New Search

HP-UX Apache Web Server Remote Denial of Service (DoS)

oval:org.mitre.oval:def:14804

Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18 and in fnmatch.c in libc in NetBSD 5.1 OpenBSD 4.8 FreeBSD Apple Mac OS X 10.6 Oracle Solaris 10 and Android allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument as demonstrated by attacks against mod_autoindex in httpd.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • HP-UX 11
Class:
vulnerability
Reference(s):
  • CVE-2011-0419
Product(s):