Apache < 2.0.51 Multiple Vulnerabilities

High Nessus Network Monitor Plugin ID 2254


The remote host is vulnerable to a Denial of Service (DoS) attack.


The remote host appears to be running a version of Apache 2.x that is older than 2.0.51. It is reported that these versions of Apache are prone to a denial of service issue related to mod_ssl. An attacker may force a SSL connection to be aborted and therefore cause the Apache server to enter in an infinite loop, consuming CPU resources.


Upgrade to version 2.0.51 or higher.

See Also


Plugin Details

Severity: High

ID: 2254

File Name: 2254.prm

Family: Web Servers

Published: 2004/09/03

Modified: 2016/01/21

Dependencies: 3057

Nessus ID: 14748

Risk Information

Risk Factor: High


Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C


Base Score: 7.5

Temporal Score: 6.5


Temporal Vector: CVSS3#E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:apache:http_server:2.0

Reference Information

CVE: CVE-2004-0751, CVE-2004-0786, CVE-2004-0811, CVE-2004-0809, CVE-2004-0748

BID: 11094, 11239