APR "apr_fnmatch()" Denial of Service Vulnerability
Bug #871673 reported by
Gabrieli Gianpietro
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| apache2 (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
| apr (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Bug Description
The vulnerability is caused by an infinite recursion error within the "apr_fnmatch()" function when processing certain patterns. This can be exploited to cause a stack overflow via a specially crafted request containing wildcard characters (e.g. "*").
CVE References
Revision history for this message
| Steve Beattie (sbeattie) wrote | #1 |
| Changed in apache2 (Ubuntu): | |
| status: | New → Invalid |
| Changed in apr (Ubuntu): | |
| status: | New → Fix Released |
| visibility: | private → public |
To post a comment you must log in.
Thanks for reporting this issue, which is CVE-2011-0419. It's a vulnerability in apache's apr library, which in Ubuntu is shipped in the separate 'apr' source package, and the apache packages links against it. It was addressed in USN-1134-1 <http://