MDVSA-2011:168 -- Mandriva apacheID: oval:org.secpod.oval:def:301124 | Date: (C)2012-01-07 (M)2023-12-07 |
Class: PATCH | Family: unix |
A vulnerability has been discovered and corrected in apache: The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service via a malformed HTTP request . The fix for CVE-2011-3192 provided by the MDVSA-2011:130 advisory introduced regressions in the way httpd handled certain Range HTTP header values. The updated packages have been patched to correct these issues.
Platform: |
Mandriva Linux 2010.1 |