MiracleLinux 3 : apr-1.2.7-11.AXS3.4 (AXSA:2011-195:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-195:01 advisory. The mission of the Apache Portable Runtime APR is to provide a free library of C data structures and routines, forming a system portability layer to as many...

The vulnerability of the apr.h component in the APR library allows a hacker to gain access to confidential data.

The vulnerability of the apr.h component in the APR library is related to the improper assignment of permissions for the critical resource. Exploiting this vulnerability may allow an attacker to access confidential data...

Apache HTTP Server DoS Vulnerability (May 2011) - Linux

Apache HTTP Server is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

Scientific Linux Security Update : tomcat6 on SL6.x

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. APR Apache Portable Runtime as mentioned in the CVE-2011-3190 and CVE-2011-2526 descriptions does not refer to APR provided by the apr packages. It refers to the implementation of APR provided by the...

CentOS Update for tomcat6 CESA-2011:1780 centos6

Check for the Version of tomcat6 OpenVAS Vulnerability Test CentOS Update for tomcat6 CESA-2011:1780 centos6 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

apr / aws libraries DoS

resources consumption because of collisions in a hash function...

CVE-2012-0840

tables/aprhash.c in the Apache Portable Runtime APR library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application that...

CVE-2012-0840

tables/aprhash.c in the Apache Portable Runtime APR library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application that...

Debian Security Advisory DSA 2237-1 (apr)

The remote host is missing an update to apr announced via advisory DSA 2237-1. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2011 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

FreeBSD : Apache APR -- DoS vulnerabilities (99a5590c-857e-11e0-96b7-00300582f9fc)

The Apache Portable Runtime Project reports : A flaw was discovered in the aprfnmatch function in the Apache Portable Runtime APR library 1.4.4 or any backported versions that contained the upstream fix for CVE-2011-0419. This could cause httpd workers to enter a hung state 100% CPU utilization...

CVE-2011-0419

CVE-2011-0419 is a stack consumption/DoS vulnerability in the APR library’s fnmatch implementation (apr_fnmatch.c) and, for some platforms, in libc’s fnmatch.c. It affects APR < 1.4.3 and Apache HTTP Server

CVE-2011-0419

Stack consumption vulnerability in the fnmatch implementation in aprfnmatch.c in the Apache Portable Runtime APR library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows...

[SECURITY] [DSA 2237-1] apr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2237-1 [email protected] http://www.debian.org/security/ Stefan Fritsch May 15, 2011 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2237-1] apr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2237-1 [email protected] http://www.debian.org/security/ Stefan Fritsch May 15, 2011 http://www.debian.org/security/faq -...

DSA-2237-2 apr - denial of service

Bulletin has no description...

Apache Httpd < 2.2.19 : apr_fnmatch flaw leads to mod_autoindex remote DoS

A flaw was found in the aprfnmatch function of the bundled APR library. Where modautoindex is enabled, and a directory indexed by modautoindex contained files with sufficiently long names, a remote attacker could send a carefully crafted request which would cause excessive CPU usage. This could b...

Code injection

The Solaris pollset feature in the Event Port backend in poll/unix/port.c in the Apache Portable Runtime APR library before 1.3.9, as used in the Apache HTTP Server before 2.2.14 and other products, does not properly handle errors, which allows remote attackers to cause a denial of service daemon...

CVE-2009-2699

The vulnerability CVE-2009-2699 affects the Solaris pollset feature in the Event Port backend (poll/unix/port.c) of the Apache Portable Runtime (APR) library prior to 1.3.9, as used by Apache HTTP Server prior to 2.2.14 and other products. The issue arises from improper error handling in the Sola...

CVE-2009-2699

The Solaris pollset feature in the Event Port backend in poll/unix/port.c in the Apache Portable Runtime APR library before 1.3.9, as used in the Apache HTTP Server before 2.2.14 and other products, does not properly handle errors, which allows remote attackers to cause a denial of service daemon...

Moderate: Red Hat Security Advisory: httpd security and bug fix update

Updated httpd packages that fix multiple security issues and a bug are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. The httpd package shipped with...