[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
rPSA-2009-0154-1 httpd mod_ssl
rPath Security Advisory: 2009-0154-1
rPath Appliance Platform Linux Service 1
rPath Linux 1
Exposure Level Classification:
Indirect Deterministic Weakness
rPath Issue Tracking System:
Previous versions of httpd are vulnerable to a man-in-the-middle attack
during TLS session renegotiation, sometimes referred to as the "Project
Mogul" issue. This vulnerability has been addressed in this update.
Additionally, two denial of service vulnerabilities and an access
restriction bypass in mod_proxy_ftp are resolved in this update.
Copyright 2009 rPath, Inc.
This file is distributed under the terms of the MIT License.
A copy is available at http://www.rpath.com/permanent/mit-license.html