CVE-2011-4415

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2011-4415

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2011-4415.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2011-4415

Downstream

DEBIAN-CVE-2011-4415

Published

2011-11-08T11:55:05Z

Modified

2025-08-09T20:01:28Z

Summary

[none]

Details

The appregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the modsetenvif module is enabled, does not restrict the size of values of environment variables, which allows local users to cause a denial of service (memory consumption or NULL pointer dereference) via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, related to (1) the "len +=" statement and (2) the apr_pcalloc function call, a different vulnerability than CVE-2011-3607.

References

http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/
http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/DemoExploit.html
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041
http://www.gossamer-threads.com/lists/apache/dev/403775

CVE-2011-4415

Affected packages