CVE-2009-1955

Properties

Published:
06.06.2009
Updated:
30.06.2009
Patch available:
Severity:
Medium
CVSS vector:
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Product:
apache: http_server
apache: apr-util
apache: apr-util
apache: apr-util
apache: apr-util
apache: apr-util
apache: apr-util
apache: apr-util
apache: apr-util
apache: apr-util
apache: apr-util
apache: apr-util
apache: apr-util
apache: apr-util
apache: apr-util
apache: apr-util
apache: apr-util
apache: apr-util
apache: apr-util
apache: apr-util
apache: apr-util
apache: apr-util
apache: apr-util

Vulnerability description

The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, as demonstrated by a PROPFIND request, a similar issue to CVE-2003-1564.

References:

DEBIAN: http://www.debian.org/security/2009/dsa-1812
CONFIRM: http://www.apache.org/dist/apr/CHANGES-APR-UTIL-1.3
MLIST: http://marc.info/?l=apr-dev&m=124396021826125&w=2
UBUNTU: http://www.ubuntu.com/usn/usn-787-1
UBUNTU: http://www.ubuntu.com/usn/usn-786-1
BID: http://www.securityfocus.com/bid/35253
REDHAT: http://www.redhat.com/support/errata/RHSA-2009-1108.html
REDHAT: http://www.redhat.com/support/errata/RHSA-2009-1107.html
MLIST: http://www.openwall.com/lists/oss-security/2009/06/03/4
MILW0RM: http://www.milw0rm.com/exploits/8842
MANDRIVA: http://www.mandriva.com/security/advisories?name=MDVSA-2009:131
CONFIRM: http://svn.apache.org/viewvc?view=rev&revision=781403
SLACKWARE: http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.538210
SECUNIA: http://secunia.com/advisories/35487
SECUNIA: http://secunia.com/advisories/35444
SECUNIA: http://secunia.com/advisories/35395
SECUNIA: http://secunia.com/advisories/35360
SECUNIA: http://secunia.com/advisories/35284
SECUNIA: http://secunia.com/advisories/34724