|
|
|
|
|
|
|
| |
mod_ssl ssl_util_uuencode_binary Remote Overflow |
|
| This script is Copyright (C) 2004-2010 Tenable Network Security, Inc. |
|
|
| Family | Web Servers |
| Nessus Plugin ID | 12255 (mod_ssl_uuencode_binary.nasl) |
| Bugtraq ID | 10355
|
| CVE ID | CVE-2004-0488
|
|
| Description: |
Synopsis :
Arbitrary code can be executed on the remote host
Description :
The remote host is using a version of mod_ssl which is older than
2.8.18.
This version is vulnerable to a flaw which may allow an attacker to
disable the remote web site remotely, or to execute arbitrary code on
the remote host.
Note that several Linux distributions patched the old version of this
module. Therefore, this alert might be a false-positive. Please
check with your vendor to determine if you really are vulnerable to
this flaw.
Solution :
Upgrade to version 2.8.18 (Apache 1.3) or to Apache 2.0.50.
Risk factor :
High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
|
|
|
|
|
|
