Fedora 13 : httpd-2.2.15-1.fc13 (2010-5942)

This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.

Synopsis :

The remote Fedora host is missing a security update.

Description :

The Apache HTTP Server Project is proud to announce the release of
version 2.2.15 of the Apache HTTP Server ('httpd'). This version is
principally a security and bugfix release. Notably, this release was
updated to reflect the OpenSSL Project's release 0.9.8m of the openssl
library, and addresses CVE-2009-3555 (cve.mitre.org), the TLS
renegotiation prefix injection attack. This release further addresses
the issues CVE-2010-0408 and CVE-2010-0434 within mod_proxy_ajp and
mod_headers respectively. See the upstream changes file for further
information: http://www.apache.org/dist/httpd/CHANGES_2.2.15

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :


Solution :

Update the affected httpd package.

Risk factor :

Medium / CVSS Base Score : 5.8
CVSS Temporal Score : 5.0
Public Exploit Available : false

Family: Fedora Local Security Checks

Nessus Plugin ID: 47408 (fedora_2010-5942.nasl)

Bugtraq ID: 38491

CVE ID: CVE-2009-3555

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now