expat DoS

Return-Path: Delivered-To: apmail-httpd-cvs-archive@www.apache.org Received: (qmail 16835 invoked from network); 20 Oct 2010 12:11:25 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 20 Oct 2010 12:11:25 -0000 Received: (qmail 13245 invoked by uid 500); 20 Oct 2010 12:11:25 -0000 Delivered-To: apmail-httpd-cvs-archive@httpd.apache.org Received: (qmail 13134 invoked by uid 500); 20 Oct 2010 12:11:24 -0000 Mailing-List: contact cvs-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list cvs@httpd.apache.org Received: (qmail 13124 invoked by uid 99); 20 Oct 2010 12:11:24 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 20 Oct 2010 12:11:24 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 20 Oct 2010 12:11:20 +0000 Received: by eris.apache.org (Postfix, from userid 65534) id A31F623888DD; Wed, 20 Oct 2010 12:10:22 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: svn commit: r1025526 - in /httpd/site/trunk/docs/security: vulnerabilities-oval.xml vulnerabilities_20.html vulnerabilities_22.html Date: Wed, 20 Oct 2010 12:10:22 -0000 To: cvs@httpd.apache.org From: mjc@apache.org X-Mailer: svnmailer-1.0.8 Message-Id: <20101020121022.A31F623888DD@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: mjc Date: Wed Oct 20 12:10:22 2010 New Revision: 1025526 URL: http://svn.apache.org/viewvc?rev=1025526&view=rev Log: Make pages with updates Modified: httpd/site/trunk/docs/security/vulnerabilities-oval.xml httpd/site/trunk/docs/security/vulnerabilities_20.html httpd/site/trunk/docs/security/vulnerabilities_22.html Modified: httpd/site/trunk/docs/security/vulnerabilities-oval.xml URL: http://svn.apache.org/viewvc/httpd/site/trunk/docs/security/vulnerabilities-oval.xml?rev=1025526&r1=1025525&r2=1025526&view=diff ============================================================================== --- httpd/site/trunk/docs/security/vulnerabilities-oval.xml (original) +++ httpd/site/trunk/docs/security/vulnerabilities-oval.xml Wed Oct 20 12:10:22 2010 @@ -5,6 +5,194 @@ 2005-10-12T18:13:45 + + +expat DoS + + +A buffer over-read flaw was found in the bundled expat +library. An attacker who is able to get Apache to parse +an untrused XML document (for example through mod_dav) may +be able to cause a crash. This crash would only +be a denial of service if using the worker MPM. + + +20090117 +20090821 +20101019 +low + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +expat DoS + + +A buffer over-read flaw was found in the bundled expat +library. An attacker who is able to get Apache to parse +an untrused XML document (for example through mod_dav) may +be able to cause a crash. This crash would only +be a denial of service if using the worker MPM. + + +20091202 + +20101019 +low + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +apr_bridage_split_line DoS + + +A flaw was found in the apr_brigade_split_line() function of the bundled +APR-util library, used to process non-SSL requests. A remote attacker +could send carefully crafted requests which would slowly consume +memory, potentially leading to a denial of service. + + +20101001 +20100303 +20101019 +low + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + mod_cache and mod_dav DoS @@ -3715,6 +3903,10 @@ a constant rate, since the attacker has + +