Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Apache 2.4 < 2.4.5 Multiple Vulnerabilities

High

Synopsis

The remote web server is affected by multiple vulnerabilities

Description

The remote host is running a Apache HTTP server. Versions earlier than 2.4.5 are vulnerable to the following vulnerabilities :

- A denial of service vulnerability exists relating to the 'mod_dav' module as it relates to MERGE requests. (CVE-2013-1896)

- An error exists related to the 'mod_session_dbd' module, flags and session-saving having an unspecified impact.(CVE-2013-2249).

Solution

Either ensure that the affected modules are not in use or upgrade to Apache version 2.4.6 or later.