Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Mandrake Local Security Checks --> Category: infos

MDKSA-2002:048: mod_ssl Vulnerability Scan

Vulnerability Scan Summary
Check for the version of the mod_ssl package

Detailed Explanation for this Vulnerability Test

The remote host is missing the patch for the advisory MDKSA-2002:048 (mod_ssl).

Frank Denis discovered an off-by-one error in mod_ssl dealing with the handling
of older configuration directorives (the rewrite_command hook). A malicious user
could use a specially-crafted .htaccess file to execute arbitrary commands as
the apache user or execute a DoS against the apache child processes.
This vulnerability is fixed in mod_ssl 2.8.10
patches have been applied to
correct this problem in these packages.

Solution :
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.