This script is Copyright (C) 2004-2014 George A. Theall
The remote web server is affected by an access control bypass
The remote host is running a version of Apache web server earlier than
1.3.31. Such versions are reportedly affected by an access control
bypass vulnerability. In effect, on big-endian 64-bit platforms,
Apache fails to match allow or deny rules containing an IP address but
not a netmask.
***** Nessus has determined the vulnerability exists only by looking
at ***** the Server header returned by the web server running on the
target. ***** If the target is not a big-endian 64-bit platform,
consider this a ***** false positive.
See also :
Upgrade to Apache web server version 1.3.31 or newer.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.5
Public Exploit Available : true
Family: Web Servers
Nessus Plugin ID: 14177 (apache_access_wo_netmask.nasl)
Bugtraq ID: 9829
CVE ID: CVE-2003-0993
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.