[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] Apache Vulnerabilities

Subject: [cobalt-security] Apache Vulnerabilities
From: "Ian" <cobalt@xxxxxxxxxxxxx>
Date: Wed, 5 Dec 2001 10:09:04 -0000
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi,

I just received the following advisory from RedHat:

Security Advisory - RHSA-2001:126-27
--------------------------------------------------------------------------
---- Summary: Updated apache packages available

Description:
By using a carefully constructed HTTP request, a server with
mod_negotiation and either mod_dir or mod_autoindex loaded could be
tricked into displaying a listing of the contents of a directory, despite
the presence of an index file.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CAN-2001-0730, and CAN-2001-0731 to these
issues.
--------------------------------------------------------------------------

According to my httpd.conf file on the Raq4i , all those modules are 
enabled.

Will there by an updated pkg released ?

Ian

Prev by Date: [cobalt-security] New SSH packages on pkg.cobalt.com
Next by Date: RE: [cobalt-security] RAQ3 vulnerabilities
Previous by thread: Re: [cobalt-security] New SSH packages on pkg.cobalt.com
Next by thread: [cobalt-security] raq3 ns kernel: VM: do_try_to_free_pages failed error messages

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index