6.6 Medium
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.969 High
EPSS
Percentile
99.7%
Maksymilian Arciemowicz reported that a flaw in the fnmatch()
implementation in the Apache Portable Runtime (APR) library could allow
an attacker to cause a denial of service. This can be demonstrated
in a remote denial of service attack against mod_autoindex in the
Apache web server. (CVE-2011-0419)
Is was discovered that the fix for CVE-2011-0419 introduced a different
flaw in the fnmatch() implementation that could also result in a
denial of service. (CVE-2011-1928)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 8.04 | noarch | libapr1 | < 1.2.11-1ubuntu0.2 | UNKNOWN |
Ubuntu | 8.04 | noarch | libapr1-dbg | < 1.2.11-1ubuntu0.2 | UNKNOWN |
Ubuntu | 8.04 | noarch | libapr1-dev | < 1.2.11-1ubuntu0.2 | UNKNOWN |
Ubuntu | 6.06 | noarch | libapr0 | < 2.0.55-4ubuntu2.13 | UNKNOWN |
Ubuntu | 6.06 | noarch | apache2 | < 2.0.55-4ubuntu2.13 | UNKNOWN |
Ubuntu | 6.06 | noarch | apache2-common | < 2.0.55-4ubuntu2.13 | UNKNOWN |
Ubuntu | 6.06 | noarch | apache2-mpm-perchild | < 2.0.55-4ubuntu2.13 | UNKNOWN |
Ubuntu | 6.06 | noarch | apache2-mpm-prefork | < 2.0.55-4ubuntu2.13 | UNKNOWN |
Ubuntu | 6.06 | noarch | apache2-mpm-worker | < 2.0.55-4ubuntu2.13 | UNKNOWN |
Ubuntu | 6.06 | noarch | apache2-prefork-dev | < 2.0.55-4ubuntu2.13 | UNKNOWN |