icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

mod_ssl < 2.8.10 Wildcard DNS Server Name XSS

Medium

Synopsis

The remote host is using a version of mod_ssl which is older than 2.8.10.

Description

The remote host is using a version of mod_ssl which is older than 2.8.10. This version is vulnerable to a flaw which may allow an attacker to successfully perform a cross-site scripting attack. *** Note that several Linux distributions (such as RedHat) patched this CGI without increasing its version number, therefore this might be a false positive.

Solution

Upgrade to mod_ssl 2.8.10 or higher.