This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote web server is affected by a buffer overflow
According to its self-reported banner, the version of Apache 2.2
installed on the remote host is older than 2.2.13. As such, it
includes a bundled version of the Apache Portable Runtime (APR)
library that contains a flaw in 'apr_palloc()' that could cause a heap
Note that the Apache HTTP server itself does not pass unsanitized,
user-provided sizes to this function so it could only be triggered
through some other application that uses it in a vulnerable way.
See also :
Upgrade to Apache 2.2.13 or later.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 7.4
Public Exploit Available : false