Apache < 2.0.44 MS-DOS Device Name DoS / Code Execution

high Log Correlation Engine Plugin ID 800550

Synopsis

The remote host is vulnerable to a Denial of Service (DoS) / Code Execution attack

Description

The remote host is running a version of Apache2 for Win32 which is older than 2.0.44. There are several flaws pre-2.0.44 which may allow an attacker to crash this host or even execute arbitrary code remotely. However, these bugs only affect WindowsME and Windows9x.

Solution

Upgrade to Apache 2.0.44 or higher.

See Also

http://www-01.ibm.com/support/docview.wss?uid=swg1IC48645

Plugin Details

Severity: High

ID: 800550

Family: Web Servers

Nessus ID: 11209

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Reference Information

CVE: CVE-2003-0016

BID: 6659