CVE-2017-7679 httpd: mod_mime buffer overread

CVE ID

CVE-2017-7679

DESCRIPTION

A buffer over-read flaw was found in the httpd's mod_mime module. A user permitted to modify httpd's MIME configuration could use this flaw to cause httpd child process to crash.

Unitrends risk assessment:  Medium, or None if current security update is applied

 

RESOLUTION

For CentOS6, Unitrends security update dated 11/06/2017 or later has httpd-2.2.15-60.el6.centos.6 and this issue was fixed in httpd-2.2.15-60.el6.centos.5 / httpd-2.2.15-60.el6_9.5
For CentOS5, the system should be migrated to CentOS6.
 

LINK TO ADVISORIES

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Contact us