Gentoo Security Advisory GLSA 200401-03 (mod_python) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 200401-03.

Solution

All users using mod_python 2.7.9 or below are recommended to update their mod_python installation: $> emerge sync $> emerge -pv '>=dev-python/mod_python-2.7.10' $> emerge '>=dev-python/mod_python-2.7.10' $> /etc/init.d/apache restart http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200401-03 http://bugs.gentoo.org/show_bug.cgi?id=39154 http://www.modpython.org/pipermail/mod_python/2004-January/014879.html

Insight

Apache's mod_python module could crash the httpd process if a specific, malformed query string was sent.

Severity

Classification

CVE CVE-2004-0096

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Gentoo Security Advisory GLSA 200312-07 (lftp)
Gentoo Security Advisory GLSA 200403-03 (OpenSSL)
Gentoo Security Advisory GLSA 200501-42 (VDR)
Gentoo Security Advisory GLSA 200409-23 (snipsnap)
Gentoo Security Advisory GLSA 200405-04 (openoffice)

Take action and discover your vulnerabilities