The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Juniper Junos Space Service Insight

vulnerability note CVE-2012-2131

OpenSSL 0.9.8: memory corruption via asn1_d2i_read_bio

Synthesis of the vulnerability

An attacker can use malformed ASN.1 data, with an application linked to OpenSSL 0.9.8, in order to corrupt the memory, which leads to a denial of service or to code execution.
Impacted products: Debian, HP-UX, AIX, Tivoli Workload Scheduler, Junos Space, Mandriva Linux, OpenSSL, Solaris, RHEL, SUSE Linux Enterprise Desktop, SLES.
Severity: 3/4.
Consequences: user access/rights, denial of service on service.
Provenance: document.
Creation date: 24/04/2012.
Identifiers: 1643316, BID-53212, c03333987, CERTA-2012-AVI-286, CERTA-2012-AVI-419, CERTFR-2014-AVI-480, CERTFR-2016-AVI-300, CVE-2012-2131, DSA-2454-2, HPSBUX02782, JSA10659, MDVSA-2012:064, RHSA-2012:0518-01, RHSA-2012:0522-01, SSRT100844, SUSE-SU-2012:0623-1, SUSE-SU-2012:0637-1, VIGILANCE-VUL-11564.

Description of the vulnerability

The version 0.9.8v of OpenSSL was published to correct the vulnerability VIGILANCE-VUL-11559.

However, the vulnerability was not fully corrected by this version.

An attacker can therefore still use malformed ASN.1 data, with an application linked to OpenSSL 0.9.8, in order to corrupt the memory, which leads to a denial of service or to code execution.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2012-2110

OpenSSL: memory corruption via asn1_d2i_read_bio

Synthesis of the vulnerability

An attacker can use malformed ASN.1 data, with an application linked to OpenSSL, in order to corrupt the memory, which leads to a denial of service or to code execution.
Impacted products: Debian, BIG-IP Hardware, TMOS, Fedora, FreeBSD, HP-UX, AIX, Tivoli Workload Scheduler, IVE OS, Junos Pulse, Junos Space, Juniper SA, Juniper SBR, Mandriva Linux, NetBSD, NetScreen Firewall, ScreenOS, OpenBSD, OpenSSL, openSUSE, Solaris, RHEL, JBoss EAP by Red Hat, SUSE Linux Enterprise Desktop, SLES, ESX.
Severity: 3/4.
Consequences: user access/rights, denial of service on service.
Provenance: document.
Creation date: 19/04/2012.
Identifiers: 1643316, BID-53158, c03333987, CERTA-2012-AVI-224, CERTA-2012-AVI-286, CERTA-2012-AVI-419, CERTA-2012-AVI-479, CERTFR-2014-AVI-480, CERTFR-2016-AVI-300, CVE-2012-2110, DSA-2454-1, ESX350-201302401-SG, ESX400-201209001, ESX400-201209401-SG, ESX400-201209402-SG, ESX400-201209404-SG, ESX410-201208101-SG, ESX410-201208102-SG, ESX410-201208103-SG, ESX410-201208104-SG, ESX410-201208105-SG, ESX410-201208106-SG, ESX410-201208107-SG, FEDORA-2012-6395, FEDORA-2012-6403, FreeBSD-SA-12:01.openssl, HPSBUX02782, JSA10659, KB27376, MDVSA-2012:060, NetBSD-SA2012-001, openSUSE-SU-2013:0336-1, openSUSE-SU-2013:0337-1, openSUSE-SU-2013:0339-1, PSN-2012-09-712, PSN-2013-03-872, PSN-2013-05-941, RHSA-2012:0518-01, RHSA-2012:0522-01, RHSA-2012:1306-01, RHSA-2012:1307-01, RHSA-2012:1308-01, SOL16285, SSRT100844, SUSE-SU-2012:0623-1, SUSE-SU-2012:0637-1, SUSE-SU-2012:1149-1, SUSE-SU-2012:1149-2, VIGILANCE-VUL-11559, VMSA-2012-0003.1, VMSA-2012-0005.2, VMSA-2012-0005.3, VMSA-2012-0008.1, VMSA-2012-0013, VMSA-2012-0013.1, VMSA-2013-0001.2, VMSA-2013-0003.

Description of the vulnerability

X.509 certificates are encoded with ASN.1 (Abstract Syntax Notation).

OpenSSL uses BIO, which are data streams where a program can write or read.

The asn1_d2i_read_bio() function of OpenSSL decodes ASN.1 data coming from a BIO.

However, this function converts ("cast") size of ASN.1 objects to signed integers (where as "size_t" is unsigned). If the announced size of an object is greater than 0x80000000, an allocation error thus occurs, and the memory is corrupted.

The asn1_d2i_read_bio() function is used by several OpenSSL functions. Note: SSL/TLS clients/servers do not use this function, and are thus not vulnerable (there are exceptions if d2i_X509_bio() is called). However, S/MIME or CMS applications are vulnerable.

An attacker can therefore use malformed ASN.1 data, with an application linked to OpenSSL, in order to corrupt the memory, which leads to a denial of service or to code execution.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2012-0882

MySQL: vulnerability

Synthesis of the vulnerability

A vulnerability impacts MySQL.
Impacted products: Junos Space, Junos Space Network Management Platform, MySQL Community, MySQL Enterprise, Percona Server.
Severity: 2/4.
Consequences: unknown consequence, administrator access/rights, privileged access/rights, user access/rights, client access/rights, data reading, data creation/edition, data deletion, data flow, denial of service on server, denial of service on service, denial of service on client, disguisement.
Provenance: user account.
Creation date: 10/02/2012.
Identifiers: BID-51925, BID-52154-REJECT, CVE-2012-0882, JSA10601, VIGILANCE-VUL-11350.

Description of the vulnerability

A vulnerability impacts MySQL.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2012-0053

Apache httpd: reading an HttpOnly cookie

Synthesis of the vulnerability

An attacker can use a malformed HTTP query, in order to generate a code 400 error, which displays user's HttpOnly cookies, so JavaScript code can access them.
Impacted products: Apache httpd, Debian, BIG-IP Hardware, TMOS, Fedora, OpenView NNM, HP-UX, Junos Space, Junos Space Network Management Platform, Mandriva Linux, openSUSE, Solaris, Trusted Solaris, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES.
Severity: 2/4.
Consequences: data reading.
Provenance: document.
Creation date: 27/01/2012.
Identifiers: BID-51706, c03231301, c03278391, CERTA-2012-AVI-225, CVE-2012-0053, DSA-2405-1, FEDORA-2012-1598, FEDORA-2012-1642, HPSBMU02748, HPSBUX02761, JSA10585, MDVSA-2012:012, openSUSE-SU-2012:0314-1, RHSA-2012:0128-01, RHSA-2012:0323-01, RHSA-2012:0542-01, RHSA-2012:0543-01, SOL15273, SOL15889, SSA:2012-041-01, SSRT100772, SSRT100823, SUSE-SU-2012:0284-1, SUSE-SU-2012:0323-1, VIGILANCE-VUL-11323.

Description of the vulnerability

The HTTP Set-Cookie header defines a cookie. This header can also contain the HttpOnly attribute:
  Set-Cookie: v=abc; HttpOnly
This attribute indicates that this cookie cannot be accessed from JavaScript. This feature is supported since IE 6 SP1, Mozilla Firefox 3.0.0.6 and Opera 9.23, in order to protect a website against a Cross Site Scripting.

When Apache httpd receives a malformed HTTP query, (CONNECT with "authority", line larger than LimitRequestFieldSize, header without ':'), it returns a code 400 error page. If there is no default error page defined by ErrorDocument, Apache httpd dynamically generates this page. However, the generated page contains all headers, in order to help developers. Cookies are thus displayed inside the HTML, even if they have the HttpOnly attribute. As JavaScript code is allowed to read an HTML document, it can thus read the cookie.

An attacker can therefore use a malformed HTTP query, in order to generate a code 400 error, which displays user's HttpOnly cookies, so JavaScript code can access them.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2011-2262 CVE-2012-0075 CVE-2012-0087

MySQL: several vulnerabilities of January 2012

Synthesis of the vulnerability

Several vulnerabilities of Oracle MySQL are corrected by the CPU of January 2012.
Impacted products: Debian, BIG-IP Hardware, TMOS, Fedora, Junos Space, Junos Space Network Management Platform, MySQL Community, MySQL Enterprise, openSUSE, Percona Server, RHEL.
Severity: 2/4.
Consequences: user access/rights, data reading, data creation/edition, data deletion, denial of service on service.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 27.
Creation date: 18/01/2012.
Identifiers: BID-51488, BID-51493, BID-51502, BID-51503, BID-51504, BID-51505, BID-51506, BID-51507, BID-51508, BID-51509, BID-51510, BID-51511, BID-51512, BID-51513, BID-51514, BID-51515, BID-51516, BID-51517, BID-51518, BID-51519, BID-51520, BID-51521, BID-51522, BID-51523, BID-51524, BID-51525, BID-51526, CERTA-2012-AVI-024, cpujan2012, CVE-2011-2262, CVE-2012-0075, CVE-2012-0087, CVE-2012-0101, CVE-2012-0102, CVE-2012-0112, CVE-2012-0113, CVE-2012-0114, CVE-2012-0115, CVE-2012-0116, CVE-2012-0117, CVE-2012-0118, CVE-2012-0119, CVE-2012-0120, CVE-2012-0484, CVE-2012-0485, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0490, CVE-2012-0491, CVE-2012-0492, CVE-2012-0493, CVE-2012-0494, CVE-2012-0495, CVE-2012-0496, DSA-2429-1, FEDORA-2012-0972, FEDORA-2012-0987, JSA10601, openSUSE-SU-2012:0618-1, openSUSE-SU-2012:0619-1, RHSA-2012:0105-01, RHSA-2012:0127-01, sol14410, VIGILANCE-VUL-11296.

Description of the vulnerability

A Critical Patch Update corrects several vulnerabilities of Oracle MySQL.

An attacker can use a vulnerability of MySQL, in order to obtain information, or to create a denial of service. [severity:2/4; BID-51488, CVE-2012-0113]

An attacker can use a vulnerability of MySQL, in order to create a denial of service. [severity:2/4; BID-51493, CERTA-2012-AVI-024, CVE-2011-2262]

An attacker can use a vulnerability of MySQL, in order to obtain or alter information. [severity:2/4; BID-51508, CVE-2012-0116]

An attacker can use a vulnerability of MySQL, in order to obtain information, or to create a denial of service. [severity:2/4; BID-51511, CVE-2012-0118]

An attacker can use a vulnerability of MySQL, in order to obtain or alter information. [severity:2/4; BID-51507, CVE-2012-0496]

An attacker can use a vulnerability of MySQL, in order to create a denial of service. [severity:2/4; BID-51509, CVE-2012-0087]

An attacker can use a vulnerability of MySQL, in order to create a denial of service. [severity:2/4; BID-51505, CVE-2012-0101]

An attacker can use a vulnerability of MySQL, in order to create a denial of service. [severity:2/4; BID-51502, CVE-2012-0102]

An attacker can use a vulnerability of MySQL, in order to create a denial of service. [severity:2/4; BID-51504, CVE-2012-0115]

An attacker can use a vulnerability of MySQL, in order to create a denial of service. [severity:2/4; BID-51512, CVE-2012-0119]

An attacker can use a vulnerability of MySQL, in order to create a denial of service. [severity:2/4; BID-51517, CVE-2012-0120]

An attacker can use a vulnerability of MySQL, in order to obtain information. [severity:2/4; BID-51515, CVE-2012-0484]

An attacker can use a vulnerability of MySQL, in order to create a denial of service. [severity:2/4; BID-51513, CVE-2012-0485]

An attacker can use a vulnerability of MySQL, in order to create a denial of service. [severity:2/4; BID-51514, CVE-2012-0486]

An attacker can use a vulnerability of MySQL, in order to create a denial of service. [severity:2/4; BID-51503, CVE-2012-0487]

An attacker can use a vulnerability of MySQL, in order to create a denial of service. [severity:2/4; BID-51506, CVE-2012-0488]

An attacker can use a vulnerability of MySQL, in order to create a denial of service. [severity:2/4; BID-51510, CVE-2012-0489]

An attacker can use a vulnerability of MySQL, in order to create a denial of service. [severity:2/4; BID-51524, CVE-2012-0490]

An attacker can use a vulnerability of MySQL, in order to create a denial of service. [severity:2/4; BID-51518, CVE-2012-0491]

An attacker can use a vulnerability of MySQL, in order to create a denial of service. [severity:2/4; BID-51522, CVE-2012-0495]

An attacker can use a vulnerability of MySQL, in order to create a denial of service. [severity:2/4; BID-51519, CVE-2012-0112]

An attacker can use a vulnerability of MySQL, in order to create a denial of service. [severity:2/4; BID-51521, CVE-2012-0117]

An attacker can use a vulnerability of MySQL, in order to obtain or alter information. [severity:2/4; BID-51520, CVE-2012-0114]

An attacker can use a vulnerability of MySQL, in order to create a denial of service. [severity:1/4; BID-51516, CVE-2012-0492]

An attacker can use a vulnerability of MySQL, in order to create a denial of service. [severity:1/4; BID-51525, CVE-2012-0493]

An attacker can use a vulnerability of MySQL, in order to alter information. [severity:2/4; BID-51526, CVE-2012-0075]

An attacker can use a vulnerability of MySQL, in order to create a denial of service. [severity:1/4; BID-51523, CVE-2012-0494]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2011-4317

Apache httpd: access to another server via mod_proxy

Synthesis of the vulnerability

An attacker can use a malicious HTTP query, when mod_proxy uses RewriteRule or ProxyPassMatch, in order to access to web resources of another server.
Impacted products: Apache httpd, Debian, BIG-IP Hardware, TMOS, OpenView NNM, Junos Space, Junos Space Network Management Platform, Mandriva Linux, openSUSE, Solaris, Trusted Solaris, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES.
Severity: 2/4.
Consequences: data reading, data flow.
Provenance: internet client.
Creation date: 25/11/2011.
Identifiers: BID-50802, c03231301, CVE-2011-4317, DSA-2405-1, HPSBMU02748, JSA10585, MDVSA-2012:003, openSUSE-SU-2012:0212-1, openSUSE-SU-2012:0248-1, openSUSE-SU-2013:0243-1, openSUSE-SU-2013:0248-1, RHSA-2012:0128-01, SOL15889, SSA:2012-041-01, SSRT100772, SUSE-SU-2011:1309-1, SUSE-SU-2011:1322-1, VIGILANCE-VUL-11179.

Description of the vulnerability

The mod_proxy module is used to configure Apache httpd as a proxy, in order to access to an internal web server. Its resources are voluntarily public.

However, the VIGILANCE-VUL-11041 vulnerability of mod_proxy was not fully corrected.

Indeed, the case where the query has a scheme ("something:endOfQuery") was not corrected. The scheme ("something:") is removed, and the end of query ("endOfQuery") is concatenated to the rewrite rule.

An attacker can therefore still use a malicious HTTP query on Apache httpd, when mod_proxy uses RewriteRule or ProxyPassMatch, in order to access to web resources of another server.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2011-3368

Apache httpd: access to another server via mod_proxy

Synthesis of the vulnerability

An attacker can use a malicious HTTP query, when mod_proxy uses RewriteRule or ProxyPassMatch, in order to access to web resources of another server.
Impacted products: Apache httpd, Debian, BIG-IP Hardware, TMOS, Fedora, OpenView NNM, Junos Space, Junos Space Network Management Platform, Mandriva Linux, openSUSE, Solaris, Trusted Solaris, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES.
Severity: 2/4.
Consequences: data reading, data flow.
Provenance: internet client.
Creation date: 05/10/2011.
Identifiers: BID-49957, c03231301, CERTA-2011-AVI-562, CERTA-2011-AVI-607, CERTA-2012-AVI-050, CERTA-2012-AVI-156, CVE-2011-3368, DSA-2405-1, FEDORA-2012-1598, FEDORA-2012-1642, HPSBMU02748, JSA10585, MDVSA-2011:144, openSUSE-SU-2012:0212-1, openSUSE-SU-2012:0248-1, openSUSE-SU-2013:0243-1, openSUSE-SU-2014:1647-1, RHSA-2011:1391-01, RHSA-2011:1392-01, RHSA-2012:0542-01, RHSA-2012:0543-01, SOL15889, SSA:2012-041-01, SSRT100772, SUSE-SU-2011:1229-1, SUSE-SU-2011:1309-1, SUSE-SU-2011:1322-1, VIGILANCE-VUL-11041.

Description of the vulnerability

The mod_proxy module is used to configure Apache httpd as a proxy, in order to access to an internal web server. Its resources are voluntarily public.

The RewriteRule and ProxyPassMatch directives are used to rewrite requested HTTP paths (url). For example:
  RewriteRule (.*) http://voluntaryPublic.example.com$1 [P]
  ProxyPassMatch (.*) http://voluntaryPublic.example.com$1

However, if the domain name does not end by a '/', an attacker can for example use the following HTTP query:
  GET @privateServer.example.com/page.html HTTP/1.1
This query will be rewritten as:
  GET http://voluntaryPublic.example.com@privateServer.example.com/page.html HTTP/1.1
The attacker then has access to the web page located on the private server.

An attacker can therefore use a malicious HTTP query, when mod_proxy uses RewriteRule or ProxyPassMatch, in order to access to web resources of another server.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2011-3348

Apache httpd: denial of service via mod_proxy_ajp

Synthesis of the vulnerability

When mod_proxy_ajp is used with mod_proxy_balancer, an attacker can use an unknown HTTP method, in order to create a denial of service.
Impacted products: Apache httpd, OpenView, OpenView NNM, HP-UX, Junos Space, Junos Space Network Management Platform, Mandriva Linux, OpenSolaris, RHEL, Slackware.
Severity: 2/4.
Consequences: denial of service on service.
Provenance: internet client.
Creation date: 14/09/2011.
Identifiers: BID-49616, c03011498, c03025215, CERTA-2011-AVI-516, CVE-2011-3348, HPSBMU02704, HPSBUX02707, MDVSA-2011:168, PSN-2013-02-846, RHSA-2011:1391-01, RHSA-2012:0542-01, RHSA-2012:0543-01, SSA:2011-284-01, SSRT100619, SSRT100626, VIGILANCE-VUL-10991.

Description of the vulnerability

The mod_proxy module provides a generic proxy service for Apache httpd. The mod_proxy_ajp module adds the AJP13 (Apache JServe Protocol version 1.3) support, which is used with Tomcat. The mod_proxy_balancer module is used to balance the load between several proxies.

The HTTP protocol defines a list of methods (GET, POST, etc.) which are used in queries.

The ap_proxy_ajp_request() function of the modules/proxy/mod_proxy_ajp.c file does not ignore unknown HTTP methods. However, when mod_proxy_balancer is also used, the associated proxy enters in an error state. Using several queries, an attacker can thus stop all balanced proxies.

When mod_proxy_ajp is used with mod_proxy_balancer, an attacker can therefore use an unknown HTTP method, in order to create a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2011-3192

Apache httpd: denial of service via Range or Request-Range

Synthesis of the vulnerability

An attacker can use several parallel queries using Range or Request-Range, in order to progressively use the available memory.
Impacted products: Apache httpd, CheckPoint Endpoint Security, IPSO, CheckPoint Security Gateway, CiscoWorks, Nexus by Cisco, NX-OS, Debian, BIG-IP Hardware, TMOS, Fedora, OpenView, OpenView NNM, HP-UX, Junos Space, Junos Space Network Management Platform, Mandriva Linux, ePO, OpenSolaris, openSUSE, Oracle AS, Oracle Fusion Middleware, Solaris, RHEL, Slackware, SLES.
Severity: 2/4.
Consequences: denial of service on service.
Provenance: internet client.
Creation date: 24/08/2011.
Revisions dates: 24/08/2011, 26/08/2011, 14/09/2011.
Identifiers: BID-49303, c02997184, c03011498, c03025215, CERTA-2011-AVI-493, cisco-sa-20110830-apache, CVE-2011-3192, DSA-2298-1, DSA-2298-2, FEDORA-2011-12715, HPSBMU02704, HPSBUX02702, HPSBUX02707, KB73310, MDVSA-2011:130, MDVSA-2011:130-1, openSUSE-SU-2011, openSUSE-SU-2011:0993-1, PSN-2013-02-846, RHSA-2011:1245-01, RHSA-2011:1294-01, RHSA-2011:1300-01, RHSA-2011:1329-01, RHSA-2011:1330-01, RHSA-2011:1369-01, sk65222, SSA:2011-252-01, SSRT100606, SSRT100619, SSRT100626, SUSE-SU-2011:1000-1, SUSE-SU-2011:1007-1, SUSE-SU-2011:1010-1, SUSE-SU-2011:1215-1, SUSE-SU-2011:1216-1, VIGILANCE-VUL-10944, VU#405811.

Description of the vulnerability

The Range header defined in the HTTP protocol indicates a byte range that server should return. For example, to obtain byte between 10 to 30 and 50 to 60:
  Range: bytes=10-30,50-60
The Request-Range header is the obsolete name of Range.

Apache processes the following objects:
 - bucket: an abstract storage area (memory, file, etc.).
 - brigade: a chained list of buckets

When Apache httpd receives a query containing the Range header, it stores each range in a brigade. However, if the range list is large, this brigade consumes a lot of memory.

An attacker can therefore use several parallel queries using Range or Request-Range, in order to progressively use the available memory.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2011-0419

Apache APR, httpd: denial of service via apr_fnmatch

Synthesis of the vulnerability

An attacker can create a denial of service in applications using apr_fnmatch of APR. When mod_autoindex is activated in Apache httpd, a remote attacker can employ a special request in order to create a denial of service.
Impacted products: APR-core, APR-util, Apache httpd, Debian, BIG-IP Hardware, TMOS, OpenView, OpenView NNM, HP-UX, Junos Space, Junos Space Network Management Platform, NSM Central Manager, NSMXpress, Mandriva Linux, NLD, OpenSolaris, openSUSE, Solaris, Trusted Solaris, RHEL, JBoss EAP by Red Hat, Slackware, SUSE Linux Enterprise Desktop, SLES.
Severity: 3/4.
Consequences: denial of service on server.
Provenance: internet client.
Creation date: 12/05/2011.
Revisions dates: 12/05/2011, 13/05/2011.
Identifiers: 703390, c02997184, c03011498, c03025215, CERTA-2011-AVI-296, CERTA-2011-AVI-309, CERTA-2011-AVI-515, CERTA-2011-AVI-618, CERTA-2013-AVI-243, CVE-2011-0419, DSA-2237-1, DSA-2237-2, HPSBMU02704, HPSBUX02702, HPSBUX02707, MDVSA-2011:084, openSUSE-SU-2011:0859-1, PSN-2012-11-767, PSN-2013-02-846, RHSA-2011:0507-01, RHSA-2011:0896-01, RHSA-2011:0897-01, SOL15920, SSA:2011-133-01, SSRT100606, SSRT100619, SSRT100626, SUSE-SU-2011:0763-1, SUSE-SU-2011:0763-2, SUSE-SU-2011:0797-1, SUSE-SU-2011:1229-1, VIGILANCE-VUL-10645.

Description of the vulnerability

The APR (Apache Portable Runtime) is a software library for the Apache web server making it portable when some features are not included in the operating system.

The apr_fnmatch() function of the APR library defines in "strings/apr_fnmatch.c" permit to check if a file name contains a shell pattern, such as "file*.txt". This function implements a recursive algorithm. However, if the search pattern contains many '*', the function is then called recursively many times, and consumes resources.

The Apache httpd mod_autoindex module generates index pages of directories.

The apr_fnmatch() function of the APR library is used by mod_autoindex for index generation corresponding to a model/filter. However when a directory contains long filenames is indexed by mod_autoindex, the apr_fnmatch() function consumes many resources, this causes a denial of service.

An attacker can therefore create a denial of service in applications using apr_fnmatch of APR.
When mod_autoindex is activated in Apache httpd, a remote attacker can therefore employ a special request in order to create a denial of service.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Juniper Junos Space Service Insight: