| VID |
22503 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
According to its banner, the version of Apache 2.0 installed on the remote host is older than 2.0.64. Such versions may be affected by several issues, including :
- An unspecified error exists in the handling of requests without a path segment. (CVE-2010-1452)
- Several modules, including 'mod_deflate', are vulnerable to a denial of service attack as the server can be forced to utilize CPU time compressing a large file after client disconnect. (CVE-2009-1891)
- An unspecified error exists in 'mod_proxy' related to filtration of authentication credentials. (CVE-2009-3095)
- A NULL pointer dereference issue exists in 'mod_proxy_ftp' in some error handling paths.(CVE-2009-3094)
- An error exists in 'mod_ssl' making the server vulnerable to the TLC renegotiation prefix injection attack. (CVE-2009-3555)
- An error exists in the handling of subrequests such that the parent request headers may be corrupted. (CVE-2010-0434)
- An error exists in 'mod_proxy_http' when handling excessive interim responses making it vulnerable to a denial of service attack. (CVE-2008-2364)
- An error exists in 'mod_isapi' which allows the module unloaded too early which leaves orphaned callback pointers. (CVE-2010-0425)
- An error exists in 'mod_proxy_ftp' when wildcards are in an FTP URL which allows for cross-site scripting attacks. (CVE-2008-2939)
* Note: This check solely relied on the version number of the remote Web server to assess this vulnerability, so this might be a false positive.
* References:
http://www.apache.org/dist/httpd/CHANGES_2.0.64
http://httpd.apache.org/security/vulnerabilities_20.html
* Platforms Affected:
Apache HTTP versions 2.0.x prior to 2.0.64
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of Apache HTTP Server (2.0.64 or later), available from the Apache Software Foundation download site, http://httpd.apache.org/download.cgi
-- OR --
As a workaround, ensure that the affected modules are not in use. |
| Related URL |
CVE-2008-2939,CVE-2009-1891,CVE-2009-3094,CVE-2009-3095,CVE-2009-3555,CVE-2010-0425,CVE-2010-0434,CVE-2010-1452,CVE-2008-2364 (CVE) |
| Related URL |
29653,30560,38494 (SecurityFocus) |
| Related URL |
(ISS) |
|
