This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.
Arbitrary code can be executed on the remote host.
The remote host is using a version of mod_ssl that is older than
This version is vulnerable to a flaw that could allow an attacker to
disable the remote website remotely, or to execute arbitrary code on
the remote host.
Note that several Linux distributions patched the old version of this
module. Therefore, this alert might be a false-positive. Please
check with your vendor to determine if you really are vulnerable to
Upgrade to version 2.8.18 (Apache 1.3) or to Apache 2.0.50.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 5.5
Public Exploit Available : false
Family: Web Servers
Nessus Plugin ID: 12255 ()
Bugtraq ID: 10355
CVE ID: CVE-2004-0488
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.