CVE-2010-1623medium
Description
Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the destruction of an APR bucket.
References
http://security-tracker.debian.org/tracker/CVE-2010-1623
http://svn.apache.org/viewvc?view=revision&revision=1003495
http://svn.apache.org/viewvc?view=revision&revision=1003492
http://www.mandriva.com/security/advisories?name=MDVSA-2010:192
http://www.vupen.com/english/advisories/2010/2556
http://svn.apache.org/viewvc?view=revision&revision=1003494
http://svn.apache.org/viewvc?view=revision&revision=1003493
http://www.vupen.com/english/advisories/2010/2557
http://svn.apache.org/viewvc?view=revision&revision=1003626
http://www.securityfocus.com/bid/43673
http://secunia.com/advisories/41701
http://www.apache.org/dist/apr/CHANGES-APR-UTIL-1.3
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049885.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049939.html
http://www.vupen.com/english/advisories/2010/2806
http://secunia.com/advisories/42015
http://secunia.com/advisories/42361
http://ubuntu.com/usn/usn-1021-1
http://blogs.sun.com/security/entry/cve_2010_1623_memory_leak
http://secunia.com/advisories/42403
http://secunia.com/advisories/42367
http://www.ubuntu.com/usn/USN-1022-1
http://www.vupen.com/english/advisories/2010/3074
http://secunia.com/advisories/42537
http://www.vupen.com/english/advisories/2010/3065
http://www.redhat.com/support/errata/RHSA-2010-0950.html
http://www.vupen.com/english/advisories/2010/3064
http://www.vupen.com/english/advisories/2011/0358
http://secunia.com/advisories/43285
http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.627828
http://www-01.ibm.com/support/docview.wss?uid=swg1PM31601
http://secunia.com/advisories/43211
http://www.redhat.com/support/errata/RHSA-2011-0897.html
http://www.redhat.com/support/errata/RHSA-2011-0896.html
http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html
http://marc.info/?l=bugtraq&m=130168502603566&w=2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12800
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E