Apache – CVE-2011-0419


Kayran has detected that the Version of Apache HTTP Server being used has a flaw in the apr_fnmatch() function of the bundled APR library.
CVE-2011-0419 is categorized as an ‘Allocation of Resources Without Limits or Throttling’ vulnerability (CWE-770).

The software allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated. That happens in violation of the intended security policy for that specific actor.

A Stack Consumption vulnerability in the fnmatch implementation in apr_fnmatch.c was found in the Apache Portable Runtime (APR) library being used.
That will allow context-dependent attackers to cause a Denial of Service (DoS) through CPU and memory consumption.

It will cause a decrease in performance and interruptions in the availability of resources.


To fix CVE-2011-0419, upgrade the version of Apache HTTP Server being used to either 2.0.65 or 2.2.19.




< Return to all Vulnerabilities

Bug Bounties

As pirates, we all love plundering, we all love raiding, but mostly, we all love bounties, especially Bug Bounties. Let’s talk about it. Bug Bounties

Read More »