[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

MDVSA-2009:295 -- Mandriva apache

ID: oval:org.secpod.oval:def:300542Date: (C)2012-01-07   (M)2024-02-19
Class: PATCHFamily: unix




A vulnerability was discovered and corrected in apache: Apache is affected by SSL injection or man-in-the-middle attacks due to a design flaw in the SSL and/or TLS protocols. A short term solution was released Sat Nov 07 2009 by the ASF team to mitigate these problems. Apache will now reject in-session renegotiation . Additionally the SNI patch was upgraded for 2009.0/MES5 and 2009.1. This update provides a solution to this vulnerability.

Platform:
Mandriva Linux 2010.0
Mandriva Linux 2009.0
Mandriva Linux 2009.1
Product:
apache
Reference:
MDVSA-2009:295
CVE-2009-3555
CVE    1
CVE-2009-3555
CPE    3
cpe:/o:mandriva:linux:2009.0
cpe:/o:mandriva:linux:2009.1
cpe:/o:mandriva:linux:2010.0

© SecPod Technologies