Here is an article: http://www.theregister.co.uk/2011/08/24/devastating_apache_vuln/
Try running the proof of concept here: https://issues.apache.org/bugzilla/show_bug.cgi?id=51714 I ran it on some CentOS 5 and 6 (running httpd-2.2.15-5.el6.centos.x86_64) servers which reported no issues. It may be the default way that RHEL/CentOS has the network set up or perhaps does not enable the modules required. I suspect some distributions may be vulnerable with their default set up. - Julian _______________________________________________ LUAU@lists.freesoftwarehawaii.org mailing list http://lists.freesoftwarehawaii.org/listinfo.cgi/luau-freesoftwarehawaii.org
