Apache 2.0.x < 2.0.47 Multiple Vulnerabilities (DoS, Encryption)
Medium Nessus Plugin ID 11788
SynopsisThe remote web server is affected by multiple vulnerabilities.
DescriptionThe remote host appears to be running a version of Apache 2.x prior to 2.0.47. It is, therefore, affected by multiple vulnerabilities :
- An issue in may occur when the SSLCipherSuite directive is used to upgrade a cipher suite which could lead to a weaker cipher suite being used instead of the upgraded one. (CVE-2003-0192)
- A denial of service vulnerability may exist in the FTP proxy component relating to the use of IPV6 addresses.
- An attacker may be able to craft a type-map file that could cause the server to enter an infinite loop.
SolutionUpgrade to Apache web server version 2.0.47 or later.