This alert was generated using only banner information. It may be a false positive.
By sending a specially crafted request followed by a reset packet it is possible to trigger a vulnerability in Apache mod_isapi that will unload the target ISAPI module from memory. However function pointers still remain in memory and are called when published ISAPI functions are referenced. This results in a dangling pointer vulnerability.
Affected Apache versions (up to 2.2.14 on Windows platform).
- Upgrade Apache to the latest version.
- WordPress Plugin Simple Ads Manager Arbitrary File Upload (2.5.94)
- WordPress Plugin DP Maintenance Mode Lite Cross-Site Scripting (1.3.2)
- WordPress Plugin Sabre 'tools.php' Cross-Site Scripting (1.2.0)
- WordPress Plugin Blogroll Fun-Show Last Post and Last Update Time Cross-Site Scripting (0.8.4)
- WordPress Plugin WP Legal Pages Cross-Site Scripting (1.0.1)