Apache HTTP Server mod_session_dbd 远程安全漏洞(CVE-2013-2249)

2013-07-26T00:00:00
ID SSV:60913
Type seebug
Reporter Root
Modified 2013-07-26T00:00:00

Description

BUGTRAQ ID: 61379 CVE(CAN) ID: CVE-2013-2249

Apache HTTP Server是开源HTTP服务器。

Apache HTTP Server 2.4.6之前版本的mod_session_dbd模块在保存会话过程中处理“脏旗标”时出错,存在远程安全漏洞,影响目前未知。 0 Apache 2.4.2 厂商补丁:

Apache Group

Apache Group已经为此发布了一个安全公告(Announcement2.4)以及相应补丁: Announcement2.4:Apache HTTP Server 2.4.6 Released 链接:http://www.apache.org/dist/httpd/Announcement2.4.html

补丁下载:http://httpd.apache.org/download.cgi