Apache HTTP Server 2.4.6, 2.4.7, 2.4.9 Vulnerability

Medium Nessus Network Monitor Plugin ID 700213

Synopsis

The remote web server is affected by a vulnerability.

Description

Versions of Apache HTTP server 2.4.6, 2.4.7, and 2.4.9 are unpatched for the following vulnerability:

- A crash in Connection header handling, which can lead to denial of service against a reverse proxy (CVE-2014-0117)

Solution

Upgrade to Apache HTTP Server 2.4.10, or later.

Apache HTTP Server 2.4.6, 2.4.7, 2.4.9 Vulnerability

Synopsis

Description

Solution

See Also

Plugin Details

Risk Information

CVSSv2

Vulnerability Information

Reference Information