This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.
The remote Red Hat host is missing a security update.
Red Hat Network Proxy Server version 5.1.1 is now available. This
update includes a fix for a security issue in a Red Hat Network Proxy
This update has been rated as having low security impact by the Red
Hat Security Response Team.
The Red Hat Network Proxy Server 5.1.1 release corrects a security
vulnerability in a shipped component. In a typical operating
environment, this component is not exposed to users of Proxy Server in
a vulnerable manner. This security update will reduce risk in unique
Proxy Server environments.
A flaw was found in the mod_perl 'ModPerl::RegistryCooker' class. If a
server implemented a mod_perl registry module using the
'namespace_from_uri' method, a remote attacker requesting a carefully
crafted URI can cause resource consumption, which could lead to a
denial of service. (CVE-2007-1349)
Users of Red Hat Network Proxy Server 5.1 are advised to upgrade to
5.1.1, which resolves this issue.
See also :
Update the affected mod_perl package.
Risk factor :
Medium / CVSS Base Score : 4.3
Family: Red Hat Local Security Checks
Nessus Plugin ID: 63859 ()
CVE ID: CVE-2007-1349