ID de Prueba:	1.3.6.1.4.1.25623.1.0.114683
Categoría:	Web Servers
Título:	Apache HTTP Server < 2.4.60 Multiple Vulnerabilities - Windows
Resumen:	Apache HTTP Server is prone to multiple vulnerabilities.
Descripción:	Summary: Apache HTTP Server is prone to multiple vulnerabilities. Vulnerability Insight: The following flaws exist: - CVE-2024-36387: Denial of Service (DoS) by Null pointer in websocket over HTTP/2 - CVE-2024-38472: Windows UNC Server-Side Request Forgery (SSRF) - CVE-2024-38473: Proxy encoding problem - CVE-2024-38474: Weakness with encoded question marks in backreferences - CVE-2024-38475: Weakness in mod_rewrite when first segment of substitution matches filesystem path - CVE-2024-38476: May use exploitable/malicious backend application output to run local handlers via internal redirect - CVE-2024-38477: Crash resulting in DoS in mod_proxy via a malicious request - CVE-2024-39573: mod_rewrite proxy handler substitution Affected Software/OS: Apache HTTP Server version 2.4.59 and prior. Solution: Update to version 2.4.60 or later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2024-36387 Common Vulnerability Exposure (CVE) ID: CVE-2024-38472 Common Vulnerability Exposure (CVE) ID: CVE-2024-38473 Common Vulnerability Exposure (CVE) ID: CVE-2024-38474 Common Vulnerability Exposure (CVE) ID: CVE-2024-38475 Common Vulnerability Exposure (CVE) ID: CVE-2024-38476 Common Vulnerability Exposure (CVE) ID: CVE-2024-38477 Common Vulnerability Exposure (CVE) ID: CVE-2024-39573
Copyright	Copyright (C) 2024 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.