Mandrake Linux Security Advisory : apache2 (MDKSA-2005:155)
High Nessus Plugin ID 19911
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionInteger overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow.
The apache2 packages, as shipped, were built using a private copy of pcre.
The updated packages have been rebuilt against the system pcre libs to correct this problem. 10.1 and 10.2/LE2005 are already built against the system pcre.
SolutionUpdate the affected packages.