This script is Copyright (C) 2008-2014 Tenable Network Security, Inc.
The remote version of Apache is affected by multiple vulnerabilities.
The remote host appears to be running a version of Apache that is
older than 2.0.55. It is, therefore affected by multiple
- A security issue exists where 'SSLVerifyClient' is not
enforced in per-location context if 'SSLVerifyClient
optional' is configured in the vhost configuration.
- A denial of service vulnerability exists when processing
a large byte range request, as well as a flaw in the
'worker.c' module which could allow an attacker to force
this service to consume excessive amounts of memory.
- When Apache is acting as a proxy, it is possible for a
remote attacker to poison the web cache, bypass web
application firewall protection, and conduct cross-site
scripting attacks via an HTTP request with both a
'Transfer-Encoding: chunked' header and a
'Content-Length' header. (CVE-2005-2088)
- Multiple integer overflows exists in PCRE in quantifier
parsing which could be triggered by a local user through
use of a specially crafted regex in an .htaccess file.
- An issue exists where the byte range filter buffers
responses into memory. (CVE-2005-2728)
- An off-by-one overflow exists in mod_ssl while printing
CRL information at 'LogLevel debug' which could be
triggered if configured to use a 'malicious CRL'.
See also :
Upgrade to version 2.0.55 or newer.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.2
Public Exploit Available : true
Family: Web Servers
Nessus Plugin ID: 31656 (apache_2_0_55.nasl)
Bugtraq ID: 141061436614620146601472115762
CVE ID: CVE-2005-1268CVE-2005-2088CVE-2005-2491CVE-2005-2700CVE-2005-2728CVE-2005-2970
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.