[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-security] Apache Vulnerabilities
- Subject: [cobalt-security] Apache Vulnerabilities
- From: "Ian" <cobalt@xxxxxxxxxxxxx>
- Date: Wed, 5 Dec 2001 10:09:04 -0000
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hi,
I just received the following advisory from RedHat:
Security Advisory - RHSA-2001:126-27
--------------------------------------------------------------------------
---- Summary: Updated apache packages available
Description:
By using a carefully constructed HTTP request, a server with
mod_negotiation and either mod_dir or mod_autoindex loaded could be
tricked into displaying a listing of the contents of a directory, despite
the presence of an index file.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CAN-2001-0730, and CAN-2001-0731 to these
issues.
--------------------------------------------------------------------------
According to my httpd.conf file on the Raq4i , all those modules are
enabled.
Will there by an updated pkg released ?
Ian