DOCUMENTATION

Views

Search

Toolbox

Advisories:rPSA-2009-0144

From rPath Wiki

Jump to: navigation, search

rPath Security Advisory 2009-0144-1

Published: 2009-11-12

Products

rPath Appliance Platform Linux Service 1
rPath Appliance Platform Linux Service 2
rPath Linux 1
rPath Linux 2

Rating

Major

Exposure Level Classification

Remote User Deterministic Denial of Service

Updated Versions

apr-util=conary.rpath.com@rpl:1/0.9.7-1.4-1
apr-util=conary.rpath.com@rpl:2/1.2.12-2.4-1
apr-util=rap-emc.rpath.com@rpath:emc-production-1/0.9.7-4-1
apr-util=rap-emc.rpath.com@rpath:emc-production-2/1.2.12-6-1

rPath Issue Tracking System

RPL-3058

References

CVE-2009-0023

Description

Previous versions of apr-util contain a vulnerability which can allow

remote attackers to crash an Apache HTTP Server by triggering a

heap-based buffer underflow. This vulnerability only exists when

.htaccess files are used, or when a module linked to libaprutil is used.

Copyright 2009 rPath, Inc. This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html

Retrieved from "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0144"

Categories: Support Issue | Advisories