'Cross-site request forgery (CSRF) vulnerability in the balancer-manager in mod_proxy_balancer for Apache HTTP Server 2.2.x allows remote attackers to gain privileges via unspecified vectors.'

• Copyright MITRE Corporation

This module is not running by default with any services typical to ClearOS. Additionally, it poses a minimal security risk even if it was.

While it is unlikely that ClearOS users will use this module, the risk only exists if the module is running and a user is authenticated through the web services. Additionally, the risk poses only a Denial of Service even if exploited.

No action required (ClearOS 5.x). Bug does not exist in ClearOS 6.x.

• MITRE.org CVE database

search?q=clearos%2C%20clearos%20content%2C%20CVE%2C%20CVE2007%2C%20xcategory%2C%20maintainer_dloper%2C%20maintainerreview_x%2C%20keywordfix&btnI=lucky