Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
CentOS Update for httpd CESA-2008:0967 centos4 i386
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
Check for the Version of httpd
Insight
Insight
The Apache HTTP Server is a popular Web server. A flaw was found in the mod_proxy Apache module. An attacker in control of a Web server to which requests were being proxied could have caused a limited denial of service due to CPU consumption and stack exhaustion. (CVE-2008-2364) A flaw was found in the mod_proxy_ftp Apache module. If Apache was configured to support FTP-over-HTTP proxying, a remote attacker could have performed a cross-site scripting attack. (CVE-2008-2939) In addition, these updated packages fix a bug found in the handling of the " ProxyRemoteMatch" directive in the Red Hat Enterprise Linux 4 httpd packages. This bug is not present in the Red Hat Enterprise Linux 3 or Red Hat Enterprise Linux 5 packages. Users of httpd should upgrade to these updated packages, which contain backported patches to correct these issues.
Affected Software
Affected Software
httpd on CentOS 4
Solution
Solution
Please Install the Updated Packages.