Red Hat Bugzilla – Bug 220853
CVE-2006-6104 XSP/mod_mono source code disclosure
Last modified: 2007-11-30 17:11:52 EST
Description of problem:
A vulnerability, which allows an attacker to retrieve unprocessed web content
(e.g. source code), has been found in XSP.
People already using the latest supported version of Mono, 1.2.2 and 126.96.36.199.2,
are protected against this vulnerability. Other people are encouraged to update
to the latest supported version of Mono. Major distributions have already been
advised and updates should (now or shortly) be available for their supported
More information can be found here: http://www.mono-project.com/Vulnerabilities.
Will the version of mono in FC6 be updated in the near future to remove this
mono-188.8.131.52-4.fc6 has been pushed for fc6, which should resolve this issue. If these problems are still present in this version, then please make note of it in this bug report.
(In reply to comment #0)
> Will the version of mono in FC6 be updated in the near future to remove this
The packages were updated.