Executive Summary
Informations | |||
---|---|---|---|
Name | MDVSA-2009:195-1 | First vendor Publication | 2009-08-06 |
Vendor | Mandriva | Last vendor Modification | 2009-08-06 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A vulnerability has been identified and corrected in apr and apr-util: Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger crafted calls to the (1) allocator_alloc or (2) apr_palloc function in memory/unix/apr_pools.c in APR; or crafted calls to the (3) apr_rmm_malloc, (4) apr_rmm_calloc, or (5) apr_rmm_realloc function in misc/apr_rmm.c in APR-util; leading to buffer overflows. NOTE: some of these details are obtained from third party information (CVE-2009-2412). This update provides fixes for these vulnerabilities. Update: apr-util packages were missing for Mandriva Enterprise Server 5 i586, this has been adressed with this update. |
Original Source
Url : http://www.mandriva.com/security/advisories?name=MDVSA-2009:195-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:13483 | |||
Oval ID: | oval:org.mitre.oval:def:13483 | ||
Title: | USN-813-3 -- apr-util vulnerability | ||
Description: | USN-813-1 fixed vulnerabilities in apr. This update provides the corresponding updates for apr-util. Original advisory details: Matt Lewis discovered that apr did not properly sanitize its input when allocating memory. If an application using apr processed crafted input, a remote attacker could cause a denial of service or potentially execute arbitrary code as the user invoking the application. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-813-3 CVE-2009-2412 | Version: | 5 |
Platform(s): | Ubuntu 8.10 Ubuntu 8.04 Ubuntu 9.04 | Product(s): | apr-util |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13834 | |||
Oval ID: | oval:org.mitre.oval:def:13834 | ||
Title: | USN-813-2 -- apache2 vulnerability | ||
Description: | USN-813-1 fixed vulnerabilities in apr. This update provides the corresponding updates for apr as provided by Apache on Ubuntu 6.06 LTS. Original advisory details: Matt Lewis discovered that apr did not properly sanitize its input when allocating memory. If an application using apr processed crafted input, a remote attacker could cause a denial of service or potentially execute arbitrary code as the user invoking the application. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-813-2 CVE-2009-2412 | Version: | 5 |
Platform(s): | Ubuntu 6.06 | Product(s): | apache2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13883 | |||
Oval ID: | oval:org.mitre.oval:def:13883 | ||
Title: | USN-813-1 -- apr vulnerability | ||
Description: | Matt Lewis discovered that apr did not properly sanitize its input when allocating memory. If an application using apr processed crafted input, a remote attacker could cause a denial of service or potentially execute arbitrary code as the user invoking the application. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-813-1 CVE-2009-2412 | Version: | 5 |
Platform(s): | Ubuntu 8.10 Ubuntu 8.04 Ubuntu 9.04 | Product(s): | apr |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22798 | |||
Oval ID: | oval:org.mitre.oval:def:22798 | ||
Title: | ELSA-2009:1204: apr and apr-util security update (Moderate) | ||
Description: | Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger crafted calls to the (1) allocator_alloc or (2) apr_palloc function in memory/unix/apr_pools.c in APR; or crafted calls to the (3) apr_rmm_malloc, (4) apr_rmm_calloc, or (5) apr_rmm_realloc function in misc/apr_rmm.c in APR-util; leading to buffer overflows. NOTE: some of these details are obtained from third party information. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2009:1204-01 CVE-2009-2412 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | apr apr-util |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:29077 | |||
Oval ID: | oval:org.mitre.oval:def:29077 | ||
Title: | RHSA-2009:1204 -- apr and apr-util security update (Moderate) | ||
Description: | Updated apr and apr-util packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache Portable Runtime (APR) is a portability library used by the Apache HTTP Server and other projects. It aims to provide a free library of C data structures and routines. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2009:1204 CESA-2009:1204-CentOS 5 CVE-2009-2412 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 4 CentOS Linux 5 | Product(s): | apr apr-util |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8394 | |||
Oval ID: | oval:org.mitre.oval:def:8394 | ||
Title: | Apache APR and APR-util Multiple Integer Overflow Vulnerabilities | ||
Description: | Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger crafted calls to the (1) allocator_alloc or (2) apr_palloc function in memory/unix/apr_pools.c in APR; or crafted calls to the (3) apr_rmm_malloc, (4) apr_rmm_calloc, or (5) apr_rmm_realloc function in misc/apr_rmm.c in APR-util; leading to buffer overflows. NOTE: some of these details are obtained from third party information. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2412 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | Apache |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:9958 | |||
Oval ID: | oval:org.mitre.oval:def:9958 | ||
Title: | Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger crafted calls to the (1) allocator_alloc or (2) apr_palloc function in memory/unix/apr_pools.c in APR; or crafted calls to the (3) apr_rmm_malloc, (4) apr_rmm_calloc, or (5) apr_rmm_realloc function in misc/apr_rmm.c in APR-util; leading to buffer overflows. NOTE: some of these details are obtained from third party information. | ||
Description: | Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger crafted calls to the (1) allocator_alloc or (2) apr_palloc function in memory/unix/apr_pools.c in APR; or crafted calls to the (3) apr_rmm_malloc, (4) apr_rmm_calloc, or (5) apr_rmm_realloc function in misc/apr_rmm.c in APR-util; leading to buffer overflows. NOTE: some of these details are obtained from third party information. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-2412 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2011-08-09 | Name : CentOS Update for apr CESA-2009:1204 centos5 i386 File : nvt/gb_CESA-2009_1204_apr_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for httpd CESA-2009:1205 centos3 i386 File : nvt/gb_CESA-2009_1205_httpd_centos3_i386.nasl |
2010-05-12 | Name : Mac OS X 10.6.2 Update / Mac OS X Security Update 2009-006 File : nvt/macosx_upd_10_6_2_secupd_2009-006.nasl |
2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:314 (apr) File : nvt/mdksa_2009_314.nasl |
2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:199-1 (subversion) File : nvt/mdksa_2009_199_1.nasl |
2009-10-27 | Name : SuSE Security Advisory SUSE-SA:2009:050 (apache2,libapr1) File : nvt/suse_sa_2009_050.nasl |
2009-10-27 | Name : SLES11: Security update for libapr File : nvt/sles11_libapr-util10.nasl |
2009-10-27 | Name : SLES10: Security update for libapr File : nvt/sles10_libapr-util10.nasl |
2009-09-15 | Name : Gentoo Security Advisory GLSA 200909-03 (apr apr-util) File : nvt/glsa_200909_03.nasl |
2009-08-17 | Name : Ubuntu USN-813-3 (apr-util) File : nvt/ubuntu_813_3.nasl |
2009-08-17 | Name : RedHat Security Advisory RHSA-2009:1204 File : nvt/RHSA_2009_1204.nasl |
2009-08-17 | Name : Ubuntu USN-813-2 (apache2) File : nvt/ubuntu_813_2.nasl |
2009-08-17 | Name : Ubuntu USN-813-1 (apr) File : nvt/ubuntu_813_1.nasl |
2009-08-17 | Name : CentOS Security Advisory CESA-2009:1205 (httpd) File : nvt/ovcesa2009_1205.nasl |
2009-08-17 | Name : CentOS Security Advisory CESA-2009:1204 (apr) File : nvt/ovcesa2009_1204.nasl |
2009-08-17 | Name : Mandrake Security Advisory MDVSA-2009:199 (subversion) File : nvt/mdksa_2009_199.nasl |
2009-08-17 | Name : Mandrake Security Advisory MDVSA-2009:195-1 (apr) File : nvt/mdksa_2009_195_1.nasl |
2009-08-17 | Name : Mandrake Security Advisory MDVSA-2009:195 (apr) File : nvt/mdksa_2009_195.nasl |
2009-08-17 | Name : Apache APR and APR-util Multiple Integer Overflow Vulnerabilities File : nvt/gb_apache_apr_n_apr_util_iof_vuln.nasl |
2009-08-17 | Name : FreeBSD Ports: subversion, subversion-freebsd, p5-subversion, py-subversion File : nvt/freebsd_subversion1.nasl |
2009-08-17 | Name : Fedora Core 10 FEDORA-2009-8360 (apr) File : nvt/fcore_2009_8360.nasl |
2009-08-17 | Name : Fedora Core 11 FEDORA-2009-8349 (apr-util) File : nvt/fcore_2009_8349.nasl |
2009-08-17 | Name : Fedora Core 11 FEDORA-2009-8336 (apr) File : nvt/fcore_2009_8336.nasl |
2009-08-17 | Name : Fedora Core 10 FEDORA-2009-8318 (apr-util) File : nvt/fcore_2009_8318.nasl |
2009-08-17 | Name : Debian Security Advisory DSA 1854-1 (apr, apr-util) File : nvt/deb_1854_1.nasl |
2009-08-17 | Name : RedHat Security Advisory RHSA-2009:1205 File : nvt/RHSA_2009_1205.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2009-219-03 apr-util File : nvt/esoft_slk_ssa_2009_219_03.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2009-219-02 apr File : nvt/esoft_slk_ssa_2009_219_02.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
56766 | Apache Portable Runtime (APR-util) memory/unix/apr_pools.c Relocatable Memory... |
56765 | Apache Portable Runtime (APR-util) misc/apr_rmm.c Multiple Function Overflows |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1204.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1205.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090810_httpd_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090810_apr_and_apr_util_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-01-19 | Name : The remote web server is affected by a buffer overflow vulnerability. File : apache_2_2_13.nasl - Type : ACT_GATHER_INFO |
2010-10-20 | Name : The remote web server is affected by multiple vulnerabilities. File : apache_2_0_64.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_libapr-util1-6545.nasl - Type : ACT_GATHER_INFO |
2010-05-04 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12613.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1854.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1204.nasl - Type : ACT_GATHER_INFO |
2009-12-04 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-314.nasl - Type : ACT_GATHER_INFO |
2009-11-09 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_6_2.nasl - Type : ACT_GATHER_INFO |
2009-11-09 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2009-006.nasl - Type : ACT_GATHER_INFO |
2009-10-30 | Name : The remote openSUSE host is missing a security update. File : suse_libapr-util1-6547.nasl - Type : ACT_GATHER_INFO |
2009-10-23 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_libapr-util1-091012.nasl - Type : ACT_GATHER_INFO |
2009-10-23 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_libapr-util1-091011.nasl - Type : ACT_GATHER_INFO |
2009-10-23 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libapr-util1-091011.nasl - Type : ACT_GATHER_INFO |
2009-10-23 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_libapr-util1-6546.nasl - Type : ACT_GATHER_INFO |
2009-09-10 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200909-03.nasl - Type : ACT_GATHER_INFO |
2009-08-11 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-199.nasl - Type : ACT_GATHER_INFO |
2009-08-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1204.nasl - Type : ACT_GATHER_INFO |
2009-08-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1205.nasl - Type : ACT_GATHER_INFO |
2009-08-11 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1205.nasl - Type : ACT_GATHER_INFO |
2009-08-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-813-1.nasl - Type : ACT_GATHER_INFO |
2009-08-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-813-2.nasl - Type : ACT_GATHER_INFO |
2009-08-10 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2009-219-02.nasl - Type : ACT_GATHER_INFO |
2009-08-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-813-3.nasl - Type : ACT_GATHER_INFO |
2009-08-10 | Name : The remote Fedora host is missing a security update. File : fedora_2009-8360.nasl - Type : ACT_GATHER_INFO |
2009-08-10 | Name : The remote Fedora host is missing a security update. File : fedora_2009-8349.nasl - Type : ACT_GATHER_INFO |
2009-08-10 | Name : The remote Fedora host is missing a security update. File : fedora_2009-8336.nasl - Type : ACT_GATHER_INFO |
2009-08-10 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2009-219-03.nasl - Type : ACT_GATHER_INFO |
2009-08-07 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-195.nasl - Type : ACT_GATHER_INFO |
2009-08-07 | Name : The remote Fedora host is missing a security update. File : fedora_2009-8318.nasl - Type : ACT_GATHER_INFO |