CVE-2011-1928

apr: DoS flaw in apr_fnmatch() due to fix for CVE-2011-0419

Severity Score

4.3

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service (infinite loop) via a URI that does not match unspecified types of wildcard patterns, as demonstrated by attacks against mod_autoindex in httpd when a /*/WEB-INF/ configuration pattern is used. NOTE: this issue exists because of an incorrect fix for CVE-2011-0419.

La implementación de fnmatch de apr_fnmatch.c de la librería Apache Portable Runtime (APR) 1.4.3 y 1.4.4, y el servidor Apache HTTP 2.2.18, permite a atacantes remotos provocar una denegación de servicio (bucle infinito) a través de una URI que no encaja en tipos de patrones de comodines sin especificar. Como se ha demostrado en ataques contra mod_autoindex en httpd cuando un patrón de configuración /*/WEB-INF/ es utilizado. NOTA: esta vulnerabilidad existe debido a una solución incorrecta a CVE-2011-0419.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

Attack Vector

Network

Attack Complexity

High

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2011-05-09 CVE Reserved
2011-05-20 CVE Published
2023-11-08 EPSS Updated
2024-08-06 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-399: Resource Management Errors

CAPEC

References (19)

URL	Tag	Source
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=627182	X_refsource_confirm
http://mail-archives.apache.org/mod_mbox/httpd-announce/201105.mbox/%3C4DD55092.3030403%40apache.org%3E	Mailing List
http://mail-archives.apache.org/mod_mbox/www-announce/201105.mbox/%3c4DD55076.1060005%40apache.org%3e	Mailing List
http://openwall.com/lists/oss-security/2011/05/19/10	Mailing List
http://openwall.com/lists/oss-security/2011/05/19/5	Mailing List
http://secunia.com/advisories/44613	Third Party Advisory
http://secunia.com/advisories/44780	Third Party Advisory
http://secunia.com/advisories/48308	Third Party Advisory
https://issues.apache.org/bugzilla/show_bug.cgi?id=51219	X_refsource_confirm

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html	2023-11-07
http://marc.info/?l=bugtraq&m=134987041210674&w=2	2023-11-07
http://secunia.com/advisories/44558	2023-11-07
http://secunia.com/advisories/44661	2023-11-07
http://www.mandriva.com/security/advisories?name=MDVSA-2011:095	2023-11-07
http://www.redhat.com/support/errata/RHSA-2011-0844.html	2023-11-07
http://www.vupen.com/english/advisories/2011/1289	2023-11-07
http://www.vupen.com/english/advisories/2011/1290	2023-11-07
https://access.redhat.com/security/cve/CVE-2011-1928	2011-05-31
https://bugzilla.redhat.com/show_bug.cgi?id=706203	2011-05-31

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Apache Search vendor "Apache"		Apr-util Search vendor "Apache" for product "Apr-util"				1.4.3 Search vendor "Apache" for product "Apr-util" and version "1.4.3"		-		Affected
Apache Search vendor "Apache"		Apr-util Search vendor "Apache" for product "Apr-util"				1.4.4 Search vendor "Apache" for product "Apr-util" and version "1.4.4"		-		Affected
Apache Search vendor "Apache"		Http Server Search vendor "Apache" for product "Http Server"				2.2.18 Search vendor "Apache" for product "Http Server" and version "2.2.18"		-		Affected