Apache prior 1.3.31 and prior 2.0.49 connection blocking denial of service 1.0
 
Plugin ID310
Plugin nameApache prior 1.3.31 and prior 2.0.49 connection blocking denial of service
Plugin filenameApache prior 1.3.31 and prior 2.0.49 connection blocking denial of service.plugin
Plugin filesize3040 bytes
Plugin familyHTTP
Plugin created nameMarc Ruef
Plugin created emailmarc.ruef at computec.ch
Plugin created webhttp://www.computec.ch
Plugin created companycomputec.ch
Plugin created date2005/01/05
Plugin version1.0
Plugin protocoltcp
Plugin port80
Plugin procedure detectionopen|sleep|close|pattern_exists|open|send HEAD / HTTP/1.0\n\n|sleep|close|pattern_exists HTTP/#.# ###*Server: Apache*1.[0-2].* OR HTTP/#.# ###*Server: Apache*1.3.[0-2]* OR HTTP/#.# ###*Server: Apache*1.3.3[0-1]* OR HTTP/#.# ###*Server: Apache*2.0.[0-3]* OR HTTP/#.# ###*Server: Apache*2.0.4[0-9]*
Plugin detection accuracy85
Plugin commentThe NASL script is Copyright (C) 2004 Scott Shebby
Bug produced nameApache Software Foundation
Bug produced emailapache at apache dot org
Bug produced webhttp://httpd.apache.org
Bug affectedApache prior 1.3.31 and prior 2.0.49
Bug not affectedApache prior 1.3.31 and prior 2.0.49 on Linux and FreeBSD, newer versions or other web server solutions.
Bug vulnerability classDenial Of Service
Bug false positivesThis script is not able to detect if the target host is running Linux or FreeBSD.
Bug descriptionThe remote web server appears to be running a version of Apache that is less that 2.0.49 or 1.3.31. These versions are vulnerable to a denial of service attack where a remote attacker can block new connections to the server by connecting to a listening socket on a rarely accessed port.
Bug solutionUpgrade to Apache 2.0.49 or 1.3.31.
Bug fixing timeApprox. 20 minutes
Bug exploit availabilityMaybe
Bug exploit urlhttp://www.securityfocus.com/bid/9921/exploit/
Bug remoteYes
Bug localYes
Bug severityMedium
Bug popularity6
Bug simplicity7
Bug impact7
Bug risk7
Bug check toolsNessus can check this flaw with the plugin 12280 (Apache Connection Blocking Denial of Service).
Source CVECAN-2004-0174
Source SecurityFocus BID9921
Source Nessus ID12280
Source LiteratureHacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427
Source Misc.http://www.computec.ch

This file was generated by the Attack Tool Kit (ATK), the open-sourced security scanner and exploiting framework.