Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2007:0486

The remote host is missing updates announced in
advisory RHSA-2007:0486.

Mod_perl incorporates a Perl interpreter into the Apache web server,
so that the Apache HTTP server can directly execute Perl code.

The Apache::PerlRun module was found to not properly escape PATH_INFO
before being used in a regular expression. If a server is configured to
use Apache::PerlRun, an attacker could request a carefully crafted URI
causing resource consumption, which could lead to a denial of service

Users of mod_perl should update to these erratum packages which contain a
backported fix to correct this issue.

Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

Risk factor : Medium

CVSS Score:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-1349
BugTraq ID: 23192
RedHat Security Advisories: RHSA-2007:0395
RedHat Security Advisories: RHSA-2008:0630
SGI Security Advisory: 20070602-01-P
SuSE Security Announcement: SUSE-SR:2007:008 (Google Search)
SuSE Security Announcement: SUSE-SR:2007:012 (Google Search)
XForce ISS Database: modperl-pathinfo-dos(33312)
CopyrightCopyright (c) 2007 E-Soft Inc.

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.