Mandrake Linux Security Advisory : apache2 (MDKSA-2004:055)
High Nessus Plugin ID 14154
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionA stack-based buffer overflow exists in the ssl_util_uuencode_binary function in ssl_util.c in Apache. When mod_ssl is configured to trust the issuing CA, a remote attacker may be able to execute arbitrary code via a client certificate with a long subject DN.
The provided packages are patched to prevent this problem.
SolutionUpdate the affected packages.