Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2004:055: apache2 Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the apache2 package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2004:055 (apache2).
A stack-based buffer overflow exists in the ssl_util_uuencode_binary function in
ssl_util.c in Apache. When mod_ssl is configured to trust the issuing CA, a
remote attacker may be able to execute arbitrary code via a client certificate
with a long subject DN.
The provided packages are patched to prevent this problem.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2004:055
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.