- document chunk-size integer overflow in apache 1.3.x

1 files changed, 32 insertions, 0 deletions

diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index ec704b803285..b29609172df6 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -34,6 +34,38 @@ Note:  Please add new entries to the beginning of this file.
 
 -->
 <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+  <vuln vid="cae01d7b-110d-11df-955a-00219b0fc4d8">
+    <topic>apache -- Prevent chunk-size integer overflow on platforms where sizeof(int) &lt; sizeof(long</topic>
+    <affects>
+      <package>
+        <name>apache</name>
+	<range><lt>1.3.42</lt></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+	<p>Apache ChangeLog reports:</p>
+        <blockquote cite="http://www.apache.org/dist/httpd/CHANGES_1.3.42">
+          <p>Integer overflow in the ap_proxy_send_fb function in
+            proxy/proxy_util.c in mod_proxy in the Apache HTTP Server before
+            1.3.42 on 64-bit platforms allows remote origin servers to cause a
+            denial of service (daemon crash) or possibly execute arbitrary code
+          via a large chunk size that triggers a heap-based buffer overflow.</p>
+	</blockquote>
+      </body>
+    </description>
+    <references>
+      <url>http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0010</url>
+      <url>http://www.security-database.com/detail.php?alert=CVE-2010-0010</url>
+      <url>http://security-tracker.debian.org/tracker/CVE-2010-0010</url>
+      <url>http://www.vupen.com/english/Reference-CVE-2010-0010.php</url>
+    </references>
+    <dates>
+      <discovery>2009-06-30</discovery>
+      <entry>2010-02-03</entry>
+    </dates>
+  </vuln>
+
   <vuln vid="296ecb59-0f6b-11df-8bab-0019996bc1f7">
     <topic>squid -- Denial of Service vulnerability in DNS handling</topic>
     <affects>