| Description: | Description:
The remote host is missing an update to mod_perl
announced via advisory FEDORA-2007-577.
Mod_perl incorporates a Perl interpreter into the Apache web server,
so that the Apache web server can directly execute Perl code.
Mod_perl links the Perl runtime library into the Apache web server and
provides an object-oriented Perl interface for Apache's C language
API. The end result is a quicker CGI script turnaround process, since
no external Perl interpreter has to be started.
Install mod_perl if you're installing the Apache web server and you'd
like for it to directly incorporate a Perl interpreter.
Update Information:
This update fixes a security issue in mod_perl.
An issue was found in the namespace_from_uri method of the
ModPerl::RegistryCooker class. If a server implemented a
mod_perl registry module using this method, a remote
attacker requesting a carefully crafted URI can cause
resource consumption, which could lead to a denial of
service. (CVE-2007-1349)
* Fri Jun 8 2007 Joe Orton 2.0.2-6.2.fc6
- add security fix for CVE-2007-1349
- drop perl(warnings) provide (#228429)
- drop perl(HTTP::Request::Common) provide
Solution: Apply the appropriate updates.
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/
This update can be installed with the 'yum' update program. Use 'yum update
package-name' at the command line. For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2007-577
Risk factor : Medium
CVSS Score:
4.3
|
