Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 HTTP:APACHE:APR-DOS

Severity

 Major

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Apache APR apr_fnmatch Stack Overflow Denial of Service

Release Date

 2011/06/22

Update Number

 1943

Supported Platforms

 idp-4.0.110090709+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: Apache APR apr_fnmatch Stack Overflow Denial of Service


This signature detects attempts to exploit a known vulnerability against the Apache HTTP service.Its due to improper implementation of fnmatch, in the apr_fnmatch.c component. A remote attacker can exploit this vulnerability on target systems which host applications utilizing the affected APR. A successful attack would cause a denial of service condition on the target server.

Extended Description

Apache APR is prone to a vulnerability that may allow attackers to cause a denial-of-service condition. Apache APR versions prior to 1.4.4 are vulnerable.

Affected Products

  • Apache_software_foundation apache 2.2.0
  • Apache_software_foundation apache 2.2.1
  • Apache_software_foundation apache 2.2.10
  • Apache_software_foundation apache 2.2.11
  • Apache_software_foundation apache 2.2.12
  • Apache_software_foundation apache 2.2.13
  • Apache_software_foundation apache 2.2.14
  • Apache_software_foundation apache 2.2.15
  • Apache_software_foundation apache 2.2.15-Dev
  • Apache_software_foundation apache 2.2.16
  • Apache_software_foundation apache 2.2.17
  • Apache_software_foundation apache 2.2.2
  • Apache_software_foundation apache 2.2.3
  • Apache_software_foundation apache 2.2.4
  • Apache_software_foundation apache 2.2.5
  • Apache_software_foundation apache 2.2.5-Dev
  • Apache_software_foundation apache 2.2.6
  • Apache_software_foundation apache 2.2.6-Dev
  • Apache_software_foundation apache 2.2.7-Dev
  • Apache_software_foundation apache 2.2.8
  • Apache_software_foundation apache 2.2.9
  • Apache_software_foundation apr 1.4.2
  • Apache_software_foundation apr 1.4.3
  • Apple mac_os_x 10.6
  • Apple mac_os_x 10.6.1
  • Apple mac_os_x 10.6.2
  • Apple mac_os_x 10.6.3
  • Apple mac_os_x 10.6.4
  • Apple mac_os_x 10.6.5
  • Apple mac_os_x 10.6.5
  • Apple mac_os_x 10.6.6
  • Apple mac_os_x 10.6.7
  • Apple mac_os_x 10.6.8
  • Apple mac_os_x 10.7
  • Apple mac_os_x 10.7.1
  • Apple mac_os_x_server 10.6
  • Apple mac_os_x_server 10.6.1
  • Apple mac_os_x_server 10.6.2
  • Apple mac_os_x_server 10.6.3
  • Apple mac_os_x_server 10.6.4
  • Apple mac_os_x_server 10.6.5
  • Apple mac_os_x_server 10.6.5
  • Apple mac_os_x_server 10.6.6
  • Apple mac_os_x_server 10.6.7
  • Apple mac_os_x_server 10.6.8
  • Apple mac_os_x_server 10.7
  • Apple mac_os_x_server 10.7.1
  • Avaya aura_application_enablement_services 5.2
  • Avaya aura_application_enablement_services 5.2.1
  • Avaya aura_application_enablement_services 5.2.2
  • Avaya aura_application_enablement_services 5.2.3
  • Avaya aura_application_enablement_services 6.1
  • Avaya aura_communication_manager 4.0
  • Avaya aura_communication_manager 4.0
  • Avaya aura_communication_manager 5.1
  • Avaya aura_communication_manager 5.2
  • Avaya aura_communication_manager 5.2.1
  • Avaya aura_communication_manager 6.0
  • Avaya aura_communication_manager 6.0.1
  • Avaya aura_communication_manager_utility_services 6.0
  • Avaya aura_communication_manager_utility_services 6.1
  • Avaya aura_session_manager 1.1
  • Avaya aura_session_manager 5.2
  • Avaya aura_session_manager 6.0
  • Avaya aura_session_manager 6.0 SP1
  • Avaya aura_session_manager 6.1
  • Avaya aura_session_manager 6.1.1
  • Avaya aura_session_manager 6.1.2
  • Avaya aura_session_manager 6.1 Sp1
  • Avaya aura_session_manager 6.1 SP2
  • Avaya aura_sip_enablement_services 4.0
  • Avaya aura_sip_enablement_services 5.0
  • Avaya aura_sip_enablement_services 5.1
  • Avaya aura_sip_enablement_services 5.2
  • Avaya aura_sip_enablement_services 5.2.1
  • Avaya aura_system_platform 1.1
  • Avaya aura_system_platform 6.0
  • Avaya aura_system_platform 6.0.1
  • Avaya aura_system_platform 6.0.2
  • Avaya aura_system_platform 6.0 SP2
  • Avaya aura_system_platform 6.0 SP3
  • Avaya call_management_system R 15.0
  • Avaya call_management_system R 16.0
  • Avaya call_management_system R16.1
  • Avaya call_management_system R16.2
  • Avaya call_management_system R16.3
  • Avaya interactive_response 4.0
  • Avaya ip_office_application_server 5.0
  • Avaya ip_office_application_server 5.0.1
  • Avaya ip_office_application_server 6.0
  • Avaya ip_office_application_server 6.1
  • Avaya ip_office_application_server 7.0
  • Avaya meeting_exchange 5.0
  • Avaya meeting_exchange 5.0.0.0.52
  • Avaya meeting_exchange 5.0 SP1
  • Avaya meeting_exchange 5.0 SP2
  • Avaya meeting_exchange 5.1
  • Avaya meeting_exchange 5.1 SP1
  • Avaya meeting_exchange 5.2
  • Avaya meeting_exchange 5.2 SP1
  • Avaya meeting_exchange 5.2 SP2
  • Avaya message_networking 3.1
  • Avaya message_networking 5.2
  • Avaya message_networking 5.2.1
  • Avaya message_networking 5.2.2
  • Avaya message_networking 5.2 SP1
  • Avaya message_networking
  • Avaya messaging_storage_server 4.0
  • Avaya messaging_storage_server 5.0
  • Avaya messaging_storage_server 5.1
  • Avaya messaging_storage_server 5.1 SP1
  • Avaya messaging_storage_server 5.1 SP2
  • Avaya messaging_storage_server 5.2
  • Avaya messaging_storage_server 5.2.2
  • Avaya messaging_storage_server 5.2.8
  • Avaya messaging_storage_server 5.2 SP1
  • Avaya messaging_storage_server 5.2 SP2
  • Avaya messaging_storage_server 5.2 SP3
  • Avaya voice_portal 4.0
  • Avaya voice_portal 4.1
  • Avaya voice_portal 4.1 SP1
  • Avaya voice_portal 4.1 SP2
  • Avaya voice_portal 5.0
  • Avaya voice_portal 5.0 SP1
  • Avaya voice_portal 5.0 SP2
  • Avaya voice_portal 5.1
  • Avaya voice_portal 5.1
  • Avaya voice_portal 5.1 SP1
  • Debian linux 5.0
  • Debian linux 5.0 Alpha
  • Debian linux 5.0 Amd64
  • Debian linux 5.0 Arm
  • Debian linux 5.0 Armel
  • Debian linux 5.0 Hppa
  • Debian linux 5.0 Ia-32
  • Debian linux 5.0 Ia-64
  • Debian linux 5.0 M68k
  • Debian linux 5.0 Mips
  • Debian linux 5.0 Mipsel
  • Debian linux 5.0 Powerpc
  • Debian linux 5.0 S/390
  • Debian linux 5.0 Sparc
  • Fujitsu interstage_application_server_enterprise_edition 5.0
  • Fujitsu interstage_application_server_enterprise_edition 5.0.1
  • Fujitsu interstage_application_server_enterprise_edition 5.0 L10
  • Fujitsu interstage_application_server_enterprise_edition 5.0 L10A
  • Fujitsu interstage_application_server_enterprise_edition 5.0 L10B
  • Fujitsu interstage_application_server_enterprise_edition 5.0 L11
  • Fujitsu interstage_application_server_enterprise_edition 5.0 L20
  • Fujitsu interstage_application_server_enterprise_edition 5.0 L20A
  • Fujitsu interstage_application_server_enterprise_edition 5.1
  • Fujitsu interstage_application_server_enterprise_edition 5.1.1
  • Fujitsu interstage_application_server_enterprise_edition 6.0
  • Fujitsu interstage_application_server_enterprise_edition 6.0.1
  • Fujitsu interstage_application_server_enterprise_edition 6.0.2
  • Fujitsu interstage_application_server_enterprise_edition 6.0A
  • Fujitsu interstage_application_server_enterprise_edition 6.0 L10
  • Fujitsu interstage_application_server_enterprise_edition 6.0 L10B
  • Fujitsu interstage_application_server_enterprise_edition 6.0 L10C
  • Fujitsu interstage_application_server_enterprise_edition 7.0
  • Fujitsu interstage_application_server_enterprise_edition 7.0.1
  • Fujitsu interstage_application_server_enterprise_edition 7.0 L10
  • Fujitsu interstage_application_server_enterprise_edition 7.0 L11
  • Fujitsu interstage_application_server_enterprise_edition 8.0.0
  • Fujitsu interstage_application_server_enterprise_edition 8.0.1
  • Fujitsu interstage_application_server_enterprise_edition 8.0.2
  • Fujitsu interstage_application_server_enterprise_edition 8.0.3
  • Fujitsu interstage_application_server_enterprise_edition 9.0.0
  • Fujitsu interstage_application_server_enterprise_edition 9.0.0A
  • Fujitsu interstage_application_server_enterprise_edition 9.0.0 B
  • Fujitsu interstage_application_server_enterprise_edition 9.0.1
  • Fujitsu interstage_application_server_enterprise_edition 9.0.1 B
  • Fujitsu interstage_application_server_enterprise_edition 9.1.0
  • Fujitsu interstage_application_server_enterprise_edition 9.1.0A
  • Fujitsu interstage_application_server_enterprise_edition 9.1.0B
  • Fujitsu interstage_application_server_enterprise_edition 9.2.0
  • Fujitsu interstage_application_server_plus 6.0
  • Fujitsu interstage_application_server_plus 6.0.1
  • Fujitsu interstage_application_server_plus 6.0.2
  • Fujitsu interstage_application_server_plus 6.0 L10
  • Fujitsu interstage_application_server_plus 6.0 L10A
  • Fujitsu interstage_application_server_plus 6.0 L10B
  • Fujitsu interstage_application_server_plus 6.0 L10C
  • Fujitsu interstage_application_server_plus 6.0 L11
  • Fujitsu interstage_application_server_plus 7.0
  • Fujitsu interstage_application_server_plus 7.0 L10
  • Fujitsu interstage_application_server_plus 7.0 L11
  • Fujitsu interstage_application_server_standard_edition 5.0
  • Fujitsu interstage_application_server_standard_edition 5.0 L10
  • Fujitsu interstage_application_server_standard_edition 5.0 L10A
  • Fujitsu interstage_application_server_standard_edition 5.0 L10B
  • Fujitsu interstage_application_server_standard_edition 5.0 L11
  • Fujitsu interstage_application_server_standard_edition 5.0 L20
  • Fujitsu interstage_application_server_standard_edition 5.0 L20A
  • Fujitsu interstage_application_server_standard_edition 8.0.0
  • Fujitsu interstage_application_server_standard_edition 8.0.3
  • Fujitsu interstage_application_server_standard-j_edition 8.0.0
  • Fujitsu interstage_application_server_standard-j_edition 8.0.1
  • Fujitsu interstage_application_server_standard-j_edition 8.0.2
  • Fujitsu interstage_application_server_standard-j_edition 8.0.3
  • Fujitsu interstage_application_server_standard-j_edition 9.0.0
  • Fujitsu interstage_application_server_standard-j_edition 9.0.0A
  • Fujitsu interstage_application_server_standard-j_edition 9.0.0 B
  • Fujitsu interstage_application_server_standard-j_edition 9.0.1
  • Fujitsu interstage_application_server_standard-j_edition 9.0.1 B
  • Fujitsu interstage_application_server_standard-j_edition 9.1.0
  • Fujitsu interstage_application_server_standard-j_edition 9.1.0B
  • Fujitsu interstage_application_server_standard-j_edition 9.2.0
  • Fujitsu interstage_application_server_web-j_edition 5.0
  • Fujitsu interstage_application_server_web-j_edition 5.0 L10
  • Fujitsu interstage_application_server_web-j_edition 5.0 L10A
  • Fujitsu interstage_application_server_web-j_edition 5.0 L10B
  • Fujitsu interstage_application_server_web-j_edition 5.0 L11
  • Fujitsu interstage_application_server_web-j_edition 5.0 L20
  • Fujitsu interstage_application_server_web-j_edition 5.0 L20A
  • Fujitsu interstage_apworks_modelers-j_edition 6.0
  • Fujitsu interstage_apworks_modelers-j_edition 6.0A
  • Fujitsu interstage_apworks_modelers-j_edition 6.0 L10
  • Fujitsu interstage_apworks_modelers-j_edition 6.0 L10A
  • Fujitsu interstage_apworks_modelers-j_edition 7.0
  • Fujitsu interstage_apworks_modelers-j_edition 7.0 L10
  • Fujitsu interstage_business_application_server_enterprise 8.0.0
  • Fujitsu interstage_job_workload_server 8.1.0
  • Fujitsu interstage_studio_enterprise_edition 8.0.1
  • Fujitsu interstage_studio_enterprise_edition 9.0.0
  • Fujitsu interstage_studio_enterprise_edition 9.1.0
  • Fujitsu interstage_studio_enterprise_edition 9.1.0 B
  • Fujitsu interstage_studio_enterprise_edition 9.2.0
  • Fujitsu interstage_studio_standard-j_edition 8.0.1
  • Fujitsu interstage_studio_standard-j_edition 9.0.0
  • Fujitsu interstage_studio_standard-j_edition 9.1.0
  • Fujitsu interstage_studio_standard-j_edition 9.1.0 B
  • Fujitsu interstage_studio_standard-j_edition 9.2.0
  • Hp hp-ux B.11.23
  • Hp hp-ux B.11.31
  • Hp hp-ux_web_server_suite 2.33
  • Hp hp-ux_web_server_suite 3.17
  • Hp hp-ux_web_server_suite 3.18
  • Hp openview_network_node_manager 7.53 - Hp-Ux
  • Hp openview_network_node_manager 7.53 - Linux
  • Hp openview_network_node_manager 7.53 - Solaris
  • Hp system_management_homepage 3.0.0.64
  • Hp system_management_homepage 3.0.0-68
  • Hp system_management_homepage 3.0.0.68
  • Hp system_management_homepage 3.0.1-73
  • Hp system_management_homepage 3.0.1.73
  • Hp system_management_homepage 3.0.2-77
  • Hp system_management_homepage 3.0.2.77
  • Hp system_management_homepage 3.0.2.77 B
  • Hp system_management_homepage 6.0
  • Hp system_management_homepage 6.0.0-95
  • Hp system_management_homepage 6.0.0.95
  • Hp system_management_homepage 6.0.0.96
  • Hp system_management_homepage 6.1
  • Hp system_management_homepage 6.1.0.102
  • Hp system_management_homepage 6.1.0-103
  • Hp system_management_homepage 6.1.0.103
  • Hp system_management_homepage 6.2
  • Hp system_management_homepage 6.2
  • Hp system_management_homepage 6.2.0-12
  • Hp system_management_homepage 6.2.2.7
  • Hp system_management_homepage 6.3
  • Hp system_management_homepage
  • Ibm http_server 6.1.0
  • Ibm http_server 6.1.0.1
  • Ibm http_server 6.1.0.13
  • Ibm http_server 6.1.0.15
  • Ibm http_server 6.1.0.17
  • Ibm http_server 6.1.0.19
  • Ibm http_server 6.1.0.25
  • Ibm http_server 6.1.0.27
  • Ibm http_server 6.1.0.3
  • Ibm http_server 6.1.0.31
  • Ibm http_server 6.1.0.35
  • Ibm http_server 6.1.0.5
  • Ibm http_server 6.1.0.9
  • Ibm http_server 7.0
  • Ibm http_server 7.0.0.11
  • Ibm http_server 7.0.0.13
  • Ibm http_server 7.0.0.15
  • Ibm http_server 7.0.0.17
  • Ibm http_server 7.0.0.5
  • Mandriva corporate_server 4.0
  • Mandriva corporate_server 4.0.0 X86 64
  • Mandriva enterprise_server 5
  • Mandriva enterprise_server 5 X86 64
  • Mandriva linux_mandrake 2009.0
  • Mandriva linux_mandrake 2009.0 X86 64
  • Mandriva linux_mandrake 2010.0
  • Mandriva linux_mandrake 2010.0 X86 64
  • Mandriva linux_mandrake 2010.1
  • Mandriva linux_mandrake 2010.1 X86 64
  • Netbsd netbsd 4.0
  • Netbsd netbsd 4.0.1
  • Netbsd netbsd 4.0.2
  • Netbsd netbsd 4.1
  • Netbsd netbsd Current
  • Red_hat enterprise_linux 5 Server
  • Red_hat enterprise_linux Desktop Version 4
  • Red_hat enterprise_linux_as 4
  • Red_hat enterprise_linux_desktop 5 Client
  • Red_hat enterprise_linux_desktop 6
  • Red_hat enterprise_linux_desktop_optional 6
  • Red_hat enterprise_linux_desktop_workstation 5 Client
  • Red_hat enterprise_linux_es 4
  • Red_hat enterprise_linux_hpc_node 6
  • Red_hat enterprise_linux_hpc_node_optional 6
  • Red_hat enterprise_linux_server 6
  • Red_hat enterprise_linux_workstation 6
  • Red_hat enterprise_linux_ws 4
  • Red_hat fedora 13
  • Red_hat fedora 14
  • Red_hat fedora 15
  • Red_hat jboss_enterprise_web_server 5.0.0
  • Red_hat jboss_enterprise_web_server_el4
  • Red_hat jboss_enterprise_web_server_for_rhel_4_as 1.0.0
  • Red_hat jboss_enterprise_web_server_for_rhel_4_es 1.0.0
  • Red_hat jboss_enterprise_web_server_for_rhel_5_server 1.0.0
  • Red_hat jboss_enterprise_web_server_for_rhel_6 1.0.0
  • Red_hat jboss_enterprise_web_server_for_solaris 1.0.0
  • Red_hat jboss_enterprise_web_server_for_windows 1.0.0
  • Slackware linux 11.0
  • Slackware linux 12.0
  • Slackware linux 12.1
  • Slackware linux 12.2
  • Slackware linux 13.0
  • Slackware linux 13.0 X86 64
  • Slackware linux 13.1
  • Slackware linux 13.1 X86 64
  • Slackware linux 13.37
  • Slackware linux 13.37 x86_64
  • Slackware linux -Current
  • Slackware linux X86 64 -Current
  • Sun secure_global_desktop 4.0
  • Sun secure_global_desktop 4.2
  • Sun secure_global_desktop 4.3
  • Sun solaris 10
  • Sun solaris 10 Express
  • Sun solaris 10 Sparc
  • Sun solaris 10 X86
  • Sun solaris 11 Express
  • Sun solaris 9
  • Ubuntu ubuntu_linux 10.04 Amd64
  • Ubuntu ubuntu_linux 10.04 ARM
  • Ubuntu ubuntu_linux 10.04 I386
  • Ubuntu ubuntu_linux 10.04 Powerpc
  • Ubuntu ubuntu_linux 10.04 Sparc
  • Ubuntu ubuntu_linux 10.10 amd64
  • Ubuntu ubuntu_linux 10.10 ARM
  • Ubuntu ubuntu_linux 10.10 i386
  • Ubuntu ubuntu_linux 10.10 powerpc
  • Ubuntu ubuntu_linux 11.04 amd64
  • Ubuntu ubuntu_linux 11.04 ARM
  • Ubuntu ubuntu_linux 11.04 i386
  • Ubuntu ubuntu_linux 11.04 powerpc
  • Ubuntu ubuntu_linux 6.06 LTS Amd64
  • Ubuntu ubuntu_linux 6.06 LTS I386
  • Ubuntu ubuntu_linux 6.06 LTS Powerpc
  • Ubuntu ubuntu_linux 6.06 LTS Sparc
  • Ubuntu ubuntu_linux 8.04 LTS Amd64
  • Ubuntu ubuntu_linux 8.04 LTS I386
  • Ubuntu ubuntu_linux 8.04 LTS Lpia
  • Ubuntu ubuntu_linux 8.04 LTS Powerpc
  • Ubuntu ubuntu_linux 8.04 LTS Sparc
  • Xerox freeflow_print_server_(ffps) 73.B3.61
  • Xerox freeflow_print_server_(ffps) 73.C0.41

References

  • BugTraq: 47820
  • CVE: CVE-2011-0419

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out