Debian: Security Advisory (DSA-4541-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 4541-1] libapreq2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4541-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 04, 2019 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4541-1] libapreq2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4541-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 04, 2019 https://www.debian.org/security/faq -...

Debian DLA-1944-1 : libapreq2 security update

It was discovered that there was a remotely-exploitable NULL pointer dereference in libapreq2, a library for manipulating HTTP requests. For Debian 8 'Jessie', this issue has been fixed in libapreq2 version 2.13-4+deb8u1. We recommend that you upgrade your libapreq2 packages. NOTE: Tenable Networ...

DSA-4541-1 libapreq2 - security update

Bulletin has no description...

Debian: Security Advisory (DLA-1944-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 1944-1] libapreq2 security update

Package : libapreq2 Version : 2.13-4+deb8u1 CVE ID : CVE-2019-12412 Debian Bug : 939937 It was discovered that there was a remotely-exploitable null pointer dereference in libapreq2, a library for manipulating HTTP requests. For Debian 8 "Jessie", this issue has been fixed in libapreq2 version...

CVE-2019-12412

A flaw in the libapreq2 v2.07 to v2.13 multipart parser can deference a null pointer leading to a process crash. A remote attacker could send a request causing a process crash which could lead to a denial of service attack...

UBUNTU-CVE-2019-12412

A flaw in the libapreq2 v2.07 to v2.13 multipart parser can deference a null pointer leading to a process crash. A remote attacker could send a request causing a process crash which could lead to a denial of service attack...

apr-util heap buffer underwrite

The aprstrmatchprecompile function in strmatch/aprstrmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service daemon crash via crafted input involving 1 a .htaccess file used with the Apache HTTP Server, 2 the SVNMasterURI directive in the moddavsvn module in t...

apr-util heap buffer underwrite

The aprstrmatchprecompile function in strmatch/aprstrmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service daemon crash via crafted input involving 1 a .htaccess file used with the Apache HTTP Server, 2 the SVNMasterURI directive in the moddavsvn module in t...

apr-util heap buffer underwrite

The aprstrmatchprecompile function in strmatch/aprstrmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service daemon crash via crafted input involving 1 a .htaccess file used with the Apache HTTP Server, 2 the SVNMasterURI directive in the moddavsvn module in t...

apr-util heap buffer underwrite

The aprstrmatchprecompile function in strmatch/aprstrmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service daemon crash via crafted input involving 1 a .htaccess file used with the Apache HTTP Server, 2 the SVNMasterURI directive in the moddavsvn module in t...

Ubuntu USN-786-1 (apr-util)

The remote host is missing an update to apr-util announced via advisory USN-786-1. OpenVAS Vulnerability Test $Id: ubuntu7861.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu7861.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-786-1 apr-util Authors: Thomas...

Ubuntu 8.04 LTS / 8.10 / 9.04 : apr-util vulnerabilities (USN-786-1)

Matthew Palmer discovered an underflow flaw in apr-util. An attacker could cause a denial of service via application crash in Apache using a crafted SVNMasterURI directive, .htaccess file, or when using modapreq2. Applications using libapreq2 are also affected. CVE-2009-0023 It was discovered tha...

USN-786-1: apr-util vulnerabilities

Matthew Palmer discovered an underflow flaw in apr-util. An attacker could cause a denial of service via application crash in Apache using a crafted SVNMasterURI directive, .htaccess file, or when using modapreq2. Applications using libapreq2 are also affected. CVE-2009-0023 It was discovered tha...

Apache APR-util库apr_strmatch_precompile()函数整数下溢漏洞

BUGTRAQ ID: 35221 CVECAN ID: CVE-2009-0023 Apr-util是Apache所使用的Apache可移植运行时工具库。 Apr-util库的strmatch/aprstrmatch.c文件中的aprstrmatchprecompile函数存在整数下溢漏洞。如果远程攻击者通过.htaccess文件、moddavsvn模块中的SVNMasterURI指令、modapreq2模块或libapreq2 库等方式传送了特制输入的话，就可能导致守护程序崩溃。 APR-util 1.3.4 厂商补丁： Apache Group ------------...

Debian: Security Advisory (DSA-1812-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Heap overflow

The aprstrmatchprecompile function in strmatch/aprstrmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service daemon crash via crafted input involving 1 a .htaccess file used with the Apache HTTP Server, 2 the SVNMasterURI directive in the moddavsvn module in t...

CVE-2009-0023

The aprstrmatchprecompile function in strmatch/aprstrmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service daemon crash via crafted input involving 1 a .htaccess file used with the Apache HTTP Server, 2 the SVNMasterURI directive in the moddavsvn module in t...