Security Bulletin: IBM Engineering Requirements Management DOORS/DWA vulnerabilities addressed in 9.7.2.9

Summary Apache Portable Runtime, The Expat XML Parser and DOORS Web Access are identified as vulnerable components with multiple reported vulnerabilities. The IBM Engineering Requirements Management DOORS/DWA product version 9.7.2.8 is vulnerable to the below mentioned CVEs. Remediation actions a...

K15920: Apache vulnerability CVE-2011-0419

Security Advisory Description Stack consumption vulnerability in the fnmatch implementation in aprfnmatch.c in the Apache Portable Runtime APR library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle...

Apache HTTP Server DoS Vulnerability (May 2011) - Linux

Apache HTTP Server is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

Denial Of Service (DoS)

apr is vulnerable to denial of service. The fix for CVE-2011-0419 released via RHSA-2011:0507 introduced an infinite loop flaw in the aprfnmatch function when the APRFNMPATHNAME matching flag was used. A remote attacker could possibly use this flaw to cause a denial of service on an application...

Solaris 10 (sparc) : 147713-01

Vulnerability in the Solaris component of Oracle Sun Products Suite subcomponent: Library/libc. Supported versions that are affected are 9 and 10. Difficult to exploit vulnerability allows successful unauthenticated network attacks via TCP/IP. Successful attack of this vulnerability can result in...

Solaris 10 (x86) : 147714-01

Vulnerability in the Solaris component of Oracle Sun Products Suite subcomponent: Library/libc. Supported versions that are affected are 9 and 10. Difficult to exploit vulnerability allows successful unauthenticated network attacks via TCP/IP. Successful attack of this vulnerability can result in...

U.S. Dept Of Defense: Out-of-date Version (Apache)

URL https://████████/ Identified Version 2.2.15 contains 4 important and 10 other vulnerabilities Latest Version 2.2.31 Vulnerability Database Result is based on 27.10.2016 vulnerability database content. Vulnerability Details Link identified you are using an out-of-date version of Apache. Impact...

Oracle: Security Advisory (ELSA-2011-0507)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SOL15920 - Apache vulnerability CVE-2011-0419

Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. BIG-IP and...

openSUSE Security Update : apache2 (openSUSE-SU-2011:0859-1)

This update fixes : - CVE-2011-0419 and CVE-2011-1928: unconstrained recursion when processing patterns - CVE-2010-1623: a remote DoS memory leak in APR's reqtimeoutfilter function %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

openSUSE Security Update : apache2 (openSUSE-SU-2011:0859-1)

This update fixes : - CVE-2011-0419 and CVE-2011-1928: unconstrained recursion when processing patterns - CVE-2010-1623: a remote DoS memory leak in APR's reqtimeoutfilter function %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

GLSA-201405-24 : Apache Portable Runtime, APR Utility Library: Denial of Service

The remote host is affected by the vulnerability described in GLSA-201405-24 Apache Portable Runtime, APR Utility Library: Denial of Service Multiple vulnerabilities have been discovered in Apache Portable Runtime and APR Utility Library. Please review the CVE identifiers referenced below for...

Oracle Linux 5 / 6 : apr (ELSA-2011-0844)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2011-0844 advisory. 1.3.9-3.2 - add fix for aprfnmatch regression CVE-2011-1928, 706352 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 5 / 6 : apr (ELSA-2011-0507)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2011-0507 advisory. 1.3.9-3.1 - add fix for CVE-2011-0419 703520 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note th...

Slackware: Security Advisory (SSA:2011-133-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Scientific Linux Security Update : apr on SL6.x i386/x86_64

The Apache Portable Runtime APR is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines. The fix for CVE-2011-0419 introduced an infinite loop flaw in the aprfnmatch function when the APRFNMPATHNAME matching flag was...

Scientific Linux Security Update : apr on SL4.x, SL5.x, SL6.x i386/x86_64

It was discovered that the aprfnmatch function used an unconstrained recursion when processing patterns with the '' wildcard. An attacker could use this flaw to cause an application using this function, which also accepted untrusted input as a pattern for matching such as an httpd server using th...

Scientific Linux Security Update : apr on SL4.x, SL5.x i386/x86_64

The Apache Portable Runtime APR is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines. The fix for CVE-2011-0419 introduced an infinite loop flaw in the aprfnmatch function when the APRFNMPATHNAME matching flag was...

CentOS Update for apr CESA-2011:0844 centos4 x86_64

Check for the Version of apr OpenVAS Vulnerability Test CentOS Update for apr CESA-2011:0844 centos4 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...

CentOS Update for apr CESA-2011:0507 centos4 x86_64

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...