Text only | Text with Images

Buffalo Forums

Products => Storage => Topic started by: chenmu on June 13, 2009, 08:48:05 AM

Title: Has LS-WSGL/R1 the High / CVSS Base Score : 7.5 ? HELP !!!
Post by: chenmu on June 13, 2009, 08:48:05 AM
   

Sir

By Nessus 3.0.6.1 Build W321 (Nessus website: www.nessus.org ) tested  the LS-WSGL/R1a .

 

There is :

 

http (80/tcp)
   

Synopsis :

The remote version of Apache is vulnerable to an off-by-one buffer
overflow attack.


Description :

The remote host appears to be running a version of Apache which is
older than 1.3.37.

This version contains an off-by-one buffer overflow in the mod_rewrite
module.


See Also :

http://lists.grok.org.uk/piperma ... 06-July/048265.html
http://www.apache.org/dist/httpd/CHANGES_1.3
http://lists.grok.org.uk/piperma ... 06-July/048269.html


Solution:

Upgrade to version 1.3.37 or later.


Risk Factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC/Au:N/C/I/A)

Plugin output :

According to its banner, Apache version 1.3.34 is installed on the
remote host.

CVE : CVE-2006-3747
BID : 19204
Other references : OSVDB:27588
Plugin ID : 31654

Help !!!

 

THX

 

chenmu

Message Edited by chenmu on 06-13-2009 08:50 AM
Message Edited by chenmu on 06-13-2009 08:51 AM
Text only | Text with Images
Browser ID: smf (is_webkit)
Templates: 1: Printpage (default).
Sub templates: 4: init, print_above, main, print_below.
Language files: 1: index+Modifications.english (default).
Style sheets: 0: .
Hooks called: 45 (show)
Files included: 27 - 1055KB. (show)
Memory used: 735KB.
Tokens: post-login.
Queries used: 10.

[Show Queries]