Summary
The host is running Apache HTTP Server and is prone to security bypass vulnerability.
Impact
Successful exploitation will allow remote attacker to bypass certain security restrictions. Other attacks are also possible.
Solution
Upgrade to Apache HTTP Server 2.2.22 or later,
For updates refer to http://svn.apache.org
Insight
The flaw is due to an error in 'inscoreboard.c', certain type field within a scoreboard shared memory segment leading to an invalid call to the free function.
Affected
Apache HTTP Server version before 2.2.22 on windows.
Detection
Get the installed version Apache HTTP Server with the help of detect NVT and check it is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2012-0031 -
CVSS Base Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Apache HTTP Server Multiple Remote Denial of Service Vulnerabilities
- Acme thttpd and mini_httpd Terminal Escape Sequence in Logs Command Injection Vulnerability
- bozotic HTTP server Denial of Service Vulnerability
- Jetty Cross Site Scripting and Information Disclosure Vulnerabilities
- Acritum Femitter Server 1.03 Multiple Remote Vulnerabilities