Download
| Alert*
oval:org.secpod.oval:def:1081
The host is installed with Apache HTTP Server and is prone to denial of service vulnerability. A flaw is present in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library, which fails to handle URIs that do not match unspecified types of wildcard patterns. Successfu ... oval:org.secpod.oval:def:301025 It was discovered that the fix for CVE-2011-0419 under certain conditions could cause a denial-of-service attack in APR . Packages for 2010.0 are provided as of the Extended Maintenance Program. Update: Packages for Mandriva Linux 2010.0 were missing with the MDVSA-2011:095 advisory. oval:org.secpod.oval:def:301022 It was discovered that the fix for CVE-2011-0419 under certain conditions could cause a denial-of-service attack in APR . Packages for 2009.0 are provided as of the Extended Maintenance Program oval:org.secpod.oval:def:500258 The Apache Portable Runtime is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines. The fix for CVE-2011-0419 introduced an infinite loop flaw in the apr_fnmatch function when the APR_FNM_PATHNAME matching flag was u ... oval:org.secpod.oval:def:1503589 Updated apr packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available ... oval:org.secpod.oval:def:600529 The recent APR update DSA-2237-1 introduced a regression that could lead to an endless loop in the apr_fnmatch function, causing a denial of service. This update fixes this problem . For reference, the description of the original DSA, which fixed CVE-2011-0419: A flaw was found in the APR library, w ... oval:org.secpod.oval:def:200642 The Apache Portable Runtime is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines. The fix for CVE-2011-0419 introduced an infinite loop flaw in the apr_fnmatch function when the APR_FNM_PATHNAME matching flag was u ... oval:org.secpod.oval:def:102689 The mission of the Apache Portable Runtime is to provide a free library of C data structures and routines, forming a system portability layer to as many operating systems as possible, including Unices, MS Win32, BeOS and OS/2. oval:org.secpod.oval:def:700510 apr: The Apache Portable Runtime Library - apache2: a scalable, extensible web server A denial of service issue exists that affects the Apache web server. oval:org.secpod.oval:def:102686 The mission of the Apache Portable Runtime is to provide a free library of C data structures and routines, forming a system portability layer to as many operating systems as possible, including Unices, MS Win32, BeOS and OS/2. oval:org.secpod.oval:def:201603 The Apache Portable Runtime is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines. The fix for CVE-2011-0419 introduced an infinite loop flaw in the apr_fnmatch function when the APR_FNM_PATHNAME matching flag was u ... oval:org.secpod.oval:def:200643 The Apache Portable Runtime is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines. The fix for CVE-2011-0419 introduced an infinite loop flaw in the apr_fnmatch function when the APR_FNM_PATHNAME matching flag was u ... oval:org.secpod.oval:def:201656 The Apache Portable Runtime is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines. The fix for CVE-2011-0419 introduced an infinite loop flaw in the apr_fnmatch function when the APR_FNM_PATHNAME matching flag was u ... oval:org.secpod.oval:def:102892 The mission of the Apache Portable Runtime is to provide a free library of C data structures and routines, forming a system portability layer to as many operating systems as possible, including Unices, MS Win32, BeOS and OS/2. |