Scientific Linux Security Update : httpd on SL5.x, SL6.x i386/x86_64
Medium Nessus Plugin ID 69342
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionA flaw was found in the way the mod_dav module of the Apache HTTP Server handled merge requests. An attacker could use this flaw to send a crafted merge request that contains URIs that are not configured for DAV, causing the httpd child process to crash. (CVE-2013-1896)
After installing the updated packages, the httpd daemon will be restarted automatically.
SolutionUpdate the affected packages.