SELinux blocks Apache DoS vulnerability

June 29th, 2007 | Tags:

A recent Apache vulnerability, where a remote attacker can cause httpd to send a signal to an arbitrary process and potentially crash it, is mitigated by SELinux targeted policy (as installed by default in RHEL5 and F7). Of course, even if you have SELinux enabled, it’s good defence-in-depth1 to ensure the underlying vulnerabilities are fixed.

Advisories: RHEL5, F7.

1Here’s a useful reference page on Fedora Security Features.

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
    bodytext del.icio.us Facebook Google IndianPad Mixx Reddit StumbleUpon Slashdot E-mail this story to a friend! Print this article!
Comments are closed.