This script is Copyright (C) 2004-2015 George A. Theall
The remote web server is affected by an access control bypass
The remote host is running a version of Apache web server prior to
1.3.31. It is, therefore, affected by an access control bypass
vulnerability due to a failure, on big-endian 64-bit platforms, to
properly match 'allow' or 'deny' rules that contain an IP address but
lack a corresponding netmask.
Nessus has determined the vulnerability exists only by looking at the
Server header returned by the web server running on the target. If the
target is not a big-endian 64-bit platform, consider this a false
See also :
Upgrade to Apache web server version 1.3.31 or later.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.5
Public Exploit Available : true
Family: Web Servers
Nessus Plugin ID: 14177 (apache_access_wo_netmask.nasl)
Bugtraq ID: 9829
CVE ID: CVE-2003-0993
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.