Red Hat announced one new security update late this morning.
RHSA-2007:0533 Moderate: httpd security update
This update addresses two vulnerabilities in the httpd packages for Red Hat Enterprise Linux 3. A list of vulnerabilities is included in Table 1 below. The Red Hat Security Response Team has rated this update as having moderate security impact.
| CVE-2006-5752 | A local attacker who has the ability to run scripts on the Apache HTTP Server could manipulate the scoreboard and cause arbitrary processes to be terminated, which could lead to a denial of service. |
| CVE-2007-1863 | A flaw was found in the Apache HTTP Server mod_cache module. On sites where caching is enabled, a remote attacker could send a carefully crafted request that would cause the Apache child process handling that request to crash. This could lead to a denial of service if using a threaded Multi-Processing Module. |
Get Slaptijack updates delivered to your Inbox or RSS Reader for free!