Rapid7 Vulnerability & Exploit Database

RHSA-2000:088: Updated apache, php, mod_perl, and auth_ldap packages available.

Back to Search

RHSA-2000:088: Updated apache, php, mod_perl, and auth_ldap packages available.

Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
12/19/2000
Created
07/25/2018
Added
10/28/2005
Modified
07/04/2017

Description

Updated apache, php, mod_perl, and auth_ldap packages are now available for Red Hat Linux 5.2, 6.0, 6.1, 6.2, and 7.

A vulnerability in the mod_rewrite module and vulnerabilities in the virtual hosting facility in versions of Apache prior to 1.3.14 may allow attackers to view files on the server which are meant to be inaccessible. Format string vulnerabilities have been found in PHP versions 3 and 4. Because upgrading to Apache 1.3.14 creates binary incompatibilities with web server modules built against older versions of Apache, the remaining RPMs listed here must be upgraded as well.

Solution(s)

  • redhat-upgrade-apache
  • redhat-upgrade-apache-devel
  • redhat-upgrade-apache-manual
  • redhat-upgrade-auth_ldap
  • redhat-upgrade-mod_perl
  • redhat-upgrade-mod_ssl

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;