Headline
CVE-2010-1623: CVE-2010-1623
Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the destruction of an APR bucket.
Name
CVE-2010-1623
Description
Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the destruction of an APR bucket.
Source
CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References
DSA-2117-1
Vulnerable and fixed packages
The table below lists information on source packages.
Source Package
Release
Version
Status
apache2 (PTS)
buster
2.4.38-3+deb10u8
fixed
buster (security)
2.4.38-3+deb10u10
fixed
bullseye
2.4.56-1~deb11u2
fixed
bullseye (security)
2.4.56-1~deb11u1
fixed
bookworm
2.4.57-2
fixed
sid, trixie
2.4.57-3
fixed
apr-util (PTS)
buster
1.6.1-4
fixed
buster (security)
1.6.1-4+deb10u1
fixed
bullseye (security), bullseye
1.6.1-5+deb11u1
fixed
bookworm, sid, trixie
1.6.3-1
fixed
The information below is based on the following data on fixed versions.
Package
Type
Release
Fixed Version
Urgency
Origin
Debian Bugs
apache2
source
lenny
(not affected)
apache2
source
(unstable)
2.2.16-3
apr-util
source
lenny
1.2.12+dfsg-8+lenny5
DSA-2117-1
apr-util
source
(unstable)
1.3.9+dfsg-4
medium
Notes
[lenny] - apache2 <not-affected> (vulnerable code introduced in 2.2.15-2 or -3)
Related news
protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script.