Apache < 2.2.8 Multiple Vulnerabilities

Low Log Correlation Engine Plugin ID 800581

Synopsis

The remote web server may be affected by several issues.

Description

The version of Apache installed on the remote host is advertising a version older than 2.2.8. Such versions may be affected by several issues, including :

- A cross-site scripting issue involving mod_imagemap (CVE-2007-5000).

- A cross-site scripting issue involving 413 error pages via a malformed HTTP method (PR 44014 / CVE-2007-6203).

- A cross-site scripting issue in mod_status involving the refresh parameter (CVE-2007-6388).

- A cross-site scripting issue in mod_proxy_balancer involving the worker route and worker redirect string of the balancer manager (CVE-2007-6421).

- A denial of service issue in the balancer_handler function in mod_proxy_balancer can be triggered by an authenticated user when a threaded Multi-Processing Module is used (CVE-2007-6422).

- A cross-site scripting issue using UTF-7 encoding in mod_proxy_ftp exists because it does not define a charset (CVE-2008-0005).

Solution

Upgrade to version 2.2.8 or higher.

See Also

http://www.apache.org/dist/httpd/CHANGES_2.2

http://httpd.apache.org/security/vulnerabilities_22.html

http://www.securityfocus.com/bid/26663

Plugin Details

Severity: Low

ID: 800581

File Name: 800581.prm

Family: Web Servers

Nessus ID: 31118

Risk Information

Risk Factor: Low

CVSSv2

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Reference Information

CVE: CVE-2007-5000, CVE-2007-6203, CVE-2007-6388, CVE-2007-6421, CVE-2007-6422, CVE-2008-0005, CVE-2007-6420, CVE-2007-6423

BID: 26663, 26838, 27234, 27236, 27237