|
|
Family: Web Servers --> Category: infos
Apache < 2.0.51 Vulnerability Scan
Vulnerability Scan Summary
Checks for version of Apache
Detailed Explanation for this Vulnerability Test
The remote host is running a version of Apache2 which is older than 2.0.51.
It is reported that versions prior 2.0.51 are prone to a remote denial of
service issue. A possible hacker may issue a specific sequence of DAV LOCK commands
to crash the process. If Apache is configured to use threads, it may
completely crash the Apache process.
In addition to this, versions prior 2.0.51 are prone to a remote buffer
overflow when parsing an URI sent over IPv6. A possible hacker may use this flaw
to execute arbitrary code on the remote host or to deny service to legitimate
users.
See also : http://issues.apache.org/bugzilla/show_bug.cgi?id=31183
Solution : Upgrade to Apache 2.0.51
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
