Summary
The host is running Apache HTTP Server and is prone to denial of service vulnerability.
Impact
Successful exploitation will allow remote attacker to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module.
Solution
Upgrade to Apache HTTP Server 2.2.25 or later,
For updates refer to http://svn.apache.org
Insight
The flaw is due to an error in 'mod_dav.c', It does not properly determine whether DAV is enabled for a URI.
Affected
Apache HTTP Server version before 2.2.25 on windows.
Detection
Get the installed version Apache HTTP Server with the help of detect NVT and check it is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2013-1896 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P
Related Vulnerabilities