Apache 2.x version older than 2.2.10

  • This alert was generated using only banner information. It may be a false positive.

    Fixed in Apache httpd 2.2.10:
    • low: mod_proxy_ftp globbing XSS CVE-2008-2939
      A flaw was found in the handling of wildcards in the path of a FTP URL with mod_proxy_ftp. If mod_proxy_ftp is enabled to support FTP-over-HTTP, requests containing globbing characters could lead to cross-site scripting (XSS) attacks.

    Affected Apache versions (2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0).
  • Upgrade Apache 2.x to the latest version.