Apache < 2.0.44 Illegal Character Default Script Mapping Bypass
Medium Nessus Plugin ID 11210
SynopsisThe remote web server is affected by a request file disclosure vulnerability.
DescriptionThe remote host appears to be running a version of Apache for Windows that is older than 2.0.44. Such versions are reportedly affected by a flaw that allows an attacker to read files that they should not have access to by appending special characters to them.
SolutionUpgrade to Apache 2.0.44 or later.