Apache – CVE-2010-1623


Kayran has detected a flaw in the apr_brigade_split_line() function of the bundled APR-util library.
Also known as CVE-2010-1623.
It’s being used to process non-SSL requests.

A remote attacker could send requests, carefully crafting the timing of individual bytes, which would slowly consume memory.
Memory consumption will potentially cause a denial of service (DoS) via unspecified vectors related to the destruction of an APR bucket.

This will cause a decrease in performance and also for interruptions in the availability of resources.


To fix CVE-2010-1623, update the version of Apache Portable Runtime Utility library (APR-util) to 1.3.10 or higher.




Read more about DoS here.

< Return to all Vulnerabilities

Passwords 101

Unlike basketballs, “passwords” are things we don’t want to be passed around, especially in a society built around the idea that “mystery” is appealing. We

Read More »

Man-In-The-Middle Attacks

Do you know these people who just push themselves into conversations?That’s Man-In-The-Middle Attacks. And from a wider angle, Man-In-The-Middle Attacks, or MITM, are built around

Read More »