Apache HTTP Server mod_deflate Remote Denial Of Service Vulnerability

Marc Powell marc at ena.com
Sat Mar 6 16:34:51 CET 2010


On Mar 6, 2010, at 8:33 AM, <ravishankar.gundlapali at wipro.com> <ravishankar.gundlapali at wipro.com> wrote:

> Hi ,
> 
> I have below mentioned action items on me which my security team identified .
> 
> Please let me know whether the solution you have provided earlier is same for these?
> 
> Can anyone let me know the procedure for this...
> 
> 
> 1)Apache mod_proxy_ftp Module NULL Pointer Dereference Denial Of Service Vulnerability
> 
> 2)Apache HTTP Server mod_proxy stream_reqbody_cl Function Denial of Service Vulnerability
> 
> 3)Apache HTTP Server mod_deflate Remote Denial Of Service Vulnerability
> 
> 4)Apache APR and APR-util Multiple Integer Overflow Vulnerabilities

Hi Ravishankar,

I don't know what your 'action items' are related to these but they don't seem to have anything to do with Nagios. If there is some relation to Nagios, you probably want to clarify that connection if you want better help. 

It seems to me that you should be using Google to find out how to correct these vulnerabilities or asking on the Apache users support listserv. It almost certainly involves upgrading Apache or the modules in question or disabling them entirely if you don't use them. While many of us may use Apache, it's not appropriate to ask here for Apache support unrelated to Nagios and you'll definitely get more relevant/accurate/timely answers from a forum that provides that support.

--
Marc


------------------------------------------------------------------------------
Download Intel® Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null





More information about the Users mailing list