This script is Copyright (C) 2017 Tenable Network Security, Inc.
The remote web server is affected by multiple vulnerabilities.
According to its banner, the version of Apache running on the remote
host is 2.2.x prior to 2.2.32. It is, therefore, affected by the
following vulnerabilities :
- The Apache HTTP Server is affected by a
man-in-the-middle vulnerability known as 'httpoxy' due
to a failure to properly resolve namespace conflicts in
accordance with RFC 3875 section 4.1.18. The HTTP_PROXY
environment variable is set based on untrusted user data
in the 'Proxy' header of HTTP requests. The HTTP_PROXY
environment variable is used by some web client
libraries to specify a remote proxy server. An
unauthenticated, remote attacker can exploit this, via a
crafted 'Proxy' header in an HTTP request, to redirect
an application's internal HTTP traffic to an arbitrary
proxy server where it may be observed or manipulated.
- A flaw exists due to improper handling of whitespace
patterns in user-agent headers. An unauthenticated,
remote attacker can exploit this, via a specially
crafted user-agent header, to cause the program to
incorrectly process sequences of requests, resulting in
interpreting responses incorrectly, polluting the cache,
or disclosing the content from one request to a second
downstream user-agent. (CVE-2016-8743)
Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.
See also :
Upgrade to Apache version 2.2.32 or later.
Note that the 'httpoxy' vulnerability can be mitigated by applying the
workarounds or patches as referenced in the vendor advisory
Risk factor :
Medium / CVSS Base Score : 5.1
CVSS Temporal Score : 4.2
Public Exploit Available : true