Oval Definition:oval:com.redhat.rhsa:def:20070395
Revision Date:2007-06-14Version:641
Title:RHSA-2007:0395: mod_perl security update (Low)
Description:Mod_perl incorporates a Perl interpreter into the Apache web server, so that the Apache web server can directly execute Perl code.

An issue was found in the "namespace_from_uri" method of the ModPerl::RegistryCooker class. If a server implemented a mod_perl registry module using this method, a remote attacker requesting a carefully crafted URI can cause resource consumption, which could lead to a denial of service (CVE-2007-1349).

Users of mod_perl should update to these erratum packages which contain a backported fix to correct this issue.
Family:unixClass:patch
Status:Reference(s):CVE-2007-1349
RHSA-2007:0395
RHSA-2007:0395-02
RHSA-2007:0395-02
Platform(s):Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 4
Red Hat Enterprise Linux 5
Product(s):
Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 3 is installed
  • AND
  • mod_perl-devel is earlier than 0:1.99_09-12.ent
  • AND mod_perl-devel is signed with Red Hat master key
  • mod_perl is earlier than 0:1.99_09-12.ent
  • AND mod_perl is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • mod_perl-devel is earlier than 0:1.99_16-4.5
  • AND mod_perl-devel is signed with Red Hat master key
  • mod_perl is earlier than 0:1.99_16-4.5
  • AND mod_perl is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • mod_perl-devel is earlier than 0:2.0.2-6.3.el5
  • AND mod_perl-devel is signed with Red Hat redhatrelease key
  • mod_perl is earlier than 0:2.0.2-6.3.el5
  • AND mod_perl is signed with Red Hat redhatrelease key
    • Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • mod_perl is earlier than 0:1.99_16-4.5
  • AND mod_perl is signed with Red Hat redhatrelease2 key
  • mod_perl-devel is earlier than 0:1.99_16-4.5
  • AND mod_perl-devel is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • mod_perl is earlier than 0:2.0.2-6.3.el5
  • AND mod_perl is signed with Red Hat redhatrelease2 key
  • mod_perl-devel is earlier than 0:2.0.2-6.3.el5
  • AND mod_perl-devel is signed with Red Hat redhatrelease2 key
    • Definition Synopsis
  • Release Information
  • Red Hat Enterprise Linux 3 is installed
  • AND
  • mod_perl is earlier than 0:1.99_09-12.ent
  • AND mod_perl is signed with Red Hat master key
  • mod_perl-devel is earlier than 0:1.99_09-12.ent
  • AND mod_perl-devel is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • mod_perl is earlier than 0:1.99_16-4.5
  • AND mod_perl is signed with Red Hat master key
  • mod_perl-devel is earlier than 0:1.99_16-4.5
  • AND mod_perl-devel is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • mod_perl is earlier than 0:2.0.2-6.3.el5
  • AND mod_perl is signed with Red Hat redhatrelease key
  • mod_perl-devel is earlier than 0:2.0.2-6.3.el5
  • AND mod_perl-devel is signed with Red Hat redhatrelease key
    • BACK