This script is Copyright (C) 2004-2015 Tenable Network Security, Inc.
The remote web server is affected by multiple vulnerabilities.
According to its Server response header, the remote host is running a
version of Apache 2.0.x prior to 2.0.51. It is, therefore, affected by
multiple vulnerabilities :
- An input validation issue in apr-util can be triggered
by malformed IPv6 literal addresses and result in a
buffer overflow (CVE-2004-0786).
- There is a buffer overflow that can be triggered when
expanding environment variables during configuration
file parsing (CVE-2004-0747).
- A segfault in mod_dav_ds when handling an indirect lock
refresh can lead to a process crash (CVE-2004-0809).
- A segfault in the SSL input filter can be triggered
if using 'speculative' mode by, for instance, a proxy
request to an SSL server (CVE-2004-0751).
- There is the potential for an infinite loop in mod_ssl
See also :
Upgrade to Apache 2.0.51 or later.
Risk factor :
Medium / CVSS Base Score : 5.1
CVSS Temporal Score : 4.4
Public Exploit Available : true
Family: Web Servers
Nessus Plugin ID: 14748 (apache_2_0_51.nasl)
Bugtraq ID: 1118511187
CVE ID: CVE-2004-0747CVE-2004-0748CVE-2004-0751CVE-2004-0786CVE-2004-0809
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.