Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Web Servers --> Category: infos

Apache mod_include Privilege Escalation Vulnerability Scan

Vulnerability Scan Summary
Checks for version of Apache

Detailed Explanation for this Vulnerability Test

The remote web server appears to be running a version of Apache that is older
than version 1.3.33.

This version is vulnerable to a local buffer overflow in the get_tag()
function of the module 'mod_include' when a specially crafted document
with malformed server-side includes is requested though an HTTP session.

Successful exploitation can lead to execution of arbitrary code with
escalated rights, but requires that server-side includes (SSI) is enabled.

Solution: Disable SSI or upgrade to a newer version when available.
Risk factor: Medium

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.