David Taveras wrote: > > You mentioned as far as APR causing a DoS, how about the execution of > arbitrary code through apache as the CVE says..? No, you misinterpreted; the application developer must expose a DoS/memory exhaustion vector; where that exists, and the affected version of APR is used, and the information written to the never-allocated buffer just happens to overlap some predictable, current allocations, then the external user may trigger a segfault but possibly worse, depending ENTIRELY on the code in the application. An example is http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2411 svn's libsvn_delta library, but there may be other applications in the wild which suffer similar, lesser or worse side effects from trusting untained user input. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|