CVE-2011-4415

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.0.x through 2.0.64 Apache HTTP Server versions 2.2.x through 2.2.21

Description The issue is related to the ap pregsub function in server/util.c, which does not restrict the size of values of environment variables when the mod setenvif module is enabled. This allows local users to cause a denial of service, either through memory consumption or a NULL pointer dereference, by creating a .htaccess file with a crafted SetEnvIf directive and sending a crafted HTTP request header. The problem is associated with the "len +=" statement and the apr pcalloc function call.

Recommendations For Apache HTTP Server versions 2.0.x through 2.0.64, consider disabling the mod setenvif module until a patch is available. For Apache HTTP Server versions 2.2.x through 2.2.21, consider disabling the mod setenvif module until a patch is available. As a temporary workaround, restrict access to the .htaccess file to minimize the risk of exploitation.