This alert was generated using only banner information. It may be a false positive.
Two potential security issues have been fixed in Apache version 1.3.34:
- If a request contains both Transfer-Encoding and Content-Length headers, remove the Content-Length, mitigating some HTTP Request Splitting/Spoofing attacks.
- Added TraceEnable [on|off|extended] per-server directive to alter the behavior of the TRACE method.
- Upgrade Apache to the latest version.
- WordPress Plugin MW WP Form Cross-Site Scripting (2.10.0)
- WordPress Plugin Embed Articles Multiple Vulnerabilities (7.0.3)
- WordPress Plugin Add Any Extension to Pages Cross-Site Scripting (1.3)
- WordPress Plugin WordPress Calls to Action Multiple Vulnerabilities (2.3.7)
- WordPress Plugin Gallery Objects SQL Injection (0.4)