Previous articleBack to news listNext article
|
Sponsored links |
Want to become one of our authors and see your work published on ALLSeek.iNFO ?
|
| Apache mod_python String Processing Bug Still Lets Remote Users Crash the Web Server |
|---|
Categorie: Vulnerability
Posted: 2004-01-27 by ReCall
Views: 336
Source: Click here
| Current Rating: Not rated
|
|
| Details |
|---|
Description: A vulnerability was reported in Apache mod_python. A remote user can cause the Apache server to crash.
It is reported that a remote user can issue a specific query string to be processed by mod_python to cause the Apache httpd process to crash.
The vendor indicates that this flaw was previously reported and was to have been fixed by version 2.7.9, but was not properly fixed in that version.
[Editor's note: The previously reported flaw was discussed in Alert ID 1008335 and CVE number CAN-2003- 0973 in November 2003.]
Impact: A remote user can cause the Apache web service to crash.
Solution: The vendor has issued a fixed version (2.7.10) and recommends that users of mod_python 2.7.9
or earlier upgrade to 2.7.10 as soon as possible, available at:
http://httpd.apache.org/modules/python-download.cgi
The vendor indicates that users of mod_python 3.0.4 do not need to do anything.
|
| Syndication |
|---|
Permalink Email this
The URI to TrackBack this entry is:
http://allseek.info/news/trackback.php?id=675
|
| User comments (post your comments ) |
|---|
Only registerd members can post comments and articles
|
|
Previous articleBack to news listNext article
|
