This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.
The remote FreeBSD host is missing one or more security-related
mod_http2 reports :
The Apache HTTPD web server (from 2.4.17-2.4.23) did not apply
limitations on request headers correctly when experimental module for
the HTTP/2 protocol is used to access a resource.
The net result is that a the server allocates too much memory instead
of denying the request. This can lead to memory exhaustion of the
server by a properly crafted request.
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 5.0