Race condition in the mod_auth_shadow module for the Apache HTTP Server allows remote attackers to bypass authentication, and read and possibly modify data, via vectors related to improper interaction with an external helper application for validation of credentials.
secunia.com/advisories/39823
www.mandriva.com/security/advisories?name=MDVSA-2010:081
www.securityfocus.com/bid/39538
www.vupen.com/english/advisories/2010/0908
www.vupen.com/english/advisories/2010/1148
bugzilla.redhat.com/show_bug.cgi?id=578168
lists.fedoraproject.org/pipermail/package-announce/2010-May/041326.html
lists.fedoraproject.org/pipermail/package-announce/2010-May/041340.html