Apache <= 2.0.51 Satisfy Directive Access Control Bypass

This script is Copyright (C) 2004-2015 Tenable Network Security, Inc.

Synopsis :

The remote web server is affected by an access control bypass

Description :

The remote host is running Apache web server 2.0.51. It is reported
that this version of Apache is vulnerable to an access control bypass
attack. This issue occurs when using the 'Satisfy' directive. An
attacker may gain unauthorized access to restricted resources if
access control relies on this directive.

Solution :

Upgrade to Apache web server 2.0.52 or later.

Risk factor :

High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.5
Public Exploit Available : true

Family: Web Servers

Nessus Plugin ID: 14803 (apache_2_0_52.nasl)

Bugtraq ID: 11239

CVE ID: CVE-2004-0811

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now