Apache < 2.0.44 MS-DOS Device Name DoS / Code Execution

High Nessus Network Monitor Plugin ID 1497

Synopsis

The remote server is running a web server that is affected by several issues

Description

The remote host is running a version of Apache2 for Win32 which is older than 2.0.44. There are several flaws pre-2.0.44 which may allow an attacker to crash this host or even execute arbitrary code remotely. However, these bugs only affect WindowsME and Windows9x.

Solution

Upgrade to Apache 2.0.44 or higher.

See Also

http://www-01.ibm.com/support/docview.wss?uid=swg1IC48645

Plugin Details

Severity: High

ID: 1497

File Name: 1497.prm

Family: Web Servers

Published: 2004/08/20

Modified: 2016/11/23

Dependencies: 3057

Nessus ID: 11209

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSSv3

Base Score: 7.3

Temporal Score: 6.4

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:apache:http_server:2.0

Reference Information

CVE: CVE-2003-0016

BID: 6659