Oval Definition:oval:com.redhat.rhsa:def:20070662
Revision Date:2007-07-13Version:635
Title:RHSA-2007:0662: httpd security update (Moderate)
Description:The Apache HTTP Server is a popular Web server.

The Apache HTTP Server did not verify that a process was an Apache child process before sending it signals. A local attacker with the ability to run scripts on the Apache HTTP Server could manipulate the scoreboard and cause arbitrary processes to be terminated which could lead to a denial of service. (CVE-2007-3304).

Users of httpd should upgrade to these updated packages, which contain backported patches to correct this issue. Users should restart Apache after installing this update.
Family:unixClass:patch
Status:Reference(s):CVE-2007-3304
RHSA-2007:0662
RHSA-2007:0662-02
RHSA-2007:0662-02
Platform(s):Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 4
Product(s):
Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 3 is installed
  • AND
  • httpd-devel is earlier than 0:2.0.46-68.ent
  • AND httpd-devel is signed with Red Hat master key
  • mod_ssl is earlier than 1:2.0.46-68.ent
  • AND mod_ssl is signed with Red Hat master key
  • httpd is earlier than 0:2.0.46-68.ent
  • AND httpd is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • httpd is earlier than 0:2.0.52-32.3.ent
  • AND httpd is signed with Red Hat master key
  • httpd-devel is earlier than 0:2.0.52-32.3.ent
  • AND httpd-devel is signed with Red Hat master key
  • httpd-suexec is earlier than 0:2.0.52-32.3.ent
  • AND httpd-suexec is signed with Red Hat master key
  • mod_ssl is earlier than 1:2.0.52-32.3.ent
  • AND mod_ssl is signed with Red Hat master key
  • httpd-manual is earlier than 0:2.0.52-32.3.ent
  • AND httpd-manual is signed with Red Hat master key
    • Definition Synopsis
  • Release Information
  • Red Hat Enterprise Linux 3 is installed
  • AND
  • httpd is earlier than 0:2.0.46-68.ent
  • AND httpd is signed with Red Hat master key
  • httpd-devel is earlier than 0:2.0.46-68.ent
  • AND httpd-devel is signed with Red Hat master key
  • mod_ssl is earlier than 0:2.0.46-68.ent
  • AND mod_ssl is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • httpd is earlier than 0:2.0.52-32.3.ent
  • AND httpd is signed with Red Hat master key
  • httpd-devel is earlier than 0:2.0.52-32.3.ent
  • AND httpd-devel is signed with Red Hat master key
  • httpd-manual is earlier than 0:2.0.52-32.3.ent
  • AND httpd-manual is signed with Red Hat master key
  • httpd-suexec is earlier than 0:2.0.52-32.3.ent
  • AND httpd-suexec is signed with Red Hat master key
  • mod_ssl is earlier than 0:2.0.52-32.3.ent
  • AND mod_ssl is signed with Red Hat master key
    • Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • httpd is earlier than 0:2.0.52-32.3.ent
  • AND httpd is signed with Red Hat redhatrelease2 key
  • httpd-devel is earlier than 0:2.0.52-32.3.ent
  • AND httpd-devel is signed with Red Hat redhatrelease2 key
  • httpd-manual is earlier than 0:2.0.52-32.3.ent
  • AND httpd-manual is signed with Red Hat redhatrelease2 key
  • httpd-suexec is earlier than 0:2.0.52-32.3.ent
  • AND httpd-suexec is signed with Red Hat redhatrelease2 key
  • mod_ssl is earlier than 1:2.0.52-32.3.ent
  • AND mod_ssl is signed with Red Hat redhatrelease2 key
    • BACK