According to its banner, the version of Apache running on the remote host is 2.4.x prior to 2.4.25. It is, therefore, affected by the following vulnerabilities :
A flaw exists in the mod_session_crypto module due to encryption for data and cookies using the configured ciphers with possibly either CBC or ECB modes of operation (AES256-CBC by default). An unauthenticated, remote attacker can exploit this, via a padding oracle attack, to decrypt information without knowledge of the encryption key, resulting in the disclosure of potentially sensitive information. (CVE-2016-0736)
A denial of service vulnerability exists in the mod_auth_digest module during client entry allocation. An unauthenticated, remote attacker can exploit this, via specially crafted input, to exhaust shared memory resources, resulting in a server crash. (CVE-2016-2161)
The Apache HTTP Server is affected by a man-in-the-middle vulnerability known as ‘httpoxy’ due to a failure to properly resolve namespace conflicts in accordance with RFC 3875 section 4.1.18. The HTTP_PROXY environment variable is set based on untrusted user data in the ‘Proxy’ header of HTTP requests. The HTTP_PROXY environment variable is used by some web client libraries to specify a remote proxy server. An unauthenticated, remote attacker can exploit this, via a crafted ‘Proxy’ header in an HTTP request, to redirect an application’s internal HTTP traffic to an arbitrary proxy server where it may be observed or manipulated. (CVE-2016-5387)
A denial of service vulnerability exists in the mod_http2 module due to improper handling of the LimitRequestFields directive. An unauthenticated, remote attacker can exploit this, via specially crafted CONTINUATION frames in an HTTP/2 request, to inject unlimited request headers into the server, resulting in the exhaustion of memory resources. (CVE-2016-8740)
A flaw exists due to improper handling of whitespace patterns in user-agent headers. An unauthenticated, remote attacker can exploit this, via a specially crafted user-agent header, to cause the program to incorrectly process sequences of requests, resulting in interpreting responses incorrectly, polluting the cache, or disclosing the content from one request to a second downstream user-agent. (CVE-2016-8743)
A CRLF vulnerability exists in the mod_userdir module. An unauthenticated, remote attacker can exploit this, allowing HTTP response splitting attacks. (CVE-2016-4975)
Note that the scanner has not tested for these issues but has instead relied only on the application’s self-reported version number.
No source data
Vendor | Product | Version | CPE |
---|---|---|---|
apache | http_server | * | cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:* |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4975
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8740
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743
archive.apache.org/dist/httpd/CHANGES_2.4.25
httpd.apache.org/security/vulnerabilities_24.html#2.4.25
httpoxy.org
www.apache.org/security/asf-httpoxy-response.txt