Fedora update for httpd - Advisories

Software Inspectors

	Scan Online

	Personal (PSI)

	Network (NSI 2.0) - NEW -

Solutions For

	Security Professionals

	Security Vendors

Free Solutions For

	Open Communities

	Journalists & Media

Secunia Advisories

	Search

	Historic Advisories

	Listed By Product

	Listed By Vendor

	Statistics / Graphs

	Secunia Research

	Report Vulnerability

	About Advisories

Virus Information

	Chronological List

	Last 10 Virus Alerts

	About Virus Information

Secunia Customers

	Customer Area

Fedora update for httpd

Secunia Advisory:	SA26842
Release Date:	2007-09-19

Critical:	Less critical
Impact:	Exposure of sensitive information DoS
Where:	From remote
Solution Status:	Vendor Patch

OS:	Fedora 7


CVE reference:	CVE-2007-1862 (Secunia mirror) CVE-2007-1863 (Secunia mirror) CVE-2007-3847 (Secunia mirror) CVE-2007-4465 (Secunia mirror)

	Want to know the next time vulnerabilities are fixed in this product? - Companies can be alerted via email and SMS!

Description: Fedora has issued an update for httpd. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and disclose potentially sensitive information. 1) An error in the mod_cache module in the handling of Cache-Control headers can be exploited to crash the child process via specially crafted requests. This could lead to a DoS when using a threaded Multi-Processing Module. 2) An error within the handling of headers from cache pool objects in the mod_mem_cache module can be exploited to disclose potentially sensitive information. 2) An error in the mod_proxy module can be exploited to cause a DoS. For more information: SA26636 Solution: Apply updated packages. d3dc55a160abd41a5fdbbc689bf76e67cbde0fb3 mod_ssl-2.2.6-1.fc7.ppc64.rpm b562daa6ae5da6a74d4544cc409bb98228d68f73 httpd-manual-2.2.6-1.fc7.ppc64.rpm 7a6dfad974a0654d24eb0b86126185b1473b9cc0 httpd-devel-2.2.6-1.fc7.ppc64.rpm c185775aa8f5365d92bccfd2d2120816c411899f httpd-debuginfo-2.2.6-1.fc7.ppc64.rpm 40cf855f357b2fa7ecccc924391d410c7cf5e11b httpd-2.2.6-1.fc7.ppc64.rpm bfd502227b6ed79919ea57542624e79ee1e9e03a httpd-debuginfo-2.2.6-1.fc7.i386.rpm 35228e52ec153db2369faf4bbce8a2725b9966be httpd-2.2.6-1.fc7.i386.rpm 19b15128544ec142f176466b6702c906e55ea4d5 httpd-manual-2.2.6-1.fc7.i386.rpm 3403ae305ada347f42680c8f2efdad0500162d08 httpd-devel-2.2.6-1.fc7.i386.rpm d6a992100e0210816d454231ee799904c1640353 mod_ssl-2.2.6-1.fc7.i386.rpm cb8d2c1e49c178ef746bb163541c661563dec613 httpd-debuginfo-2.2.6-1.fc7.x86_64.rpm 670249aeaad497e1a3724aca07ede36f3dcc4be5 httpd-manual-2.2.6-1.fc7.x86_64.rpm 0112f1ffc5ad2838e07eaad1ab4d6091fce52fc4 mod_ssl-2.2.6-1.fc7.x86_64.rpm 96839c8f4500a5cb3fc19b7bfb6084eb91741a91 httpd-devel-2.2.6-1.fc7.x86_64.rpm 624bd35e9b25ea2ec2c826ed18124381e1cdc146 httpd-2.2.6-1.fc7.x86_64.rpm 95e48ce1ef3989a75ba4b73143a8c4a3fd8a4c2b httpd-manual-2.2.6-1.fc7.ppc.rpm e34e3a2ba6b3e2b3dfe9ad9255b6d1b94ca3d83f httpd-devel-2.2.6-1.fc7.ppc.rpm 90105174aafd89add6427b3a13d22d141ba27175 httpd-debuginfo-2.2.6-1.fc7.ppc.rpm 1d2531d00259b7e3f068559e88d57cf02407c438 mod_ssl-2.2.6-1.fc7.ppc.rpm e38b8d541b3a8872e94e85580a8044db3dcb9733 httpd-2.2.6-1.fc7.ppc.rpm 011fe8f7f89bbe992f956c0cc48f50ba8e9dd140 httpd-2.2.6-1.fc7.src.rpm Original Advisory: https://www.redhat.com/archives/fedor...announce/2007-September/msg00320.html Other References: SA26636: http://secunia.com/advisories/26636/



Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise. Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

212 Related Secunia Security Advisories, displaying 10

1. Fedora update for sipp

2. Fedora update for thunderbird

3. Fedora update for audacity

4. Fedora update for cups

5. Fedora update for zoneminder

6. Fedora update for tkimg

7. Fedora update for bugzilla

8. Fedora update for poppler

9. Fedora update for moin

10. Fedora update for perl

Show all related advisories

Send Feedback to Secunia

If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com. Ideas, suggestions, and other feedback are most welcome.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	Microsoft Windows XP I2O Utility Filter Driver Privilege Escalation

2.	Internet Explorer "DisableCaching OfSSLPages" Weakness

3.	HP-UX ftp Server Unspecified Denial of Service

4.	Microsoft Windows CE Image Processing Vulnerabilities

5.	Sun Solaris Print Service Unspecified Vulnerabilities

6.	Red Hat Directory Server Regular Expression Handler Buffer Overflow

7.	GNU Emacs "fast-lock-mode " File Processing Vulnerability

8.	TYPO3 wt_gallery Extension Multiple Vulnerabilities

9.	XEmacs "fast-lock-mode " File Processing Vulnerability

10.	Debian update for kernel