Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2017-12618 - log back

CVE-2017-12618 created at 25 Sep 2019 19:31:40

Severity

+

Low

Remote

+

Local

Type

+	Denial of service

Description

+	APR-util 1.6.0 and prior failed to validate the integrity of SDBM database files used by apr_sdbm*() functions, resulting in a possible out of bound read access. A local user with write access to the database can make a program or process using these functions crash, and cause a denial of service.

References

+	https://mail-archives.apache.org/mod_mbox/apr-dev/201710.mbox/%3CCACsi252POs4toeJJciwg09_eu2cO3XFg%3DUqsPjXsfjDoeC3-UQ%40mail.gmail.com%3E

Notes