Apache < 1.3.31 mod_access IP Address Netmask Rule Bypass

High Nessus Plugin ID 14177


The remote web server is affected by an access control bypass vulnerability.


The remote host is running a version of Apache web server prior to 1.3.31. It is, therefore, affected by an access control bypass vulnerability due to a failure, on big-endian 64-bit platforms, to properly match 'allow' or 'deny' rules that contain an IP address but lack a corresponding netmask.

Nessus has determined the vulnerability exists only by looking at the Server header returned by the web server running on the target. If the target is not a big-endian 64-bit platform, consider this a false positive.


Upgrade to Apache web server version 1.3.31 or later.

See Also




Plugin Details

Severity: High

ID: 14177

File Name: apache_access_wo_netmask.nasl

Version: $Revision: 1.27 $

Type: remote

Family: Web Servers

Published: 2004/07/31

Modified: 2018/01/23

Dependencies: 48204, 12634

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:H/RL:OF/RC:C


Base Score: 7.3

Temporal Score: 7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:apache:http_server

Required KB Items: installed_sw/Apache, Settings/ParanoidReport

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 2004/03/08

Reference Information

CVE: CVE-2003-0993

BID: 9829

OSVDB: 4181

GLSA: GLSA 200405-22

MDKSA: MDKSA-2004:046

SSA: SSA:2004-133-01

Secunia: 11088, 11681, 11719, 12246