bridage_split_line DoS
2010-03-03 00:00:00
ubuntucve
ubuntucve
CVE-2010-1623
2010-10-04 00:00:00
CVE-2007-6750
2011-12-27 00:00:00
debian
debian
[SECURITY] [DSA-2117-1] New apr-util packages fix denial of service
2010-10-04 21:35:18
[SECURITY] [DSA-2117-1] New apr-util packages fix denial of service
2010-10-04 21:35:18
slackware
slackware
[slackware-security] apr-util
2011-02-11 01:16:50
[slackware-security] httpd
2011-02-11 01:17:26
centos
centos
apr security update
2011-01-27 08:46:39
debiancve
debiancve
CVE-2010-1623
2010-10-04 21:00:00
freebsd
freebsd
apr -- multiple vunerabilities
2010-10-02 00:00:00
gentoo
gentoo
Apache Portable Runtime, APR Utility Library: Denial of service
2014-05-18 00:00:00
suse
suse
Security update for apache2 (important)
2011-11-09 19:08:34
redhat
redhat
(RHSA-2011:0897) Moderate: JBoss Enterprise Web Server 1.0.2 update
2011-06-22 00:00:00
kaspersky
kaspersky
KLA10066 Multiple vulnerabilities in Apache httpd
2010-10-19 00:00:00
hackerone
hackerone
U.S. Dept Of Defense: Out-of-date Version (Apache)
2016-11-24 15:09:27

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.425 Medium

EPSS

Percentile

97.0%

JSON
Related for RHSA-2010:0950
openvas32nessus26prion1cve1ubuntu2fedora3veracode1f52oraclelinux1httpd2ubuntucve2debian2slackware2centos1debiancve1freebsd1gentoo1suse1redhat1kaspersky1hackerone1