Apache < 2.0.46 Multiple DoS

This script is Copyright (C) 2003-2014 Tenable Network Security, Inc.


Synopsis :

The remote web server is vulnerable to several denial of service
attacks.

Description :

The remote host appears to be running a version of Apache 2.0 that is
older than 2.0.46. Such versions have various flaws :

- There is a denial of service vulnerability that may
allow an attacker to disable basic authentication on
this host.

- There is a denial of service vulnerability in the
mod_dav module that may allow an attacker to crash this
service remotely.

See also :

http://www.apache.org/dist/httpd/CHANGES_2.0

Solution :

Upgrade to version 2.0.46 or later.

Risk factor :

Low / CVSS Base Score : 1.9
(CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 1.6
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Web Servers

Nessus Plugin ID: 11665 (apache_2_0_46.nasl)

Bugtraq ID: 7723
7725

CVE ID: CVE-2003-0245
CVE-2003-0189