The remote host is missing an update to apache announced via advisory DSA 021-1.
WireX have found some occurrences of insecure opening of temporary files in htdigest and htpasswd. Both programs are not installed setuid or setgid and thus the impact should be minimal. The Apache group has released another security bugfix which fixes a vulnerability in mod_rewrite which may result the remote attacker to access arbitrary files on the web server. We recommend you upgrade your Apache packages.
- Debian Security Advisory DSA 2821-1 (gnupg - side channel attack)
- Debian Security Advisory DSA 2625-1 (wireshark - several vulnerabilities)
- Debian Security Advisory DSA 1961-1 (bind9)
- Debian Security Advisory DSA 2606-1 (proftpd-dfsg - symlink race)
- Debian Security Advisory DSA 2650-2 (libvirt - files and device nodes ownership change to kvm group)