FreeBSD : apache -- multiple vulnerabilities (c84dc9ad-41f7-11dd-a4f9-00163e000016)
Medium Nessus Plugin ID 33242
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionApache HTTP server project reports :
The following potential security flaws are addressed :
- CVE-2008-2364: mod_proxy_http: Better handling of excessive interim responses from origin server to prevent potential denial of service and high memory usage. Reported by Ryujiro Shibuya.
- CVE-2007-6420: mod_proxy_balancer: Prevent CSRF attacks against the balancer-manager interface
SolutionUpdate the affected package.