This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.
The remote Red Hat host is missing one or more security updates.
Updated httpd packages are now available that fix a denial of service
vulnerability in mod_ssl and include various other bug fixes.
The Apache HTTP server is a powerful, full-featured, efficient, and
freely-available Web server.
A memory leak in mod_ssl in the Apache HTTP Server prior to version
2.0.49 allows a remote denial of service attack against an SSL-enabled
server. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CVE-2004-0113 to this issue.
This update also includes various bug fixes, including :
- improvements to the mod_expires, mod_dav, mod_ssl and
- a fix for a bug causing core dumps during configuration
parsing on the IA64 platform
- an updated version of mod_include fixing several edge
cases in the SSI parser
Additionally, the mod_logio module is now included.
Users of the Apache HTTP server should upgrade to these updated
packages, which contain backported patches that address these issues.
See also :
Update the affected httpd, httpd-devel and / or mod_ssl packages.
Risk factor :
Medium / CVSS Base Score : 5.0
Family: Red Hat Local Security Checks
Nessus Plugin ID: 12473 ()
CVE ID: CVE-2004-0113
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.