Zero-day vulnerabilities discovered: 2
Resource exhaustion
The vulnerability allows a remote attacker to cause DoS conditions on the target system.The vulnerability is known as "Apache Killer".
Software: Apache HTTP Server
Links:
http://httpd.apache.org/security/CVE-2011-3192.txt
https://lists.opensuse.org/opensuse-security-announce/2011-09/msg00006.html
http://www.gossamer-threads.com/lists/apache/dev/401638
http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3C20110824161640.122D387DD@mino...
http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3C20110826103531.998348F82@mino...
http://www.oracle.com/technetwork/topics/security/alert-cve-2011-3192-485304.html
https://blogs.oracle.com/security/entry/security_alert_for_cve_2011
https://wiki.apache.org/httpd/CVE-2011-3192
http://dino.ciuffetti.info/2011/08/cve-2011-3192-apachekiller/
Null pointer dereference
The vulnerability allows a remote attacker to cause DoS conditions on the target system.The vulnerability was discovered by Joe Schaefer.
Software: Subversion
Links:
http://subversion.apache.org/security/CVE-2011-1752-advisory.txt
https://lists.fedoraproject.org/pipermail/package-announce/2011-June/061913.html
https://www.ubuntu.com/usn/USN-1144-1/
https://lwn.net/Articles/446888/
http://ovaldb.altx-soft.ru/Definition.aspx?id=oval:com.altx-soft.nix:def:2140
https://groups.google.com/forum/#!topic/visualsvn/K6IsJpMWaA8