A NULL pointer dereference flaw was found in the httpd's mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request.
Unitrends risk assessment: Medium, or None if current security update is applied
For CentOS6, Unitrends security update dated 11/06/2017 or later has httpd-2.2.15-60.el6.centos.6 and this issue was fixed in httpd-2.2.15-60.el6.centos.5 / httpd-2.2.15-60.el6_9.5
For CentOS5, the system should be migrated to CentOS6.