MDVSA-2010:153 -- Mandriva apacheID: oval:org.secpod.oval:def:300178 | Date: (C)2012-01-07 (M)2023-11-13 |
Class: PATCH | Family: unix |
Multiple vulnerabilities has been found and corrected in apache: The mod_cache and mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service via a request that lacks a path . mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request. NOTE: this is the same issue as CVE-2010-2068, but for a different OS and set of affected versions . Packages for 2009.0 are provided as of the Extended Maintenance Program
Platform: |
Mandriva Linux 2009.0 |