Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Slackware Advisory SSA:2005-310-04 apache
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The remote host is missing an update as announced via advisory SSA:2005-310-04.
Insight
Insight
New apache packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix potential security issues: * If a request contains both Transfer-Encoding and Content-Length headers, remove the Content-Length, mitigating some HTTP Request Splitting/Spoofing attacks. * Added TraceEnable [on/off/extended] per-server directive to alter the behavior of the TRACE method. It's hard to say how much real-world impact these have, as there's no more information about that in the announcement. Note that if you use mod_ssl, you will also need a new mod_ssl package. These have been provided for the same releases of Slackware.
Solution
Solution
Upgrade to the new package(s).