F5 Networks BIG-IP : Apache vulnerability (SOL15902)
Medium Nessus Plugin ID 85946
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionMemory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the destruction of an APR bucket.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution SOL15902.