This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.
The remote Mandrake Linux host is missing one or more security
A flaw in the Apache mod_proxy module was found that could potentially
lead to a denial of service is using a threaded Multi-Processing
Module. On sites where a reverse proxy is configured, a remote
attacker could send a special reequest that would cause the Apache
child process handling the request to crash. Likewise, a similar crash
could occur on sites with a forward proxy configured if a user could
be persuaded to visit a malicious site using the proxy
A flaw in the Apache mod_autoindex module was found. On sites where
directory listings are used and the AddDefaultCharset directive was
removed from the configuration, a cross-site-scripting attack could be
possible against browsers that to not correctly derive the response
character set according to the rules in RGC 2616 (CVE-2007-4465).
The updated packages have been patched to correct this issue.
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 5.0