CVE-2011-3348 – httpd: mod_proxy_ajp remote temporary DoS
https://notcve.org/view.php?id=CVE-2011-3348
The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary "error state" in the backend server) via a malformed HTTP request. El módulo mod_proxy_ajp en el Apache HTTP Server antes de v2.2.21, cuando se usa con mod_proxy_balancer en algunas configuraciones, permite a atacantes remotos provocar una denegación de servicio ("error state" temporal en el "back-end" del servidor) a través de una petición HTTP mal formada. • http://community.jboss.org/message/625307 http://httpd.apache.org/security/vulnerabilities_22.html#2.2.21 http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html http://marc.info/?l=bugtraq&m=131731002122529&w=2 http://marc.info/?l=bugtraq&m=132033751509019&w=2 http://rhn.redhat.com/errata/RHSA-2012-0542.html http://rhn.redhat.com/errata/RHSA-2012-0543.html http://secunia.com/advisories/46013 http://support.apple.com/kb/HT5130 http://www.apache • CWE-400: Uncontrolled Resource Consumption •
CVE-2011-3192 – Apache - Denial of Service
https://notcve.org/view.php?id=CVE-2011-3192
The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086. El filtro byterange en el Servidor Apache HTTP v1.3.x, v2.0.x hasta v2.0.64, y v2.2.x hasta v2.2.19 permite a tacantes remotos provocar una denegación de servicio (consumo de memoria y CPU) a través de una cabecera Range que expresa múltiple rangos de solapamiento, como se explotó en Agosto 2011, una vulnerabilidad diferente que CVE-2007-0086. • https://www.exploit-db.com/exploits/18221 https://www.exploit-db.com/exploits/17696 https://github.com/limkokholefork/CVE-2011-3192 https://github.com/futurezayka/CVE-2011-3192 http://archives.neohapsis.com/archives/fulldisclosure/2011-08/0285.html http://blogs.oracle.com/security/entry/security_alert_for_cve_2011 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00006.html http://lists.opensuse. • CWE-400: Uncontrolled Resource Consumption •
CVE-2011-0419 – Apache 1.4/2.2.x - APR 'apr_fnmatch()' Denial of Service
https://notcve.org/view.php?id=CVE-2011-0419
Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd. Vulnerabilidad de agotamiento de pila en la función fnmatch implementada en apr_fnmatch.c en la librería de Apache Portable Runtime (APR) anterior a v1.4.3 y en Apache HTTP Server anterior a v2.2.18, y en fnmatch.c en libc en NetBSD v5.1, OpenBSD v4.8, FreeBSD, Apple Mac OS X v10.6, Oracle Solaris 10, y Android permite a atacantes dependientes de contexto provocar una denegación de servicio (consumo de CPU y memoria) a través de secuencias "*?" en el primer argumento, como se demostró con los ataques contra mod_autoindex en httpd. • https://www.exploit-db.com/exploits/35738 http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/fnmatch.c#rev1.22 http://cxib.net/stuff/apache.fnmatch.phps http://cxib.net/stuff/apr_fnmatch.txts http://httpd.apache.org/security/vulnerabilities_22.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html http://marc.info/?l=bugtraq&m=131551295528105&w=2 http://marc.info/ • CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2010-1623 – apr-util: high memory consumption in apr_brigade_split_line()
https://notcve.org/view.php?id=CVE-2010-1623
Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the destruction of an APR bucket. Pérdida de memoria en la función apr_brigade_split_line en buckets/apr_brigade.c en la biblioteca Apache Portable Runtime Utility (también conocida como APR-util) en versiones anteriores a 1.3.10, como es usada en el módulo mod_reqtimeout en Apache HTTP Server y otro software, permite a atacantes remotos provocar una denegación de servicio (consumo de memoria) a través de vectores no especificados relacionados con la destrucción de un cubo APR. • http://blogs.sun.com/security/entry/cve_2010_1623_memory_leak http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049885.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049939.html http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html http://marc.info/?l=bugtraq&m=130168502603566&w=2 http://secunia.com/advisories/41701 http://secunia.com/advisories/42015 http://secunia.com/advisories/42361 http://secunia.com/advisories/4236 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2010-2791 – httpd: Reverse proxy sends wrong responses after time-outs
https://notcve.org/view.php?id=CVE-2010-2791
mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request. NOTE: this is the same issue as CVE-2010-2068, but for a different OS and set of affected versions. mod_proxy en httpd del servidor HTTP Apache v2.2.9, cuando se ejecuta en Unix, no cierra la conexión interna si se produce un fin de tiempo de espera al leer una respuesta de una conexión persistente, lo que permite a atacantes remotos obtener una respuesta potencialmente sensibles, destinada a un cliente diferente en circunstancias oportunistas a través de una petición HTTP normal. NOTA: este es el mismo problema que CVE-2010-2068, pero para un Sistema Operativo diferente y un conjunto de versiones afectadas. • http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.openwall.com/lists/oss-security/2010/07/30/1 http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html http://www.redhat.com/support/errata/RHSA-2010-0659.html http://www.securityfocus.com/bid/42102 https://exchange.xforce.ibmcloud.com/vulnerabilities/60883 https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •