On Mar 6, 2010, at 8:33 AM, <ravishankar.gundlap...@wipro.com> <ravishankar.gundlap...@wipro.com> wrote:
> Hi , > > I have below mentioned action items on me which my security team identified . > > Please let me know whether the solution you have provided earlier is same for > these? > > Can anyone let me know the procedure for this... > > > 1)Apache mod_proxy_ftp Module NULL Pointer Dereference Denial Of Service > Vulnerability > > 2)Apache HTTP Server mod_proxy stream_reqbody_cl Function Denial of Service > Vulnerability > > 3)Apache HTTP Server mod_deflate Remote Denial Of Service Vulnerability > > 4)Apache APR and APR-util Multiple Integer Overflow Vulnerabilities Hi Ravishankar, I don't know what your 'action items' are related to these but they don't seem to have anything to do with Nagios. If there is some relation to Nagios, you probably want to clarify that connection if you want better help. It seems to me that you should be using Google to find out how to correct these vulnerabilities or asking on the Apache users support listserv. It almost certainly involves upgrading Apache or the modules in question or disabling them entirely if you don't use them. While many of us may use Apache, it's not appropriate to ask here for Apache support unrelated to Nagios and you'll definitely get more relevant/accurate/timely answers from a forum that provides that support. -- Marc ------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev _______________________________________________ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
