This alert was generated using only banner information. It may be a false positive.
Two potential security issues have been fixed in Apache version 1.3.34:
- If a request contains both Transfer-Encoding and Content-Length headers, remove the Content-Length, mitigating some HTTP Request Splitting/Spoofing attacks.
- Added TraceEnable [on|off|extended] per-server directive to alter the behavior of the TRACE method.
- Upgrade Apache to the latest version.
- WordPress Plugin MediaRSS external gallery TimThumb Arbitrary File Upload (0.1)
- WordPress Plugin WordPress Backup and Migrate-BackupGuard Multiple Unspecified Vulnerabilities (1.1.29)
- Apache 2.x version older than 2.0.49
- WordPress Plugin WP Mobile Detector Cross-Site Scripting (3.2)
- Joomla! Core 1.0.5 Security Bypass (1.0.5 - 1.0.5)