Apache 2.x version older than 2.2.9

Apache 2.x version older than 2.2.9

Published on 2009-02-26. Updated on 2009-02-26.

Description:

Fixed in Apache httpd 2.2.9:

• low: mod_proxy_balancer CSRF CVE-2007-6420
  The mod_proxy_balancer provided an administrative interface that could be vulnerable to cross-site request forgery (CSRF) attacks.
• moderate: mod_proxy_http DoS CVE-2008-2364
  A flaw was found in the handling of excessive interim responses from an origin server when using mod_proxy_http. A remote attacker could cause a denial of service or high memory usage.

Affected Apache versions (2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0).

Impact:
Check references for details about every vulnerability.

Recommendation:
Upgrade Apache 2.x to the latest version.

Tags: Scripts

Alert Tags: configuration
ApplicableApplicationServer : All
ApplicableOS: All
ApplicableWebServer: Apache

References:

Apache homepage

Apache httpd 2.2 vulnerabilities

Go Back

• Product Information
• Download
• Product Tour
• Brochure (PDF)
• Pricing
• Testimonials
• Customer references
• Resell Acunetix
• Acunetix in the Press
• List of vulnerability checks

• Learn more
• SQL Injection
• Cross site scripting
• Web Security
• Directory Traversal
• Ajax Application Security
• Google Hacking