Apache < 2.0.44 DOS Device Name Multiple Remote Vulnerabilities (Code Exec, DoS)

This script is Copyright (C) 2003-2012 Tenable Network Security, Inc.


Synopsis :

The remote web server is affected by multiple remote vulnerabilities.

Description :

The remote host appears to be running a version of
Apache for Windows that is older than 2.0.44.

There are several flaws in this version that allow
an attacker to crash this host or even execute arbitrary
code remotely, but it only affects WindowsME and Windows9x.

*** Note that Nessus solely relied on the version number
*** of the remote server to issue this warning. This might
*** be a false positive.

See also :

http://www-01.ibm.com/support/docview.wss?uid=swg1IC48645

Solution :

Upgrade to Apache 2.0.44 or newer.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.5
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Web Servers

Nessus Plugin ID: 11209 (apache_win32_devname.nasl)

Bugtraq ID: 6659

CVE ID: CVE-2003-0016