Apache 2.4 < 2.4.5 Multiple Vulnerabilities
High Log Correlation Engine Plugin ID 801401
SynopsisThe remote web server is affected by multiple vulnerabilities
DescriptionThe remote host is running a Apache HTTP server. Versions earlier than 2.4.5 are vulnerable to the following vulnerabilities :
- A denial of service vulnerability exists relating to the 'mod_dav' module as it relates to MERGE requests. (CVE-2013-1896)
- An error exists related to the 'mod_session_dbd' module, flags and session-saving having an unspecified impact.(CVE-2013-2249).
SolutionEither ensure that the affected modules are not in use or upgrade to Apache version 2.4.6 or later.