csaf_redhat - rhsa-2007

rhsa-2007_0746

Vulnerability from csaf_redhat

Published

2007-11-07 09:00

Modified

2024-09-15 16:46

Summary

Red Hat Security Advisory: httpd security, bug fix, and enhancement update

Notes

Topic

Updated httpd packages that fix a security issue, fix various bugs, and add enhancements, are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

Details

The Apache HTTP Server is a popular and freely-available Web server. A flaw was found in the Apache HTTP Server mod_proxy module. On sites where a reverse proxy is configured, a remote attacker could send a carefully crafted request that would cause the Apache child process handling that request to crash. On sites where a forward proxy is configured, an attacker could cause a similar crash if a user could be persuaded to visit a malicious site using the proxy. This could lead to a denial of service if using a threaded Multi-Processing Module. (CVE-2007-3847) As well, these updated packages fix the following bugs: * Set-Cookie headers with a status code of 3xx are not forwarded to clients when the "ProxyErrorOverride" directive is enabled. These responses are overridden at the proxy. Only the responses with status codes of 4xx and 5xx are overridden in these updated packages. * the default "/etc/logrotate.d/httpd" script incorrectly invoked the kill command, instead of using the "/sbin/service httpd restart" command. If you configured the httpd PID to be in a location other than "/var/run/httpd.pid", the httpd logs failed to be rotated. This has been resolved in these updated packages. * the "ProxyTimeout" directive was not inherited across virtual host definitions. * the logresolve utility was unable to read lines longer the 1024 bytes. This update adds the following enhancements: * a new configuration option has been added, "ServerTokens Full-Release", which adds the package release to the server version string, which is returned in the "Server" response header. * a new module has been added, mod_version, which allows configuration files to be written containing sections, which are evaluated only if the version of httpd used matches a specified condition. Users of httpd are advised to upgrade to these updated packages, which resolve these issues and add these enhancements.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_vex",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated httpd packages that fix a security issue, fix various bugs, and\nadd enhancements, are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The Apache HTTP Server is a popular and freely-available Web server.\n\nA flaw was found in the Apache HTTP Server mod_proxy module. On sites where\na reverse proxy is configured, a remote attacker could send a carefully\ncrafted request that would cause the Apache child process handling that\nrequest to crash. On sites where a forward proxy is configured, an attacker\ncould cause a similar crash if a user could be persuaded to visit a\nmalicious site using the proxy. This could lead to a denial of service if\nusing a threaded Multi-Processing Module. (CVE-2007-3847)\n\nAs well, these updated packages fix the following bugs:\n\n* Set-Cookie headers with a status code of 3xx are not forwarded to\nclients when the \"ProxyErrorOverride\" directive is enabled. These\nresponses are overridden at the proxy. Only the responses with status\ncodes of 4xx and 5xx are overridden in these updated packages.\n\n* the default \"/etc/logrotate.d/httpd\" script incorrectly invoked the kill\ncommand, instead of using the \"/sbin/service httpd restart\" command. If you\nconfigured the httpd PID to be in a location other than\n\"/var/run/httpd.pid\", the httpd logs failed to be rotated. This has been\nresolved in these updated packages.\n\n* the \"ProxyTimeout\" directive was not inherited across virtual host\ndefinitions.\n\n* the logresolve utility was unable to read lines longer the 1024 bytes.\n\nThis update adds the following enhancements:\n\n* a new configuration option has been added, \"ServerTokens Full-Release\",\nwhich adds the package release to the server version string, which is\nreturned in the \"Server\" response header.\n\n* a new module has been added, mod_version, which allows configuration\nfiles to be written containing sections, which are evaluated only if the\nversion of httpd used matches a specified condition.\n\nUsers of httpd are advised to upgrade to these updated packages, which\nresolve these issues and add these enhancements.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2007:0746",
        "url": "https://access.redhat.com/errata/RHSA-2007:0746"
      },
      {
        "category": "external",
        "summary": "http://www.redhat.com/security/updates/classification/#moderate",
        "url": "http://www.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "240024",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=240024"
      },
      {
        "category": "external",
        "summary": "240857",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=240857"
      },
      {
        "category": "external",
        "summary": "241680",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=241680"
      },
      {
        "category": "external",
        "summary": "245719",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=245719"
      },
      {
        "category": "external",
        "summary": "245763",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=245763"
      },
      {
        "category": "external",
        "summary": "250731",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=250731"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2007/rhsa-2007_0746.json"
      }
    ],
    "title": "Red Hat Security Advisory: httpd security, bug fix, and enhancement update",
    "tracking": {
      "current_release_date": "2024-09-15T16:46:41+00:00",
      "generator": {
        "date": "2024-09-15T16:46:41+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "3.33.3"
        }
      },
      "id": "RHSA-2007:0746",
      "initial_release_date": "2007-11-07T09:00:00+00:00",
      "revision_history": [
        {
          "date": "2007-11-07T09:00:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2007-11-07T11:27:47+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-09-15T16:46:41+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
                  "product_id": "5Client",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
                  "product_id": "5Client-Workstation",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::client_workstation"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux (v. 5 server)",
                "product": {
                  "name": "Red Hat Enterprise Linux (v. 5 server)",
                  "product_id": "5Server",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::server"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "httpd-manual-0:2.2.3-11.el5.x86_64",
                "product": {
                  "name": "httpd-manual-0:2.2.3-11.el5.x86_64",
                  "product_id": "httpd-manual-0:2.2.3-11.el5.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-manual@2.2.3-11.el5?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-debuginfo-0:2.2.3-11.el5.x86_64",
                "product": {
                  "name": "httpd-debuginfo-0:2.2.3-11.el5.x86_64",
                  "product_id": "httpd-debuginfo-0:2.2.3-11.el5.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.3-11.el5?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-devel-0:2.2.3-11.el5.x86_64",
                "product": {
                  "name": "httpd-devel-0:2.2.3-11.el5.x86_64",
                  "product_id": "httpd-devel-0:2.2.3-11.el5.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-devel@2.2.3-11.el5?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-0:2.2.3-11.el5.x86_64",
                "product": {
                  "name": "httpd-0:2.2.3-11.el5.x86_64",
                  "product_id": "httpd-0:2.2.3-11.el5.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd@2.2.3-11.el5?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ssl-1:2.2.3-11.el5.x86_64",
                "product": {
                  "name": "mod_ssl-1:2.2.3-11.el5.x86_64",
                  "product_id": "mod_ssl-1:2.2.3-11.el5.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ssl@2.2.3-11.el5?arch=x86_64\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "httpd-debuginfo-0:2.2.3-11.el5.i386",
                "product": {
                  "name": "httpd-debuginfo-0:2.2.3-11.el5.i386",
                  "product_id": "httpd-debuginfo-0:2.2.3-11.el5.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.3-11.el5?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-devel-0:2.2.3-11.el5.i386",
                "product": {
                  "name": "httpd-devel-0:2.2.3-11.el5.i386",
                  "product_id": "httpd-devel-0:2.2.3-11.el5.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-devel@2.2.3-11.el5?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-manual-0:2.2.3-11.el5.i386",
                "product": {
                  "name": "httpd-manual-0:2.2.3-11.el5.i386",
                  "product_id": "httpd-manual-0:2.2.3-11.el5.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-manual@2.2.3-11.el5?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-0:2.2.3-11.el5.i386",
                "product": {
                  "name": "httpd-0:2.2.3-11.el5.i386",
                  "product_id": "httpd-0:2.2.3-11.el5.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd@2.2.3-11.el5?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ssl-1:2.2.3-11.el5.i386",
                "product": {
                  "name": "mod_ssl-1:2.2.3-11.el5.i386",
                  "product_id": "mod_ssl-1:2.2.3-11.el5.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ssl@2.2.3-11.el5?arch=i386\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i386"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "httpd-0:2.2.3-11.el5.src",
                "product": {
                  "name": "httpd-0:2.2.3-11.el5.src",
                  "product_id": "httpd-0:2.2.3-11.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd@2.2.3-11.el5?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "httpd-manual-0:2.2.3-11.el5.ia64",
                "product": {
                  "name": "httpd-manual-0:2.2.3-11.el5.ia64",
                  "product_id": "httpd-manual-0:2.2.3-11.el5.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-manual@2.2.3-11.el5?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-0:2.2.3-11.el5.ia64",
                "product": {
                  "name": "httpd-0:2.2.3-11.el5.ia64",
                  "product_id": "httpd-0:2.2.3-11.el5.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd@2.2.3-11.el5?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-debuginfo-0:2.2.3-11.el5.ia64",
                "product": {
                  "name": "httpd-debuginfo-0:2.2.3-11.el5.ia64",
                  "product_id": "httpd-debuginfo-0:2.2.3-11.el5.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.3-11.el5?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ssl-1:2.2.3-11.el5.ia64",
                "product": {
                  "name": "mod_ssl-1:2.2.3-11.el5.ia64",
                  "product_id": "mod_ssl-1:2.2.3-11.el5.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ssl@2.2.3-11.el5?arch=ia64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-devel-0:2.2.3-11.el5.ia64",
                "product": {
                  "name": "httpd-devel-0:2.2.3-11.el5.ia64",
                  "product_id": "httpd-devel-0:2.2.3-11.el5.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-devel@2.2.3-11.el5?arch=ia64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ia64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "httpd-manual-0:2.2.3-11.el5.ppc",
                "product": {
                  "name": "httpd-manual-0:2.2.3-11.el5.ppc",
                  "product_id": "httpd-manual-0:2.2.3-11.el5.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-manual@2.2.3-11.el5?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-0:2.2.3-11.el5.ppc",
                "product": {
                  "name": "httpd-0:2.2.3-11.el5.ppc",
                  "product_id": "httpd-0:2.2.3-11.el5.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd@2.2.3-11.el5?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-debuginfo-0:2.2.3-11.el5.ppc",
                "product": {
                  "name": "httpd-debuginfo-0:2.2.3-11.el5.ppc",
                  "product_id": "httpd-debuginfo-0:2.2.3-11.el5.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.3-11.el5?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ssl-1:2.2.3-11.el5.ppc",
                "product": {
                  "name": "mod_ssl-1:2.2.3-11.el5.ppc",
                  "product_id": "mod_ssl-1:2.2.3-11.el5.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ssl@2.2.3-11.el5?arch=ppc\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-devel-0:2.2.3-11.el5.ppc",
                "product": {
                  "name": "httpd-devel-0:2.2.3-11.el5.ppc",
                  "product_id": "httpd-devel-0:2.2.3-11.el5.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-devel@2.2.3-11.el5?arch=ppc"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "httpd-debuginfo-0:2.2.3-11.el5.ppc64",
                "product": {
                  "name": "httpd-debuginfo-0:2.2.3-11.el5.ppc64",
                  "product_id": "httpd-debuginfo-0:2.2.3-11.el5.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.3-11.el5?arch=ppc64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-devel-0:2.2.3-11.el5.ppc64",
                "product": {
                  "name": "httpd-devel-0:2.2.3-11.el5.ppc64",
                  "product_id": "httpd-devel-0:2.2.3-11.el5.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-devel@2.2.3-11.el5?arch=ppc64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "httpd-manual-0:2.2.3-11.el5.s390x",
                "product": {
                  "name": "httpd-manual-0:2.2.3-11.el5.s390x",
                  "product_id": "httpd-manual-0:2.2.3-11.el5.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-manual@2.2.3-11.el5?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-0:2.2.3-11.el5.s390x",
                "product": {
                  "name": "httpd-0:2.2.3-11.el5.s390x",
                  "product_id": "httpd-0:2.2.3-11.el5.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd@2.2.3-11.el5?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-debuginfo-0:2.2.3-11.el5.s390x",
                "product": {
                  "name": "httpd-debuginfo-0:2.2.3-11.el5.s390x",
                  "product_id": "httpd-debuginfo-0:2.2.3-11.el5.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.3-11.el5?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ssl-1:2.2.3-11.el5.s390x",
                "product": {
                  "name": "mod_ssl-1:2.2.3-11.el5.s390x",
                  "product_id": "mod_ssl-1:2.2.3-11.el5.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ssl@2.2.3-11.el5?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-devel-0:2.2.3-11.el5.s390x",
                "product": {
                  "name": "httpd-devel-0:2.2.3-11.el5.s390x",
                  "product_id": "httpd-devel-0:2.2.3-11.el5.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-devel@2.2.3-11.el5?arch=s390x"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "httpd-debuginfo-0:2.2.3-11.el5.s390",
                "product": {
                  "name": "httpd-debuginfo-0:2.2.3-11.el5.s390",
                  "product_id": "httpd-debuginfo-0:2.2.3-11.el5.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.3-11.el5?arch=s390"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-devel-0:2.2.3-11.el5.s390",
                "product": {
                  "name": "httpd-devel-0:2.2.3-11.el5.s390",
                  "product_id": "httpd-devel-0:2.2.3-11.el5.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-devel@2.2.3-11.el5?arch=s390"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.3-11.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:httpd-0:2.2.3-11.el5.i386"
        },
        "product_reference": "httpd-0:2.2.3-11.el5.i386",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.3-11.el5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:httpd-0:2.2.3-11.el5.ia64"
        },
        "product_reference": "httpd-0:2.2.3-11.el5.ia64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.3-11.el5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:httpd-0:2.2.3-11.el5.ppc"
        },
        "product_reference": "httpd-0:2.2.3-11.el5.ppc",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.3-11.el5.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:httpd-0:2.2.3-11.el5.s390x"
        },
        "product_reference": "httpd-0:2.2.3-11.el5.s390x",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.3-11.el5.src as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:httpd-0:2.2.3-11.el5.src"
        },
        "product_reference": "httpd-0:2.2.3-11.el5.src",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.3-11.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:httpd-0:2.2.3-11.el5.x86_64"
        },
        "product_reference": "httpd-0:2.2.3-11.el5.x86_64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.3-11.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:httpd-debuginfo-0:2.2.3-11.el5.i386"
        },
        "product_reference": "httpd-debuginfo-0:2.2.3-11.el5.i386",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.3-11.el5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:httpd-debuginfo-0:2.2.3-11.el5.ia64"
        },
        "product_reference": "httpd-debuginfo-0:2.2.3-11.el5.ia64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.3-11.el5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:httpd-debuginfo-0:2.2.3-11.el5.ppc"
        },
        "product_reference": "httpd-debuginfo-0:2.2.3-11.el5.ppc",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.3-11.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:httpd-debuginfo-0:2.2.3-11.el5.ppc64"
        },
        "product_reference": "httpd-debuginfo-0:2.2.3-11.el5.ppc64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.3-11.el5.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:httpd-debuginfo-0:2.2.3-11.el5.s390"
        },
        "product_reference": "httpd-debuginfo-0:2.2.3-11.el5.s390",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.3-11.el5.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:httpd-debuginfo-0:2.2.3-11.el5.s390x"
        },
        "product_reference": "httpd-debuginfo-0:2.2.3-11.el5.s390x",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.3-11.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:httpd-debuginfo-0:2.2.3-11.el5.x86_64"
        },
        "product_reference": "httpd-debuginfo-0:2.2.3-11.el5.x86_64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.3-11.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:httpd-devel-0:2.2.3-11.el5.i386"
        },
        "product_reference": "httpd-devel-0:2.2.3-11.el5.i386",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.3-11.el5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:httpd-devel-0:2.2.3-11.el5.ia64"
        },
        "product_reference": "httpd-devel-0:2.2.3-11.el5.ia64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.3-11.el5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:httpd-devel-0:2.2.3-11.el5.ppc"
        },
        "product_reference": "httpd-devel-0:2.2.3-11.el5.ppc",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.3-11.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:httpd-devel-0:2.2.3-11.el5.ppc64"
        },
        "product_reference": "httpd-devel-0:2.2.3-11.el5.ppc64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.3-11.el5.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:httpd-devel-0:2.2.3-11.el5.s390"
        },
        "product_reference": "httpd-devel-0:2.2.3-11.el5.s390",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.3-11.el5.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:httpd-devel-0:2.2.3-11.el5.s390x"
        },
        "product_reference": "httpd-devel-0:2.2.3-11.el5.s390x",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.3-11.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:httpd-devel-0:2.2.3-11.el5.x86_64"
        },
        "product_reference": "httpd-devel-0:2.2.3-11.el5.x86_64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-manual-0:2.2.3-11.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:httpd-manual-0:2.2.3-11.el5.i386"
        },
        "product_reference": "httpd-manual-0:2.2.3-11.el5.i386",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-manual-0:2.2.3-11.el5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:httpd-manual-0:2.2.3-11.el5.ia64"
        },
        "product_reference": "httpd-manual-0:2.2.3-11.el5.ia64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-manual-0:2.2.3-11.el5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:httpd-manual-0:2.2.3-11.el5.ppc"
        },
        "product_reference": "httpd-manual-0:2.2.3-11.el5.ppc",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-manual-0:2.2.3-11.el5.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:httpd-manual-0:2.2.3-11.el5.s390x"
        },
        "product_reference": "httpd-manual-0:2.2.3-11.el5.s390x",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-manual-0:2.2.3-11.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:httpd-manual-0:2.2.3-11.el5.x86_64"
        },
        "product_reference": "httpd-manual-0:2.2.3-11.el5.x86_64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.3-11.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:mod_ssl-1:2.2.3-11.el5.i386"
        },
        "product_reference": "mod_ssl-1:2.2.3-11.el5.i386",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.3-11.el5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:mod_ssl-1:2.2.3-11.el5.ia64"
        },
        "product_reference": "mod_ssl-1:2.2.3-11.el5.ia64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.3-11.el5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:mod_ssl-1:2.2.3-11.el5.ppc"
        },
        "product_reference": "mod_ssl-1:2.2.3-11.el5.ppc",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.3-11.el5.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:mod_ssl-1:2.2.3-11.el5.s390x"
        },
        "product_reference": "mod_ssl-1:2.2.3-11.el5.s390x",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.3-11.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:mod_ssl-1:2.2.3-11.el5.x86_64"
        },
        "product_reference": "mod_ssl-1:2.2.3-11.el5.x86_64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.3-11.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:httpd-0:2.2.3-11.el5.i386"
        },
        "product_reference": "httpd-0:2.2.3-11.el5.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.3-11.el5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:httpd-0:2.2.3-11.el5.ia64"
        },
        "product_reference": "httpd-0:2.2.3-11.el5.ia64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.3-11.el5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:httpd-0:2.2.3-11.el5.ppc"
        },
        "product_reference": "httpd-0:2.2.3-11.el5.ppc",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.3-11.el5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:httpd-0:2.2.3-11.el5.s390x"
        },
        "product_reference": "httpd-0:2.2.3-11.el5.s390x",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.3-11.el5.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:httpd-0:2.2.3-11.el5.src"
        },
        "product_reference": "httpd-0:2.2.3-11.el5.src",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.3-11.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:httpd-0:2.2.3-11.el5.x86_64"
        },
        "product_reference": "httpd-0:2.2.3-11.el5.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.3-11.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:httpd-debuginfo-0:2.2.3-11.el5.i386"
        },
        "product_reference": "httpd-debuginfo-0:2.2.3-11.el5.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.3-11.el5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:httpd-debuginfo-0:2.2.3-11.el5.ia64"
        },
        "product_reference": "httpd-debuginfo-0:2.2.3-11.el5.ia64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.3-11.el5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:httpd-debuginfo-0:2.2.3-11.el5.ppc"
        },
        "product_reference": "httpd-debuginfo-0:2.2.3-11.el5.ppc",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.3-11.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:httpd-debuginfo-0:2.2.3-11.el5.ppc64"
        },
        "product_reference": "httpd-debuginfo-0:2.2.3-11.el5.ppc64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.3-11.el5.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:httpd-debuginfo-0:2.2.3-11.el5.s390"
        },
        "product_reference": "httpd-debuginfo-0:2.2.3-11.el5.s390",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.3-11.el5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:httpd-debuginfo-0:2.2.3-11.el5.s390x"
        },
        "product_reference": "httpd-debuginfo-0:2.2.3-11.el5.s390x",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.3-11.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:httpd-debuginfo-0:2.2.3-11.el5.x86_64"
        },
        "product_reference": "httpd-debuginfo-0:2.2.3-11.el5.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.3-11.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:httpd-devel-0:2.2.3-11.el5.i386"
        },
        "product_reference": "httpd-devel-0:2.2.3-11.el5.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.3-11.el5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:httpd-devel-0:2.2.3-11.el5.ia64"
        },
        "product_reference": "httpd-devel-0:2.2.3-11.el5.ia64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.3-11.el5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:httpd-devel-0:2.2.3-11.el5.ppc"
        },
        "product_reference": "httpd-devel-0:2.2.3-11.el5.ppc",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.3-11.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:httpd-devel-0:2.2.3-11.el5.ppc64"
        },
        "product_reference": "httpd-devel-0:2.2.3-11.el5.ppc64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.3-11.el5.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:httpd-devel-0:2.2.3-11.el5.s390"
        },
        "product_reference": "httpd-devel-0:2.2.3-11.el5.s390",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.3-11.el5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:httpd-devel-0:2.2.3-11.el5.s390x"
        },
        "product_reference": "httpd-devel-0:2.2.3-11.el5.s390x",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.3-11.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:httpd-devel-0:2.2.3-11.el5.x86_64"
        },
        "product_reference": "httpd-devel-0:2.2.3-11.el5.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-manual-0:2.2.3-11.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:httpd-manual-0:2.2.3-11.el5.i386"
        },
        "product_reference": "httpd-manual-0:2.2.3-11.el5.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-manual-0:2.2.3-11.el5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:httpd-manual-0:2.2.3-11.el5.ia64"
        },
        "product_reference": "httpd-manual-0:2.2.3-11.el5.ia64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-manual-0:2.2.3-11.el5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:httpd-manual-0:2.2.3-11.el5.ppc"
        },
        "product_reference": "httpd-manual-0:2.2.3-11.el5.ppc",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-manual-0:2.2.3-11.el5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:httpd-manual-0:2.2.3-11.el5.s390x"
        },
        "product_reference": "httpd-manual-0:2.2.3-11.el5.s390x",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-manual-0:2.2.3-11.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:httpd-manual-0:2.2.3-11.el5.x86_64"
        },
        "product_reference": "httpd-manual-0:2.2.3-11.el5.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.3-11.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:mod_ssl-1:2.2.3-11.el5.i386"
        },
        "product_reference": "mod_ssl-1:2.2.3-11.el5.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.3-11.el5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:mod_ssl-1:2.2.3-11.el5.ia64"
        },
        "product_reference": "mod_ssl-1:2.2.3-11.el5.ia64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.3-11.el5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:mod_ssl-1:2.2.3-11.el5.ppc"
        },
        "product_reference": "mod_ssl-1:2.2.3-11.el5.ppc",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.3-11.el5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:mod_ssl-1:2.2.3-11.el5.s390x"
        },
        "product_reference": "mod_ssl-1:2.2.3-11.el5.s390x",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.3-11.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:mod_ssl-1:2.2.3-11.el5.x86_64"
        },
        "product_reference": "mod_ssl-1:2.2.3-11.el5.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.3-11.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:httpd-0:2.2.3-11.el5.i386"
        },
        "product_reference": "httpd-0:2.2.3-11.el5.i386",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.3-11.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:httpd-0:2.2.3-11.el5.ia64"
        },
        "product_reference": "httpd-0:2.2.3-11.el5.ia64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.3-11.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:httpd-0:2.2.3-11.el5.ppc"
        },
        "product_reference": "httpd-0:2.2.3-11.el5.ppc",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.3-11.el5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:httpd-0:2.2.3-11.el5.s390x"
        },
        "product_reference": "httpd-0:2.2.3-11.el5.s390x",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.3-11.el5.src as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:httpd-0:2.2.3-11.el5.src"
        },
        "product_reference": "httpd-0:2.2.3-11.el5.src",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.3-11.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:httpd-0:2.2.3-11.el5.x86_64"
        },
        "product_reference": "httpd-0:2.2.3-11.el5.x86_64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.3-11.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:httpd-debuginfo-0:2.2.3-11.el5.i386"
        },
        "product_reference": "httpd-debuginfo-0:2.2.3-11.el5.i386",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.3-11.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:httpd-debuginfo-0:2.2.3-11.el5.ia64"
        },
        "product_reference": "httpd-debuginfo-0:2.2.3-11.el5.ia64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.3-11.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:httpd-debuginfo-0:2.2.3-11.el5.ppc"
        },
        "product_reference": "httpd-debuginfo-0:2.2.3-11.el5.ppc",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.3-11.el5.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:httpd-debuginfo-0:2.2.3-11.el5.ppc64"
        },
        "product_reference": "httpd-debuginfo-0:2.2.3-11.el5.ppc64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.3-11.el5.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:httpd-debuginfo-0:2.2.3-11.el5.s390"
        },
        "product_reference": "httpd-debuginfo-0:2.2.3-11.el5.s390",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.3-11.el5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:httpd-debuginfo-0:2.2.3-11.el5.s390x"
        },
        "product_reference": "httpd-debuginfo-0:2.2.3-11.el5.s390x",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.3-11.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:httpd-debuginfo-0:2.2.3-11.el5.x86_64"
        },
        "product_reference": "httpd-debuginfo-0:2.2.3-11.el5.x86_64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.3-11.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:httpd-devel-0:2.2.3-11.el5.i386"
        },
        "product_reference": "httpd-devel-0:2.2.3-11.el5.i386",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.3-11.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:httpd-devel-0:2.2.3-11.el5.ia64"
        },
        "product_reference": "httpd-devel-0:2.2.3-11.el5.ia64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.3-11.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:httpd-devel-0:2.2.3-11.el5.ppc"
        },
        "product_reference": "httpd-devel-0:2.2.3-11.el5.ppc",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.3-11.el5.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:httpd-devel-0:2.2.3-11.el5.ppc64"
        },
        "product_reference": "httpd-devel-0:2.2.3-11.el5.ppc64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.3-11.el5.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:httpd-devel-0:2.2.3-11.el5.s390"
        },
        "product_reference": "httpd-devel-0:2.2.3-11.el5.s390",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.3-11.el5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:httpd-devel-0:2.2.3-11.el5.s390x"
        },
        "product_reference": "httpd-devel-0:2.2.3-11.el5.s390x",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.3-11.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:httpd-devel-0:2.2.3-11.el5.x86_64"
        },
        "product_reference": "httpd-devel-0:2.2.3-11.el5.x86_64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-manual-0:2.2.3-11.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:httpd-manual-0:2.2.3-11.el5.i386"
        },
        "product_reference": "httpd-manual-0:2.2.3-11.el5.i386",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-manual-0:2.2.3-11.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:httpd-manual-0:2.2.3-11.el5.ia64"
        },
        "product_reference": "httpd-manual-0:2.2.3-11.el5.ia64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-manual-0:2.2.3-11.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:httpd-manual-0:2.2.3-11.el5.ppc"
        },
        "product_reference": "httpd-manual-0:2.2.3-11.el5.ppc",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-manual-0:2.2.3-11.el5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:httpd-manual-0:2.2.3-11.el5.s390x"
        },
        "product_reference": "httpd-manual-0:2.2.3-11.el5.s390x",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-manual-0:2.2.3-11.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:httpd-manual-0:2.2.3-11.el5.x86_64"
        },
        "product_reference": "httpd-manual-0:2.2.3-11.el5.x86_64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.3-11.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:mod_ssl-1:2.2.3-11.el5.i386"
        },
        "product_reference": "mod_ssl-1:2.2.3-11.el5.i386",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.3-11.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:mod_ssl-1:2.2.3-11.el5.ia64"
        },
        "product_reference": "mod_ssl-1:2.2.3-11.el5.ia64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.3-11.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:mod_ssl-1:2.2.3-11.el5.ppc"
        },
        "product_reference": "mod_ssl-1:2.2.3-11.el5.ppc",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.3-11.el5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:mod_ssl-1:2.2.3-11.el5.s390x"
        },
        "product_reference": "mod_ssl-1:2.2.3-11.el5.s390x",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.3-11.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:mod_ssl-1:2.2.3-11.el5.x86_64"
        },
        "product_reference": "mod_ssl-1:2.2.3-11.el5.x86_64",
        "relates_to_product_reference": "5Server"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2007-3847",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "discovery_date": "2007-08-01T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "250731"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "httpd: out of bounds read",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "5Client-Workstation:httpd-0:2.2.3-11.el5.i386",
          "5Client-Workstation:httpd-0:2.2.3-11.el5.ia64",
          "5Client-Workstation:httpd-0:2.2.3-11.el5.ppc",
          "5Client-Workstation:httpd-0:2.2.3-11.el5.s390x",
          "5Client-Workstation:httpd-0:2.2.3-11.el5.src",
          "5Client-Workstation:httpd-0:2.2.3-11.el5.x86_64",
          "5Client-Workstation:httpd-debuginfo-0:2.2.3-11.el5.i386",
          "5Client-Workstation:httpd-debuginfo-0:2.2.3-11.el5.ia64",
          "5Client-Workstation:httpd-debuginfo-0:2.2.3-11.el5.ppc",
          "5Client-Workstation:httpd-debuginfo-0:2.2.3-11.el5.ppc64",
          "5Client-Workstation:httpd-debuginfo-0:2.2.3-11.el5.s390",
          "5Client-Workstation:httpd-debuginfo-0:2.2.3-11.el5.s390x",
          "5Client-Workstation:httpd-debuginfo-0:2.2.3-11.el5.x86_64",
          "5Client-Workstation:httpd-devel-0:2.2.3-11.el5.i386",
          "5Client-Workstation:httpd-devel-0:2.2.3-11.el5.ia64",
          "5Client-Workstation:httpd-devel-0:2.2.3-11.el5.ppc",
          "5Client-Workstation:httpd-devel-0:2.2.3-11.el5.ppc64",
          "5Client-Workstation:httpd-devel-0:2.2.3-11.el5.s390",
          "5Client-Workstation:httpd-devel-0:2.2.3-11.el5.s390x",
          "5Client-Workstation:httpd-devel-0:2.2.3-11.el5.x86_64",
          "5Client-Workstation:httpd-manual-0:2.2.3-11.el5.i386",
          "5Client-Workstation:httpd-manual-0:2.2.3-11.el5.ia64",
          "5Client-Workstation:httpd-manual-0:2.2.3-11.el5.ppc",
          "5Client-Workstation:httpd-manual-0:2.2.3-11.el5.s390x",
          "5Client-Workstation:httpd-manual-0:2.2.3-11.el5.x86_64",
          "5Client-Workstation:mod_ssl-1:2.2.3-11.el5.i386",
          "5Client-Workstation:mod_ssl-1:2.2.3-11.el5.ia64",
          "5Client-Workstation:mod_ssl-1:2.2.3-11.el5.ppc",
          "5Client-Workstation:mod_ssl-1:2.2.3-11.el5.s390x",
          "5Client-Workstation:mod_ssl-1:2.2.3-11.el5.x86_64",
          "5Client:httpd-0:2.2.3-11.el5.i386",
          "5Client:httpd-0:2.2.3-11.el5.ia64",
          "5Client:httpd-0:2.2.3-11.el5.ppc",
          "5Client:httpd-0:2.2.3-11.el5.s390x",
          "5Client:httpd-0:2.2.3-11.el5.src",
          "5Client:httpd-0:2.2.3-11.el5.x86_64",
          "5Client:httpd-debuginfo-0:2.2.3-11.el5.i386",
          "5Client:httpd-debuginfo-0:2.2.3-11.el5.ia64",
          "5Client:httpd-debuginfo-0:2.2.3-11.el5.ppc",
          "5Client:httpd-debuginfo-0:2.2.3-11.el5.ppc64",
          "5Client:httpd-debuginfo-0:2.2.3-11.el5.s390",
          "5Client:httpd-debuginfo-0:2.2.3-11.el5.s390x",
          "5Client:httpd-debuginfo-0:2.2.3-11.el5.x86_64",
          "5Client:httpd-devel-0:2.2.3-11.el5.i386",
          "5Client:httpd-devel-0:2.2.3-11.el5.ia64",
          "5Client:httpd-devel-0:2.2.3-11.el5.ppc",
          "5Client:httpd-devel-0:2.2.3-11.el5.ppc64",
          "5Client:httpd-devel-0:2.2.3-11.el5.s390",
          "5Client:httpd-devel-0:2.2.3-11.el5.s390x",
          "5Client:httpd-devel-0:2.2.3-11.el5.x86_64",
          "5Client:httpd-manual-0:2.2.3-11.el5.i386",
          "5Client:httpd-manual-0:2.2.3-11.el5.ia64",
          "5Client:httpd-manual-0:2.2.3-11.el5.ppc",
          "5Client:httpd-manual-0:2.2.3-11.el5.s390x",
          "5Client:httpd-manual-0:2.2.3-11.el5.x86_64",
          "5Client:mod_ssl-1:2.2.3-11.el5.i386",
          "5Client:mod_ssl-1:2.2.3-11.el5.ia64",
          "5Client:mod_ssl-1:2.2.3-11.el5.ppc",
          "5Client:mod_ssl-1:2.2.3-11.el5.s390x",
          "5Client:mod_ssl-1:2.2.3-11.el5.x86_64",
          "5Server:httpd-0:2.2.3-11.el5.i386",
          "5Server:httpd-0:2.2.3-11.el5.ia64",
          "5Server:httpd-0:2.2.3-11.el5.ppc",
          "5Server:httpd-0:2.2.3-11.el5.s390x",
          "5Server:httpd-0:2.2.3-11.el5.src",
          "5Server:httpd-0:2.2.3-11.el5.x86_64",
          "5Server:httpd-debuginfo-0:2.2.3-11.el5.i386",
          "5Server:httpd-debuginfo-0:2.2.3-11.el5.ia64",
          "5Server:httpd-debuginfo-0:2.2.3-11.el5.ppc",
          "5Server:httpd-debuginfo-0:2.2.3-11.el5.ppc64",
          "5Server:httpd-debuginfo-0:2.2.3-11.el5.s390",
          "5Server:httpd-debuginfo-0:2.2.3-11.el5.s390x",
          "5Server:httpd-debuginfo-0:2.2.3-11.el5.x86_64",
          "5Server:httpd-devel-0:2.2.3-11.el5.i386",
          "5Server:httpd-devel-0:2.2.3-11.el5.ia64",
          "5Server:httpd-devel-0:2.2.3-11.el5.ppc",
          "5Server:httpd-devel-0:2.2.3-11.el5.ppc64",
          "5Server:httpd-devel-0:2.2.3-11.el5.s390",
          "5Server:httpd-devel-0:2.2.3-11.el5.s390x",
          "5Server:httpd-devel-0:2.2.3-11.el5.x86_64",
          "5Server:httpd-manual-0:2.2.3-11.el5.i386",
          "5Server:httpd-manual-0:2.2.3-11.el5.ia64",
          "5Server:httpd-manual-0:2.2.3-11.el5.ppc",
          "5Server:httpd-manual-0:2.2.3-11.el5.s390x",
          "5Server:httpd-manual-0:2.2.3-11.el5.x86_64",
          "5Server:mod_ssl-1:2.2.3-11.el5.i386",
          "5Server:mod_ssl-1:2.2.3-11.el5.ia64",
          "5Server:mod_ssl-1:2.2.3-11.el5.ppc",
          "5Server:mod_ssl-1:2.2.3-11.el5.s390x",
          "5Server:mod_ssl-1:2.2.3-11.el5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2007-3847"
        },
        {
          "category": "external",
          "summary": "RHBZ#250731",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=250731"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2007-3847",
          "url": "https://www.cve.org/CVERecord?id=CVE-2007-3847"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-3847",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-3847"
        }
      ],
      "release_date": "2007-08-01T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.  \n\nThis update is available via Red Hat Network.  Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
          "product_ids": [
            "5Client-Workstation:httpd-0:2.2.3-11.el5.i386",
            "5Client-Workstation:httpd-0:2.2.3-11.el5.ia64",
            "5Client-Workstation:httpd-0:2.2.3-11.el5.ppc",
            "5Client-Workstation:httpd-0:2.2.3-11.el5.s390x",
            "5Client-Workstation:httpd-0:2.2.3-11.el5.src",
            "5Client-Workstation:httpd-0:2.2.3-11.el5.x86_64",
            "5Client-Workstation:httpd-debuginfo-0:2.2.3-11.el5.i386",
            "5Client-Workstation:httpd-debuginfo-0:2.2.3-11.el5.ia64",
            "5Client-Workstation:httpd-debuginfo-0:2.2.3-11.el5.ppc",
            "5Client-Workstation:httpd-debuginfo-0:2.2.3-11.el5.ppc64",
            "5Client-Workstation:httpd-debuginfo-0:2.2.3-11.el5.s390",
            "5Client-Workstation:httpd-debuginfo-0:2.2.3-11.el5.s390x",
            "5Client-Workstation:httpd-debuginfo-0:2.2.3-11.el5.x86_64",
            "5Client-Workstation:httpd-devel-0:2.2.3-11.el5.i386",
            "5Client-Workstation:httpd-devel-0:2.2.3-11.el5.ia64",
            "5Client-Workstation:httpd-devel-0:2.2.3-11.el5.ppc",
            "5Client-Workstation:httpd-devel-0:2.2.3-11.el5.ppc64",
            "5Client-Workstation:httpd-devel-0:2.2.3-11.el5.s390",
            "5Client-Workstation:httpd-devel-0:2.2.3-11.el5.s390x",
            "5Client-Workstation:httpd-devel-0:2.2.3-11.el5.x86_64",
            "5Client-Workstation:httpd-manual-0:2.2.3-11.el5.i386",
            "5Client-Workstation:httpd-manual-0:2.2.3-11.el5.ia64",
            "5Client-Workstation:httpd-manual-0:2.2.3-11.el5.ppc",
            "5Client-Workstation:httpd-manual-0:2.2.3-11.el5.s390x",
            "5Client-Workstation:httpd-manual-0:2.2.3-11.el5.x86_64",
            "5Client-Workstation:mod_ssl-1:2.2.3-11.el5.i386",
            "5Client-Workstation:mod_ssl-1:2.2.3-11.el5.ia64",
            "5Client-Workstation:mod_ssl-1:2.2.3-11.el5.ppc",
            "5Client-Workstation:mod_ssl-1:2.2.3-11.el5.s390x",
            "5Client-Workstation:mod_ssl-1:2.2.3-11.el5.x86_64",
            "5Client:httpd-0:2.2.3-11.el5.i386",
            "5Client:httpd-0:2.2.3-11.el5.ia64",
            "5Client:httpd-0:2.2.3-11.el5.ppc",
            "5Client:httpd-0:2.2.3-11.el5.s390x",
            "5Client:httpd-0:2.2.3-11.el5.src",
            "5Client:httpd-0:2.2.3-11.el5.x86_64",
            "5Client:httpd-debuginfo-0:2.2.3-11.el5.i386",
            "5Client:httpd-debuginfo-0:2.2.3-11.el5.ia64",
            "5Client:httpd-debuginfo-0:2.2.3-11.el5.ppc",
            "5Client:httpd-debuginfo-0:2.2.3-11.el5.ppc64",
            "5Client:httpd-debuginfo-0:2.2.3-11.el5.s390",
            "5Client:httpd-debuginfo-0:2.2.3-11.el5.s390x",
            "5Client:httpd-debuginfo-0:2.2.3-11.el5.x86_64",
            "5Client:httpd-devel-0:2.2.3-11.el5.i386",
            "5Client:httpd-devel-0:2.2.3-11.el5.ia64",
            "5Client:httpd-devel-0:2.2.3-11.el5.ppc",
            "5Client:httpd-devel-0:2.2.3-11.el5.ppc64",
            "5Client:httpd-devel-0:2.2.3-11.el5.s390",
            "5Client:httpd-devel-0:2.2.3-11.el5.s390x",
            "5Client:httpd-devel-0:2.2.3-11.el5.x86_64",
            "5Client:httpd-manual-0:2.2.3-11.el5.i386",
            "5Client:httpd-manual-0:2.2.3-11.el5.ia64",
            "5Client:httpd-manual-0:2.2.3-11.el5.ppc",
            "5Client:httpd-manual-0:2.2.3-11.el5.s390x",
            "5Client:httpd-manual-0:2.2.3-11.el5.x86_64",
            "5Client:mod_ssl-1:2.2.3-11.el5.i386",
            "5Client:mod_ssl-1:2.2.3-11.el5.ia64",
            "5Client:mod_ssl-1:2.2.3-11.el5.ppc",
            "5Client:mod_ssl-1:2.2.3-11.el5.s390x",
            "5Client:mod_ssl-1:2.2.3-11.el5.x86_64",
            "5Server:httpd-0:2.2.3-11.el5.i386",
            "5Server:httpd-0:2.2.3-11.el5.ia64",
            "5Server:httpd-0:2.2.3-11.el5.ppc",
            "5Server:httpd-0:2.2.3-11.el5.s390x",
            "5Server:httpd-0:2.2.3-11.el5.src",
            "5Server:httpd-0:2.2.3-11.el5.x86_64",
            "5Server:httpd-debuginfo-0:2.2.3-11.el5.i386",
            "5Server:httpd-debuginfo-0:2.2.3-11.el5.ia64",
            "5Server:httpd-debuginfo-0:2.2.3-11.el5.ppc",
            "5Server:httpd-debuginfo-0:2.2.3-11.el5.ppc64",
            "5Server:httpd-debuginfo-0:2.2.3-11.el5.s390",
            "5Server:httpd-debuginfo-0:2.2.3-11.el5.s390x",
            "5Server:httpd-debuginfo-0:2.2.3-11.el5.x86_64",
            "5Server:httpd-devel-0:2.2.3-11.el5.i386",
            "5Server:httpd-devel-0:2.2.3-11.el5.ia64",
            "5Server:httpd-devel-0:2.2.3-11.el5.ppc",
            "5Server:httpd-devel-0:2.2.3-11.el5.ppc64",
            "5Server:httpd-devel-0:2.2.3-11.el5.s390",
            "5Server:httpd-devel-0:2.2.3-11.el5.s390x",
            "5Server:httpd-devel-0:2.2.3-11.el5.x86_64",
            "5Server:httpd-manual-0:2.2.3-11.el5.i386",
            "5Server:httpd-manual-0:2.2.3-11.el5.ia64",
            "5Server:httpd-manual-0:2.2.3-11.el5.ppc",
            "5Server:httpd-manual-0:2.2.3-11.el5.s390x",
            "5Server:httpd-manual-0:2.2.3-11.el5.x86_64",
            "5Server:mod_ssl-1:2.2.3-11.el5.i386",
            "5Server:mod_ssl-1:2.2.3-11.el5.ia64",
            "5Server:mod_ssl-1:2.2.3-11.el5.ppc",
            "5Server:mod_ssl-1:2.2.3-11.el5.s390x",
            "5Server:mod_ssl-1:2.2.3-11.el5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2007:0746"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "httpd: out of bounds read"
    }
  ]
}

cve-2007-3847

Vulnerability from cvelistv5

Published

2007-08-23 22:00

Modified

2024-08-07 14:28

Severity

Summary

The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read.

References

URL	Tags
http://secunia.com/advisories/28606	third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2008-0005.html	vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2007/3955	vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/28922	third-party-advisory, x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10525	vdb-entry, signature, x_refsource_OVAL
http://secunia.com/advisories/28749	third-party-advisory, x_refsource_SECUNIA
http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702	vendor-advisory, x_refsource_AIXAPAR
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01182588	vendor-advisory, x_refsource_HP
http://secunia.com/advisories/26952	third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/26993	third-party-advisory, x_refsource_SECUNIA
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.595748	vendor-advisory, x_refsource_SLACKWARE
http://secunia.com/advisories/26636	third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27563	third-party-advisory, x_refsource_SECUNIA
http://www.securitytracker.com/id?1018633	vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/27732	third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27209	third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2007-0911.html	vendor-advisory, x_refsource_REDHAT
http://marc.info/?l=apache-httpd-dev&m=118595953217856&w=2	mailing-list, x_refsource_MLIST
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html	x_refsource_CONFIRM
http://secunia.com/advisories/26790	third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=apache-httpd-dev&m=118595556504202&w=2	mailing-list, x_refsource_MLIST
http://www.vupen.com/english/advisories/2008/0924/references	vdb-entry, x_refsource_VUPEN
http://httpd.apache.org/security/vulnerabilities_20.html	x_refsource_CONFIRM
http://www.us-cert.gov/cas/techalerts/TA08-150A.html	third-party-advisory, x_refsource_CERT
http://www.novell.com/linux/security/advisories/2007_61_apache2.html	vendor-advisory, x_refsource_SUSE
http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html	vendor-advisory, x_refsource_FEDORA
http://www.redhat.com/support/errata/RHSA-2007-0747.html	vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2007/3494	vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/29420	third-party-advisory, x_refsource_SECUNIA
http://httpd.apache.org/security/vulnerabilities_22.html	x_refsource_CONFIRM
https://issues.rpath.com/browse/RPL-1710	x_refsource_CONFIRM
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html	vendor-advisory, x_refsource_APPLE
http://secunia.com/advisories/30430	third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2007:235	vendor-advisory, x_refsource_MANDRIVA
http://lists.apple.com/archives/security-announce/2008//May/msg00001.html	vendor-advisory, x_refsource_APPLE
http://support.avaya.com/elmodocs2/security/ASA-2007-500.htm	x_refsource_CONFIRM
http://www.securityfocus.com/archive/1/505990/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
http://secunia.com/advisories/28467	third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2008/0233	vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/26722	third-party-advisory, x_refsource_SECUNIA
http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html	x_refsource_CONFIRM
http://secunia.com/advisories/27971	third-party-advisory, x_refsource_SECUNIA
http://lists.vmware.com/pipermail/security-announce/2009/000062.html	mailing-list, x_refsource_MLIST
http://secunia.com/advisories/27882	third-party-advisory, x_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200711-06.xml	vendor-advisory, x_refsource_GENTOO
http://www.vupen.com/english/advisories/2007/3095	vdb-entry, x_refsource_VUPEN
http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27007951	x_refsource_CONFIRM
http://docs.info.apple.com/article.html?artnum=307562	x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2007-0746.html	vendor-advisory, x_refsource_REDHAT
http://www-1.ibm.com/support/docview.wss?uid=swg1PK50469	vendor-advisory, x_refsource_AIXAPAR
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00353.html	vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/27593	third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2008/1697	vdb-entry, x_refsource_VUPEN
http://www.ubuntu.com/usn/usn-575-1	vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/26842	third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/3283	vdb-entry, x_refsource_VUPEN
http://www.vupen.com/english/advisories/2007/3020	vdb-entry, x_refsource_VUPEN
http://www.securityfocus.com/bid/25489	vdb-entry, x_refsource_BID
http://marc.info/?l=apache-cvs&m=118592992309395&w=2	mailing-list, x_refsource_MLIST
http://bugs.gentoo.org/show_bug.cgi?id=186219	x_refsource_CONFIRM
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01182588	vendor-advisory, x_refsource_HP
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST

Impacted products

Vendor	Product
n/a	n/a

Show details on NVD website