The stable version 2.2 of Apache which yum updates to is vulnerable to solely one attack at the moment because of the version "2.2". It seriously needs to be upgraded to 2.4.4 in the repositories because the Perl Script found here<br />
<br />
<a href="http://seclists.org/fulldisclosure/2011/Aug/175">http://seclists.org/fulldisclosure/2011/Aug/175</a> [<a href="http://seclists.org/fulldisclosure/2011/Aug/175" target="_blank">^</a>]<br />
<br />
is capable of producing a Denial of Service attack effect on the 7th Layer "Application Layer" which is Apache. Please update Apache immediately Vulnerability Scanners are capable of finding this exploit as well. Please consult with CentOS developers, CentOS users which run Apache are in dire need for an upgrade to Apache 2.4.4 and compiling it from source is not very easy. Sorry to sound like a novice but the dependencies are not easy to deal with when compiling Apache 2.4.4 from Source. Thank you.
↧