|
Mandriva- Advisories MDKSA-2007:142: Updated apache packages fix multiple security issues
Advisories MDKSA-2007:142: Updated apache packages fix multiple security issues
A vulnerability was discovered in the the Apache mod_status module
that could lead to a cross-site scripting attack on sites where the
server-status page was publically accessible and ExtendedStatus was
enabled (CVE-2006-5752).
The Apache server also did not verify that a process was an Apache
child process before sending it signals. A local attacker with the
ability to run scripts on the server could manipulate the scoreboard
and cause arbitrary processes to be terminated (CVE-2007-3304).
Updated packages have been patched to prevent the above issues.
http://mandrivausers.org/index.php?showtopic=42661
Array
Thu, 05 Jul 2007 05:06:54 +0000
|
07-05-2007, 06:02 AM
Posted
It appears you have not yet registered with our community
which limits what you can do & see. It's Free To register, please click here.
Linear Mode
