As this bugtrack say "binaries from redhat" are not vulnerables but what happen to recompilations? https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=200219 I understand that it is the compilation process what make this bug not exploitable and not the source code so, the question is: is the httpd binary from centos exploitable? I could not find any refence in the web about this topic. maybe I should ask in the centos-user mailling list but because it is a compilation thing ..... I guess centos developer are the right to anwser thanks in advance cu roger __________________________________________ RedHat Certified Engineer ( RHCE ) Cisco Certified Network Associate ( CCNA ) ____________________________________________________________________________________ Do you Yahoo!? Everyone is raving about the all-new Yahoo! Mail beta. http://new.mail.yahoo.com