Oval Definition:	oval:org.mitre.oval:def:12473
Revision Date: 2015-04-20 Version: 29 Title: HP-UX Apache-based Web Server, Local Information Disclosure, Increase of Privilege, Remote Denial of Service (DoS) Description: The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, as demonstrated by a PROPFIND request, a similar issue to CVE-2003-1564. Family: unix Class: vulnerability Status: ACCEPTED Reference(s): CVE-2009-1955 Platform(s): HP-UX 11 Product(s): Definition Synopsis Criteria meets HP Security Bulletin HPSBUX02612 HP-UX B.11.23 AND filesets tests hpuxwsAPACHE.APACHE2 version is less than B.2.0.63.01 OR hpuxwsAPCH32.APACHE version is less than B.2.0.63.01 OR hpuxwsAPACHE.AUTH_LDAP version is less than B.2.0.63.01 OR hpuxwsAPACHE.AUTH_LDAP2 version is less than B.2.0.63.01 OR hpuxwsAPCH32.APACHE2 version is less than B.2.0.63.01 OR hpuxwsAPCH32.AUTH_LDAP version is less than B.2.0.63.01 OR hpuxwsAPACHE.MOD_JK version is less than B.2.0.63.01 OR hpuxwsAPCH32.AUTH_LDAP2 version is less than B.2.0.63.01 OR hpuxwsAPACHE.MOD_JK2 version is less than B.2.0.63.01 OR hpuxwsAPACHE.MOD_PERL version is less than B.2.0.63.01 OR hpuxwsAPCH32.MOD_JK version is less than B.2.0.63.01 OR hpuxwsAPCH32.MOD_JK2 version is less than B.2.0.63.01 OR hpuxwsAPACHE.MOD_PERL2 version is less than B.2.0.63.01 OR hpuxwsAPACHE.PHP version is less than B.2.0.63.01 OR hpuxwsAPCH32.MOD_PERL version is less than B.2.0.63.01 OR hpuxwsAPACHE.PHP2 version is less than B.2.0.63.01 OR hpuxwsAPCH32.MOD_PERL2 version is less than B.2.0.63.01 OR hpuxwsAPACHE.WEBPROXY version is less than B.2.0.63.01 OR hpuxwsAPCH32.WEBPROXY version is less than B.2.0.63.01 OR hpuxwsAPCH32.PHP version is less than B.2.0.63.01 OR hpuxwsAPACHE.APACHE version is less than B.2.0.63.01 OR hpuxwsAPCH32.PHP2 version is less than B.2.0.63.01 OR Criteria meets HP Security Bulletin HPSBUX02612 HP-UX B.11.11 AND filesets tests hpuxwsAPACHE.APACHE version is less than B.2.0.63.01 OR hpuxwsAPACHE.APACHE2 version is less than B.2.0.63.01 OR hpuxwsAPACHE.AUTH_LDAP version is less than B.2.0.63.01 OR hpuxwsAPACHE.AUTH_LDAP2 version is less than B.2.0.63.01 OR hpuxwsAPACHE.MOD_JK version is less than B.2.0.63.01 OR hpuxwsAPACHE.MOD_JK2 version is less than B.2.0.63.01 OR hpuxwsAPACHE.MOD_PERL version is less than B.2.0.63.01 OR hpuxwsAPACHE.MOD_PERL2 version is less than B.2.0.63.01 OR hpuxwsAPACHE.WEBPROXY version is less than B.2.0.63.01 OR hpuxwsAPACHE.PHP version is less than B.2.0.63.01 OR hpuxwsAPACHE.PHP2 version is less than B.2.0.63.01 OR Criteria meets HP Security Bulletin HPSBUX02612 HP-UX B.11.31 AND filesets tests hpuxwsAPACHE.APACHE2 version is less than B.2.0.63.01 OR hpuxwsAPCH32.APACHE version is less than B.2.0.63.01 OR hpuxwsAPACHE.AUTH_LDAP version is less than B.2.0.63.01 OR hpuxwsAPACHE.AUTH_LDAP2 version is less than B.2.0.63.01 OR hpuxwsAPCH32.APACHE2 version is less than B.2.0.63.01 OR hpuxwsAPCH32.AUTH_LDAP version is less than B.2.0.63.01 OR hpuxwsAPACHE.MOD_JK version is less than B.2.0.63.01 OR hpuxwsAPCH32.AUTH_LDAP2 version is less than B.2.0.63.01 OR hpuxwsAPACHE.MOD_JK2 version is less than B.2.0.63.01 OR hpuxwsAPACHE.MOD_PERL version is less than B.2.0.63.01 OR hpuxwsAPCH32.MOD_JK version is less than B.2.0.63.01 OR hpuxwsAPCH32.MOD_JK2 version is less than B.2.0.63.01 OR hpuxwsAPACHE.MOD_PERL2 version is less than B.2.0.63.01 OR hpuxwsAPCH32.MOD_PERL version is less than B.2.0.63.01 OR hpuxwsAPACHE.PHP version is less than B.2.0.63.01 OR hpuxwsAPACHE.PHP2 version is less than B.2.0.63.01 OR hpuxwsAPCH32.MOD_PERL2 version is less than B.2.0.63.01 OR hpuxwsAPCH32.PHP version is less than B.2.0.63.01 OR hpuxwsAPACHE.WEBPROXY version is less than B.2.0.63.01 OR hpuxwsAPCH32.WEBPROXY version is less than B.2.0.63.01 OR hpuxwsAPACHE.APACHE version is less than B.2.0.63.01 OR hpuxwsAPCH32.PHP2 version is less than B.2.0.63.01
BACK