Sir
By Nessus 3.0.6.1 Build W321 (Nessus website: www.nessus.org ) tested the LS-WSGL/R1a .
There is :
http (80/tcp)
Synopsis :
The remote version of Apache is vulnerable to an off-by-one buffer
overflow attack.
Description :
The remote host appears to be running a version of Apache which is
older than 1.3.37.
This version contains an off-by-one buffer overflow in the mod_rewrite
module.
See Also :
http://lists.grok.org.uk/piperma ... 06-July/048265.html
http://www.apache.org/dist/httpd/CHANGES_1.3
http://lists.grok.org.uk/piperma ... 06-July/048269.html
Solution:
Upgrade to version 1.3.37 or later.
Risk Factor :
High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC/Au:N/C/I/A)
Plugin output :
According to its banner, Apache version 1.3.34 is installed on the
remote host.
CVE : CVE-2006-3747
BID : 19204
Other references : OSVDB:27588
Plugin ID : 31654
Help !!!
THX
chenmu
Message Edited by chenmu on 06-13-2009 08:50 AM
Message Edited by chenmu on 06-13-2009 08:51 AM