The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Apache APR-core

vulnerability CVE-2017-12613

Apache APR-core: out-of-bounds memory reading via apr_exp_tim

Synthesis of the vulnerability

An attacker can force a read at an invalid address via apr_exp_tim() of Apache APR-core, in order to trigger a denial of service, or to obtain sensitive information.
Impacted products: APR-core, Mac OS X, Debian, BIG-IP Hardware, TMOS, Fedora, Junos Space, openSUSE Leap, Solaris, RHEL, SUSE Linux Enterprise Desktop, SLES.
Severity: 2/4.
Consequences: data reading, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 24/10/2017.
Identifiers: bulletinjul2018, bulletinjul2019, CVE-2017-12613, DLA-1162-1, FEDORA-2017-8d2cfc3752, HT209139, HT209193, JSA10873, K52319810, openSUSE-SU-2018:1214-1, RHSA-2017:3270-01, RHSA-2018:0465-01, RHSA-2018:0466-01, RHSA-2018:1253-01, SUSE-SU-2018:1322-1, VIGILANCE-VUL-24220.

Description of the vulnerability

An attacker can force a read at an invalid address via apr_exp_tim() of Apache APR-core, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2015-1829

APR Core: read-write access via Windows Named Pipe

Synthesis of the vulnerability

A local attacker on Windows can bypass access restrictions of Named Pipe of APR Core, in order to read or alter data.
Impacted products: APR-core, WebSphere AS Traditional.
Severity: 2/4.
Consequences: data reading, data creation/edition, data deletion.
Provenance: user shell.
Creation date: 29/04/2015.
Identifiers: 1963275, 7022958, CVE-2015-1829, VIGILANCE-VUL-16767.

Description of the vulnerability

The APR library can be installed on Windows.

Named Pipes allow two processes to exchange their information. However, a local attacker can replace a pipe to access to data.

A local attacker on Windows can therefore bypass access restrictions of Named Pipe of APR Core, in order to read or alter data.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2011-1928

Apache APR, httpd: denial of service via apr_fnmatch

Synthesis of the vulnerability

An attacker can create an infinite loop in applications using the apr_fnmatch() function of APR.
Impacted products: APR-core, Apache httpd, Debian, Fedora, Mandriva Linux, NLD, OpenSolaris, openSUSE, Solaris, Trusted Solaris, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES.
Severity: 3/4.
Consequences: denial of service on service.
Provenance: internet client.
Creation date: 20/05/2011.
Identifiers: 51219, CVE-2011-1928, DSA-2237-1, DSA-2237-2, FEDORA-2011-6750, FEDORA-2011-6918, FEDORA-2011-7340, MDVSA-2011:095, MDVSA-2011:095-1, openSUSE-SU-2011:0859-1, RHSA-2011:0844-01, SSA:2011-145-01, SSA:2011-145-02, SUSE-SU-2011:0763-1, SUSE-SU-2011:0763-2, SUSE-SU-2011:0797-1, SUSE-SU-2011:1229-1, VIGILANCE-VUL-10674.

Description of the vulnerability

The APR (Apache Portable Runtime) is a software library for the Apache web server making it portable when some features are not included in the operating system.

The apr_fnmatch() function of the APR library defines in "strings/apr_fnmatch.c" permit to check if a file name contains a shell pattern, such as "file*.txt". However, if the search pattern contains "/*/", the function enters in an infinite loop, and consumes resources.

An attacker can therefore create an infinite loop in applications using the apr_fnmatch() function of APR.

This vulnerability is due to a bad correction of VIGILANCE-VUL-10645.

As Apache httpd mod_autoindex uses apr_fnmatch(), a remote attacker can use a special request in order to create a denial of service in the web server.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2011-0419

Apache APR, httpd: denial of service via apr_fnmatch

Synthesis of the vulnerability

An attacker can create a denial of service in applications using apr_fnmatch of APR. When mod_autoindex is activated in Apache httpd, a remote attacker can employ a special request in order to create a denial of service.
Impacted products: APR-core, APR-util, Apache httpd, Debian, BIG-IP Hardware, TMOS, OpenView, OpenView NNM, HP-UX, Junos Space, Junos Space Network Management Platform, NSM Central Manager, NSMXpress, Mandriva Linux, NLD, OpenSolaris, openSUSE, Solaris, Trusted Solaris, RHEL, JBoss EAP by Red Hat, Slackware, SUSE Linux Enterprise Desktop, SLES.
Severity: 3/4.
Consequences: denial of service on server.
Provenance: internet client.
Creation date: 12/05/2011.
Revisions dates: 12/05/2011, 13/05/2011.
Identifiers: 703390, c02997184, c03011498, c03025215, CERTA-2011-AVI-296, CERTA-2011-AVI-309, CERTA-2011-AVI-515, CERTA-2011-AVI-618, CERTA-2013-AVI-243, CVE-2011-0419, DSA-2237-1, DSA-2237-2, HPSBMU02704, HPSBUX02702, HPSBUX02707, MDVSA-2011:084, openSUSE-SU-2011:0859-1, PSN-2012-11-767, PSN-2013-02-846, RHSA-2011:0507-01, RHSA-2011:0896-01, RHSA-2011:0897-01, SOL15920, SSA:2011-133-01, SSRT100606, SSRT100619, SSRT100626, SUSE-SU-2011:0763-1, SUSE-SU-2011:0763-2, SUSE-SU-2011:0797-1, SUSE-SU-2011:1229-1, VIGILANCE-VUL-10645.

Description of the vulnerability

The APR (Apache Portable Runtime) is a software library for the Apache web server making it portable when some features are not included in the operating system.

The apr_fnmatch() function of the APR library defines in "strings/apr_fnmatch.c" permit to check if a file name contains a shell pattern, such as "file*.txt". This function implements a recursive algorithm. However, if the search pattern contains many '*', the function is then called recursively many times, and consumes resources.

The Apache httpd mod_autoindex module generates index pages of directories.

The apr_fnmatch() function of the APR library is used by mod_autoindex for index generation corresponding to a model/filter. However when a directory contains long filenames is indexed by mod_autoindex, the apr_fnmatch() function consumes many resources, this causes a denial of service.

An attacker can therefore create a denial of service in applications using apr_fnmatch of APR.
When mod_autoindex is activated in Apache httpd, a remote attacker can therefore employ a special request in order to create a denial of service.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Apache APR-core: