CVE-2010-1623

Description

Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the destruction of an APR bucket.

Related CPE's

aapacheapr-util1.3.6*******

aapacheapr-util1.2.13*******

aapacheapr-util1.3.3*******

aapacheapr-util0.9.11*******

aapacheapr-util0.9.9*******

aapacheapr-util1.2.7*******

aapacheapr-util0.9.13*******

aapacheapr-util1.2.8*******

aapacheapr-util1.2.2*******

aapacheapr-util1.3.0*******

References

http://security-tracker.debian.org/tracker/CVE-2010-1623

http://svn.apache.org/viewvc?view=revision&revision=1003495

Patch

http://svn.apache.org/viewvc?view=revision&revision=1003492

Patch

MDVSA-2010:192

ADV-2010-2556

PatchVendor Advisory

http://svn.apache.org/viewvc?view=revision&revision=1003494

Patch

http://svn.apache.org/viewvc?view=revision&revision=1003493

Patch

ADV-2010-2557

Vendor Advisory

http://svn.apache.org/viewvc?view=revision&revision=1003626

Patch

43673

41701

Vendor Advisory

http://www.apache.org/dist/apr/CHANGES-APR-UTIL-1.3

FEDORA-2010-15953

FEDORA-2010-15916

ADV-2010-2806

Vendor Advisory

42015

Vendor Advisory

42361

Vendor Advisory

USN-1021-1

http://blogs.sun.com/security/entry/cve_2010_1623_memory_leak

42403

Vendor Advisory

42367

Vendor Advisory

USN-1022-1

ADV-2010-3074

Vendor Advisory

42537

Vendor Advisory

ADV-2010-3065

Vendor Advisory

RHSA-2010:0950

Vendor Advisory

ADV-2010-3064

Vendor Advisory

ADV-2011-0358

Vendor Advisory

43285

Vendor Advisory

SSA:2011-041-01

PM23263

43211

Vendor Advisory

RHSA-2011:0897

Vendor Advisory

RHSA-2011:0896

Vendor Advisory

SUSE-SU-2011:1229

HPSBUX02645

oval:org.mitre.oval:def:12800

[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/

[httpd-cvs] 20210330 svn commit: r1888194 [7/13] - /httpd/site/trunk/content/security/json/

[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/

[httpd-cvs] 20210330 svn commit: r1073139 [7/13] - in /websites/staging/httpd/trunk/content: ./ security/json/

[httpd-cvs] 20210330 svn commit: r1073149 [7/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/

[httpd-cvs] 20210603 svn commit: r1075360 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/

[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html

[httpd-cvs] 20210603 svn commit: r1075360 [1/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

[httpd-cvs] 20210606 svn commit: r1075467 [1/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

[httpd-cvs] 20210606 svn commit: r1075467 [2/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

CvssV3 impact

Could not find any metrics

CvssV2 impact

Version

2.0

VectorString

AV:N/AC:L/Au:N/C:N/I:N/A:P

AccessVector

NETWORK

AccessComplexity

LOW

Authentication

NONE

ConfidentialityImpact

NONE

IntegrityImpact

NONE

AvailabilityImpact

PARTIAL

BaseScore

5

Created by Yello
About Severity.io