Mandriva Update For Apache MDKSA-2007:127 (apache) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

The recall_headers function in mod_mem_cache in Apache 2.2.4 does not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously-used data, which could be used to obtain potentially sensitive information by unauthorized users. Updated packages have been patched to prevent this issue.

Affected

apache on Mandriva Linux 2007.1, Mandriva Linux 2007.1/X86_64

Severity

Classification

CVE CVE-2007-1862
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:090 (php)
Mandrake Security Advisory MDVSA-2009:212 (python)
Mandrake Security Advisory MDVSA-2009:170 (initscripts)
Mandrake Security Advisory MDVSA-2009:043 (gnumeric)
Mandrake Security Advisory MDVSA-2009:177 (ruby)

Mandriva Update for apache MDKSA-2007:127 (apache)

Take action and discover your vulnerabilities