Apache version older than 1.3.37

Description
  • This alert was generated using only banner information. It may be a false positive.

    Security fixes in Apache version 1.3.37:
    • CVE-2006-3747 (cve.mitre.org) mod_rewrite: Fix an off-by-one security problem in the ldap scheme handling. For some RewriteRules this could lead to a pointer being written out of bounds. Reported by Mark Dowd of McAfee. [Mark Cox]

    Affected Apache versions (up to 1.3.36).
Remediation
  • Upgrade Apache to the latest version.
References