This script is Copyright (C) 2002-2012 Tenable Network Security, Inc.
The remote web server is affected by multiple vulnerabilities.
The remote host is running a version of Apache web server older than
1.3.27. Such versions are reportedly affected by multiple
- There is a cross-site scripting vulnerability caused by
a failure to filter HTTP/1.1 'Host' headers that are
sent by browsers.
- A vulnerability in the handling of the Apache scorecard
could allow an attacker to cause a denial of service.
- A buffer overflow vulnerability exists in the
'support/ab.c' read_connection() function. The ab.c file
is a benchmarking support utility that is provided with
the Apache web server.
See also :
Upgrade to Apache web server version 1.3.27 or newer.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 5.9
Public Exploit Available : true