FreeBSD : apache -- apr_uri_parse IPv6 address handling vulnerability (762d1c6d-0722-11d9-b45d-000c41e2cdad)
Medium Nessus Plugin ID 37109
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionThe Apache Software Foundation Security Team discovered a programming error in the apr-util library function apr_uri_parse. When parsing IPv6 literal addresses, it is possible that a length is incorrectly calculated to be negative, and this value is passed to memcpy. This may result in an exploitable vulnerability on some platforms, including FreeBSD.
SolutionUpdate the affected package.