[CentOS] security compliance vs. old software versions
Kai Schaetzl
maillists at conactive.com
Wed Jun 30 12:31:14 UTC 2010
Les Mikesell wrote on Tue, 29 Jun 2010 17:52:37 -0500:
> Apache Server 2.x Prior To 2.2.14 Multiple Vulnerabilities Apache
> \'mod_proxy_ftp\' Wildcard Characters Cross-Site Scripting.
Remove that module from httpd.conf and try again. If it still gives that
warning you've proven the tool is braindead. You could also just tell
Apache not to add a server signature. I wonder how the tool will react to
that :-) Or is run locally and scans the rpm database?
Kai
--
Get your web at Conactive Internet Services: http://www.conactive.com
More information about the CentOS
mailing list