This script is Copyright (C) 2002-2014 Thomas Reinke
The remote web server is using a module that is affected by a remote
code execution vulnerability.
The remote host is using a version of mod_ssl that is older than
This version is vulnerable to an off-by-one buffer overflow that could
allow a user with write access to .htaccess files to execute arbitrary
code on the system with permissions of the web server.
*** Note that several Linux distributions (such as RedHat) *** patched
the old version of this module. Therefore, this *** might be a false
positive. Please check with your vendor *** to determine if you really
are vulnerable to this flaw
See also :
Upgrade to mod_ssl version 2.8.10 or newer.
Risk factor :
Medium / CVSS Base Score : 4.6
CVSS Temporal Score : 3.4
Public Exploit Available : false