HP Security Bulletin HPSBUX02612 SSRT100345 - Potential security vulnerabilities have been identified with HP-UX Apache-based Web Server. These vulnerabilities could be exploited locally to disclose information, increase privilege or remotely create a Denial of Service (DoS). Revision 1 of this advisory.
b1f190998016e144317781b119e85f9b8dd0c136204c8fe53bffb4d260a8e398Mandriva Linux Security Advisory 2009-314 - Multiple security vulnerabilities has been identified and fixed in apr and apr-util.
5a55dc7a21bb7948a31b389923144cacd08f07e3b91a30ff0c39089032a635bfGentoo Linux Security Advisory GLSA 200907-03 - Multiple vulnerabilities in the Apache Portable Runtime Utility Library might enable remote attackers to cause a Denial of Service or disclose sensitive information. Versions less than 1.3.7 are affected.
4263d47d1b70e312d108199ea0389b75e3ded16f3aec80a2d0b1d0b8cf07bff9Ubuntu Security Notice USN-787-1 - The apache2 packages have been patched to address flaws in apr-util, mod_proxy_ajp, configuration issues, and more.
6699a0f10c75437f8abf294f828cc14f6d1a7f0848d59e33a9b455348d35c9bbUbuntu Security Notice USN-786-1 - Matthew Palmer discovered an underflow flaw in apr-util. An attacker could cause a denial of service via application crash in Apache using a crafted SVNMasterURI directive, .htaccess file, or when using mod_apreq2. Applications using libapreq2 are also affected. It was discovered that the XML parser did not properly handle entity expansion. A remote attacker could cause a denial of service via memory resource consumption by sending a crafted request to an Apache server configured to use mod_dav or mod_dav_svn. C. Michael Pilato discovered an off-by-one buffer overflow in apr-util when formatting certain strings. For big-endian machines (powerpc, hppa and sparc in Ubuntu), a remote attacker could cause a denial of service or information disclosure leak. All other architectures for Ubuntu are not considered to be at risk.
6fdf404d3e87c32b88b8a588aac734977d1001553fd859a031a0c8e9b929ead9Mandriva Linux Security Advisory 2009-131-1 - Multiple security vulnerabilities including off-by-one and denial of service issues have been identified and fixed in apr-util. Fixed packages for CS3 and MNF2 was missing with the last update.
eb63653bb7f489ede1977452aee2e71e5ab8b2560985348a5c4db17376cba613Mandriva Linux Security Advisory 2009-131 - Multiple security vulnerabilities including off-by-one and denial of service issues have been identified and fixed in apr-util.
a626201b7956b1b2eadcc2efa32831e214e4ad74a59de24203e9bf47328f472aDebian Security Advisory 1812-1 - Apr-util, the Apache Portable Runtime Utility library, is used by Apache 2.x, Subversion, and other applications. Two denial of service vulnerabilities have been found in apr-util.
eb8c93e812784e1119a6b541920db3a85bbaec679c272db21dd323b2a1f0665a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed