CVE-2009-1955

Severity

78%

Complexity

99%

Confidentiality

115%

The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, as demonstrated by a PROPFIND request, a similar issue to CVE-2003-1564.

The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, as demonstrated by a PROPFIND request, a similar issue to CVE-2003-1564.

CVSS 2.0 Base Score 7.8. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:C).

Overview

Type

Apache Software Foundation Apache

First reported 15 years ago

2009-06-08 01:00:00

Last updated 6 years ago

2018-10-10 19:39:00

Affected Software

Apache Software Foundation Apache Portable Runtime Utility library (aka APR-util) 0.9.1

0.9.1

Apache Software Foundation Apache Portable Runtime Utility library (aka APR-util) 0.9.2

0.9.2

Apache Software Foundation Apache Portable Runtime Utility library (aka APR-util) 0.9.3

0.9.3

Apache Software Foundation Apache Portable Runtime Utility library (aka APR-util) 0.9.4

0.9.4

Apache Software Foundation Apache Portable Runtime Utility library (aka APR-util) 0.9.5

0.9.5

Apache Software Foundation Apache Portable Runtime Utility library (aka APR-util) 1.0

1.0

Apache Software Foundation Apache Portable Runtime Utility library (aka APR-util) 1.0.1

1.0.1

Apache Software Foundation Apache Portable Runtime Utility library (aka APR-util) 1.0.2

1.0.2

Apache Software Foundation Apache Portable Runtime Utility library (aka APR-util) 1.1.0

1.1.0

Apache Software Foundation Apache Portable Runtime Utility library (aka APR-util) 1.1.1

1.1.1

Apache Software Foundation Apache Portable Runtime Utility library (aka APR-util) 1.1.2

1.1.2

Apache Software Foundation Apache Portable Runtime Utility library (aka APR-util) 1.2.1

1.2.1

Apache Software Foundation Apache Portable Runtime Utility library (aka APR-util) 1.2.2

1.2.2

Apache Software Foundation Apache Portable Runtime Utility library (aka APR-util) 1.2.6

1.2.6

Apache Software Foundation Apache Portable Runtime Utility library (aka APR-util) 1.2.7

1.2.7

Apache Software Foundation Apache Portable Runtime Utility library (aka APR-util) 1.2.8

1.2.8

Apache Software Foundation Apache Portable Runtime Utility library (aka APR-util) 1.3.0

1.3.0

Apache Software Foundation Apache Portable Runtime Utility library (aka APR-util) 1.3.1

1.3.1

Apache Software Foundation Apache Portable Runtime Utility library (aka APR-util) 1.3.2

1.3.2

Apache Software Foundation Apache Portable Runtime Utility library (aka APR-util) 1.3.3

1.3.3

Apache Software Foundation Apache Portable Runtime Utility library (aka APR-util) 1.3.4

1.3.4

Apache Software Foundation Apache Portable Runtime Utility library (aka APR-util) 1.3.5

1.3.5

Apache Software Foundation Apache HTTP Server

References

APPLE-SA-2009-11-09-1

SUSE-SR:2010:011

[apr-dev] 20090602 [PATCH] prevent "billion laughs" attack against expat

Patch

HPSBUX02612

34724

Vendor Advisory

35284

Vendor Advisory

35360

Vendor Advisory

35395

Vendor Advisory

35444

Vendor Advisory

35487

Vendor Advisory

35565

Vendor Advisory

35710

Vendor Advisory

35797

35843

36473

Vendor Advisory

37221

Vendor Advisory

GLSA-200907-03

SSA:2009-167-02

http://support.apple.com/kb/HT3937

http://svn.apache.org/viewvc?view=rev&revision=781403

http://wiki.rpath.com/Advisories:rPSA-2009-0123

http://www.apache.org/dist/apr/CHANGES-APR-UTIL-1.3

Patch

DSA-1812

Patch

MDVSA-2009:131

MDVSA-2013:150

[oss-security] 20090603 CVE request: "billion laughs" attack against Apache APR

http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html

RHSA-2009:1107

RHSA-2009:1108

20090824 rPSA-2009-0123-1 apr-util

35253

USN-786-1

USN-787-1

ADV-2009-1907

ADV-2009-3184

Vendor Advisory

ADV-2010-1107

PK88342

PK91241

PK99478

http://www-01.ibm.com/support/docview.wss?uid=swg27014463

[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

oval:org.mitre.oval:def:10270

oval:org.mitre.oval:def:12473

8842

FEDORA-2009-6014

FEDORA-2009-6261

FEDORA-2009-5969

[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.