Family: Fedora Local Security Checks --> Category: infos
Fedora Core 4 2005-849: httpd Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the httpd package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory FEDORA-2005-849 (httpd).
The Apache HTTP Server is a powerful, full-featured, efficient, and
freely-available Web server. The Apache HTTP Server is also the
most popular Web server on the Internet.
This update includes two security fixes. An issue was
discovered in mod_ssl where 'SSLVerifyClient require' would
not be honoured in location context if the virtual host had
'SSLVerifyClient optional' configured (CVE-2005-2700). An
issue was discovered in memory consumption of the byterange
filter for dynamic resources such as PHP or CGI script
Solution : Get the newest Fedora Updates
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.