Apache < 2.0.46 Multiple Vulnerabilities

Medium Log Correlation Engine Plugin ID 800571


The remote host is vulnerable to a Denial of Service (DoS) attack.


The remote server is running a version of Apache 2.x which is older than 2.0.45.
This version is vulnerable to various flaw :
- There is a denial of service attack which may allow the attacker to disable this server remotely.
- The httpd process leaks file descriptors to child processes such as CGI scripts. An attacker who has the ability to execute arbitrary CGI scripts on this server (include PHP code) would be able to write arbitrary data in the files pointed to (in particular the log files).


Upgrade to Apache 2.0.46

See Also


Plugin Details

Severity: Medium

ID: 800571

File Name: 800571.prm

Family: Web Servers

Nessus ID: 11507

Risk Information

Risk Factor: Medium


Base Score: 7.8

Temporal Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Reference Information

CVE: CVE-2003-0083, CVE-2003-0132

BID: 7255, 7254