Apache < 2.0.44 DOS Device Name Multiple Remote Vulnerabilities (Code Exec, DoS)

High Nessus Plugin ID 11209


The remote web server is affected by multiple remote vulnerabilities.


The remote host appears to be running a version of Apache for Windows that is older than 2.0.44.

There are several flaws in this version that allow an attacker to crash this host or even execute arbitrary code remotely, but it only affects WindowsME and Windows9x.

*** Note that Nessus solely relied on the version number
*** of the remote server to issue this warning. This might
*** be a false positive.


Upgrade to Apache 2.0.44 or later.

See Also


Plugin Details

Severity: High

ID: 11209

File Name: apache_win32_devname.nasl

Version: $Revision: 1.22 $

Type: remote

Family: Web Servers

Published: 2003/01/22

Modified: 2018/01/23

Dependencies: 48204

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C


Base Score: 7.3

Temporal Score: 6.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:apache:http_server

Required KB Items: installed_sw/Apache

Exploit Available: false

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 2003/01/20

Reference Information

CVE: CVE-2003-0016

BID: 6659

OSVDB: 9708, 9709

Secunia: 20493