apache/apr-util: The latest CVE Vulnerabilities and Exploits for Penetration Test

 

Page content

apache/apr-util Vulnerability Summary

  • Vendor name: apache
  • Product name: apr-util
  • Total vulnerabilities: 6 (as 2023-05-04)

apache/apr-util Vulnerability List

CVE-2011-1928: The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3…

Published: 2011-05-24T23:55:00 Last Modified: 2018-01-06T02:29:00

Summary

The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service (infinite loop) via a URI that does not match unspecified types of wildcard patterns, as demonstrated by attacks against mod_autoindex in httpd when a /*/WEB-INF/ configuration pattern is used. NOTE: this issue exists because of an incorrect fix for CVE-2011-0419.

Common Weakness Enumeration (CWE): CWE-399: Resource Management Errors

CWE Description: This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree.

Scores

  • Impact Score: 2.9
  • Exploitability Score: 8.6
  • CVSS: 4.3
  • CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Impact

  • Availability: PARTIAL
  • Confidentiality: NONE
  • Integrity: NONE

Access

  • Authentication: NONE
  • Complexity: MEDIUM
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2011-1928 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2010-1623: Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache…

Published: 2010-10-04T21:00:00 Last Modified: 2021-06-06T11:15:00

Summary

Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the destruction of an APR bucket.

Common Weakness Enumeration (CWE): CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE Description: The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Scores

  • Impact Score: 2.9
  • Exploitability Score: 10.0
  • CVSS: 5.0
  • CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact

  • Availability: PARTIAL
  • Confidentiality: NONE
  • Integrity: NONE

Access

  • Authentication: NONE
  • Complexity: LOW
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2010-1623 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2009-2412: Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable…

Published: 2009-08-06T15:30:00 Last Modified: 2021-06-06T11:15:00

Summary

Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger crafted calls to the (1) allocator_alloc or (2) apr_palloc function in memory/unix/apr_pools.c in APR; or crafted calls to the (3) apr_rmm_malloc, (4) apr_rmm_calloc, or (5) apr_rmm_realloc function in misc/apr_rmm.c in APR-util; leading to buffer overflows. NOTE: some of these details are obtained from third party information.

Common Weakness Enumeration (CWE): CWE-189: Numeric Errors

CWE Description: Weaknesses in this category are related to improper calculation or conversion of numbers.

Scores

  • Impact Score: 10.0
  • Exploitability Score: 10.0
  • CVSS: 10.0
  • CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Impact

  • Availability: COMPLETE
  • Confidentiality: COMPLETE
  • Integrity: COMPLETE

Access

  • Authentication: NONE
  • Complexity: LOW
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2009-2412 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2009-0023: The apr_strmatch_precompile function in strmatch/apr_strmatch.c in Apache APR-util before 1.3.5…

Published: 2009-06-08T01:00:00 Last Modified: 2021-06-06T11:15:00

Summary

The apr_strmatch_precompile function in strmatch/apr_strmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service (daemon crash) via crafted input involving (1) a .htaccess file used with the Apache HTTP Server, (2) the SVNMasterURI directive in the mod_dav_svn module in the Apache HTTP Server, (3) the mod_apreq2 module for the Apache HTTP Server, or (4) an application that uses the libapreq2 library, which triggers a heap-based buffer underflow.

Common Weakness Enumeration (CWE): CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE Description: The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Scores

  • Impact Score: 2.9
  • Exploitability Score: 8.6
  • CVSS: 4.3
  • CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Impact

  • Availability: PARTIAL
  • Confidentiality: NONE
  • Integrity: NONE

Access

  • Authentication: NONE
  • Complexity: MEDIUM
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2009-0023 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2009-1955: The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7,…

Published: 2009-06-08T01:00:00 Last Modified: 2021-06-06T11:15:00

Summary

The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, as demonstrated by a PROPFIND request, a similar issue to CVE-2003-1564.

Scores

  • Impact Score: 2.9
  • Exploitability Score: 10.0
  • CVSS: 5.0
  • CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact

  • Availability: PARTIAL
  • Confidentiality: NONE
  • Integrity: NONE

Access

  • Authentication: NONE
  • Complexity: LOW
  • Vector: NETWORK

Exploits Database (Total Exploits Count: 1)

Code designed for conducting penetration testing on CVE-2009-1955 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache

CVE-2009-1956: Off-by-one error in the apr_brigade_vprintf function in Apache APR-util before 1.3.5 on big-…

Published: 2009-06-08T01:00:00 Last Modified: 2021-06-06T11:15:00

Summary

Off-by-one error in the apr_brigade_vprintf function in Apache APR-util before 1.3.5 on big-endian platforms allows remote attackers to obtain sensitive information or cause a denial of service (application crash) via crafted input.

Common Weakness Enumeration (CWE): CWE-189: Numeric Errors

CWE Description: Weaknesses in this category are related to improper calculation or conversion of numbers.

Scores

  • Impact Score: 4.9
  • Exploitability Score: 10.0
  • CVSS: 6.4
  • CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P

Impact

  • Availability: PARTIAL
  • Confidentiality: PARTIAL
  • Integrity: NONE

Access

  • Authentication: NONE
  • Complexity: LOW
  • Vector: NETWORK

Currently, there is no code for exploiting the CVE-2009-1956 vulnerability.

References

See also: All popular products CVE Vulnerabilities of apache