FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2010-1623

This CVE name corresponds to:

Entered	Topic
2010-10-06	apr -- multiple vunerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2010-1623 at cve.mitre.org

Details

Type	Candidate
Name	CVE-2010-1623
Phase	Assigned(20100429)

Description

Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the destruction of an APR bucket.

References

Source	Reference
CONFIRM	http://security-tracker.debian.org/tracker/CVE-2010-1623
CONFIRM	http://svn.apache.org/viewvc?view=revision&revision=1003492
CONFIRM	http://svn.apache.org/viewvc?view=revision&revision=1003493
CONFIRM	http://svn.apache.org/viewvc?view=revision&revision=1003494
CONFIRM	http://svn.apache.org/viewvc?view=revision&revision=1003495
CONFIRM	http://svn.apache.org/viewvc?view=revision&revision=1003626
CONFIRM	http://www.apache.org/dist/apr/CHANGES-APR-UTIL-1.3
CONFIRM	http://blogs.sun.com/security/entry/cve_2010_1623_memory_leak
AIXAPAR	PM23263
AIXAPAR	PM31601
FEDORA	FEDORA-2010-15916
FEDORA	FEDORA-2010-15953
MANDRIVA	MDVSA-2010:192
REDHAT	RHSA-2010:0950
REDHAT	RHSA-2011:0896
REDHAT	RHSA-2011:0897
SLACKWARE	SSA:2011-041-01
SUSE	SUSE-SU-2011:1229
UBUNTU	USN-1021-1
UBUNTU	USN-1022-1
BID	43673
OVAL	oval:org.mitre.oval:def:12800
SECUNIA	41701
SECUNIA	42015
SECUNIA	42361
SECUNIA	42367
SECUNIA	42403
SECUNIA	42537
SECUNIA	43211
SECUNIA	43285
VUPEN	ADV-2010-2556
VUPEN	ADV-2010-2557
VUPEN	ADV-2010-2806
VUPEN	ADV-2010-3064
VUPEN	ADV-2010-3065
VUPEN	ADV-2010-3074
VUPEN	ADV-2011-0358