RHSA-2017:2882-01 -- Redhat httpdID: oval:org.secpod.oval:def:502150 | Date: (C)2017-10-13 (M)2024-02-19 |
Class: PATCH | Family: unix |
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. Red Hat would like to thank Hanno Bock for reporting this issue.
Platform: |
Red Hat Enterprise Linux 7 |