Fixed 1 Problem Found Another

Sysmin

New Member
Joined
Sep 8, 2010
Location
Vancouver
So i fixed my issues(in previous thread) however a new problem occurred.
Security Vulnerabilities
Protocol Port Program Risk Summary
TCP 80 http 10 Synopsis : The remote web server is affected by a heap based buffer overflow vulnerability. Description : The remote web server appears to be running a version of Apache that is older than version 1.3.32. This version is reportedly vulnerable to a heap based buffer overflow in proxy_util.c for mod_proxy. This issue may lead remote attackers to cause a denial of service and possibly execute arbitrary code on the server. See also : http://archives.neohapsis.com/archives/f ulldisclosure/2004-06/0276.html http://archives.neohapsis.com/archives/f ulldisclosure/2004-06/0279.html http://rhn.redhat.com/errata/RHSA-2004-2 45.html Solution: Upgrade to Apache 1.3.32 or later. Risk Factor: Critical / CVSS Base Score : 10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C) CVSS Temporal Score : 8.3 (CVSS2#E:F/RL:OF/RC:C) CVE : CVE-2004-0492 BID : 10508 Other references : OSVDB:6839, Secunia:11841, Secunia:11854, Secunia:11859, Secunia:11866, Secunia:11917, Secunia:11946, Secunia:11957, Secunia:11968, Secunia:12971, Secunia:13115

TCP 80 http 5 Synopsis : The remote web server is vulnerable to a denial of service attack. Description : The remote web server appears to be running a version of Apache that is less that 2.0.49 or 1.3.31. These versions are vulnerable to a denial of service attack where a remote attacker can block new connections to the server by connecting to a listening socket on a rarely accessed port. Note that this issue is known to affect some versions of AIX, Solaris, and Tru64 and known to not affect FreeBSD or Linux. See also : http://archives.neohapsis.com/archives/b ugtraq/2004-03/0192.html Solution: Upgrade to Apache 2.0.49 or 1.3.31. Risk Factor: Medium / CVSS Base Score : 5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:p) CVSS Temporal Score : 3.7 (CVSS2#E:U/RL:OF/RC:C) CVE : CVE-2004-0174 BID : 9921 Other references : OSVDB:4383

TCP 80 http 4 Synopsis : Debugging functions are enabled on the remote web server. Description : The remote webserver supports the TRACE and/or TRACK methods. TRACE and TRACK are HTTP methods that are used to debug web server connections. See also : http://www.cgisecurity.com/whitehat-mirr or/WH-WhitePaper_XST_ebook.pdf http://www.apacheweek.com/issues/03-01-2 4 http://www.kb.cert.org/vuls/id/288308 http://www.kb.cert.org/vuls/id/867593 http://sunsolve.sun.com/search/document. do?assetkey=1-66-200942-1 Solution: Disable these methods. Refer to the plugin output for more information. Risk Factor: Medium / CVSS Base Score : 4.3 (CVSS2#AV:N/AC:M/Au:N/C:p/I:N/A:N) CVSS Temporal Score : 3.7 (CVSS2#E:H/RL:OF/RC:C) CVE : CVE-2003-1567, CVE-2004-2320, CVE-2010-0386 BID : 9506, 9561, 11604, 33374, 37995 Other references : OSVDB:877, OSVDB:3726, OSVDB:5648, OSVDB:50485

The only thing I can think of that is running Apache is our Exchange server running 2010 with an OWA interface as well as a remote connection for outlook anywhere.

Any ideas?
Thanks
 
Top Bottom