paul Posted July 5, 2007 Report Share Posted July 5, 2007 A vulnerability was discovered in the the Apache mod_status module that could lead to a cross-site scripting attack on sites where the server-status page was publically accessible and ExtendedStatus was enabled (CVE-2006-5752). A vulnerability was found in the Apache mod_cache module that could cause the httpd server child process to crash if it was sent a carefully crafted request. This could lead to a denial of service if using a threaded MPM (CVE-2007-1863). Updated packages have been patched to prevent the above issues. Link to comment Share on other sites More sharing options...
Recommended Posts