aru Posted July 6, 2004 Report Share Posted July 6, 2004 Mandrakesoft Security Advisories MDKSA-2004:064 : apache2 Updated apache2 packages fix DoS vulnerability June 29th, 2004 A Denial of Service (Dos) condition was discovered in Apache 2.x by George Guninski.Exploiting this can lead to httpd consuming an arbitrary amount of memory.On 64bit systems with more than 4GB of virtual memory, this may also lead to a heap-based overflow. The updated packages contain a patch from the ASF to correct the problem. It is recommended that you stop Apache prior to updating and then restart it again once the update is complete ("service httpd stop" and "service httpd start" respectively). The released versions of Mandrake GNU/Linux affected are: 9.1 9.2 10.0 Full information about this advisory, including the updated packages, is available at: www.mandrakesoft.com/security/advisories?name=MDKSA-2004:064 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0493 http://www.guninski.com/httpd1.html Posted automatically by aru (mdksec2mub v0.0.9) Link to comment Share on other sites More sharing options...
Recommended Posts