Mandrake Linux Security Advisory : apache-mod_perl (MDKSA-2007:083)
Medium Nessus Plugin ID 25034
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionPerlRun.pm in Apache mod_perl 1.30 and earlier, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
Updated packages have been patched to correct this issue.
SolutionUpdate the affected apache-mod_perl and / or apache-mod_perl-devel packages.