Medium Nessus Plugin ID 24429
SynopsisThe remote host is missing a vendor-supplied security patch
DescriptionThe remote host is missing the patch for the advisory SUSE-SA:2006:051 (apache2).
The web server Apache2 has been updated to fix several security issues:
The security fix for CVE-2005-3357 (denial of service) broke the earlier security fix for SSL verification (CVE-2005-2700). This problem has been corrected.
Additionally a cross site scripting bug with the 'Expect' header error reporting was fixed (CVE-2006-3918). The Apache foundation does not consider this a security problem.