About apache2 vulnerability with apr and apr-utils. How bad is it?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: users@xxxxxxxxxxxxxxxx
Subject: About apache2 vulnerability with apr and apr-utils. How bad is it?
From: David Taveras <d3taveras38d3@xxxxxxxxx>
Date: Thu, 10 Sep 2009 18:05:56 -0500
Reply-to: users@xxxxxxxxxxxxxxxx

Hello,

I run apache 2.2.9 & apache 2.2.11 both with apr-1.2.11p2 & apr-util-1.2.10p2

According to the CVE at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412 only 0.9.x and 1.3.x are affected . Could anybody confirm that this is so? If not.. how bad is this vulnerability to a user? Would mod_security help for this?

Thank you.

Follow-Ups:
- Re: About apache2 vulnerability with apr and apr-utils. How bad is it?
  - From: William A. Rowe, Jr.

Prev by Date: Re: Excluding String from access log
Next by Date: Re: About apache2 vulnerability with apr and apr-utils. How bad is it?
Previous by thread: Limited TextArea buffer
Next by thread: Re: About apache2 vulnerability with apr and apr-utils. How bad is it?
Index(es):
- Date
- Thread

[Index of Archives] [Open SSH Users] [Linux ACPI] [Linux Kernel] [Linux Laptop] [Kernel Newbies] [Security] [Netfilter] [Bugtraq] [Squid] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Samba] [Video 4 Linux] [Device Mapper]