Welcome to MobyThreads.com!
FAQFAQ      ProfileProfile    Private MessagesPrivate Messages   Log inLog in
All support for the MobyThreads Threaded phpBB MOD can now be found on welsolutions at this forum

Apache 2.0.47 and Security Hole with nessus?

  
   Web Hosting and Web Master Forums (Home) -> Apache RSS
Next:  Procedure for installing mod_ssl on Apache  
Author Message
darsenault

External


Since: Dec 02, 2003
Posts: 1



(Msg. 1) Posted: Wed Dec 03, 2003 12:46 am
Post subject: Apache 2.0.47 and Security Hole with nessus?
Archived from groups: alt>apache>configuration (more info?)
Hello...

I have installed the Apache server 2.0.47 on a WINSERVER2000 machine. I am
using it only to serve simple HMTL. I have not specifically installed or
configured Tomcat.

As a precautionary measure, I hit the box using a nessus client from Linux.
When nessus executes its http (80/tcp) tests, it showed that it was possible
to crash windows or the web server by reading a 1000 times, a DOS device
through Tomcat and indicates the following solution: "upgrade your Apache
Tomcat web server to version 4.1.10."

As I mentioned, I never installed Tomcat. Is Tomcat distributed with the
Apache server? Must I upgrade or can I un-install it? Or is nessus assuming
too much?

Thanks
-(dan)

 >> Stay informed about: Apache 2.0.47 and Security Hole with nessus? 
Back to top
Login to vote
Display posts from previous:   
Related Topics:
CGI-BIN security - Hi ! I have a cgi-bin directory (OS=linux), defined as: <Directory "/myweb/cgi-bin"> AllowOverride AuthConfig Header set Cache-Control "no-cache" Header set Pragma "no-cache" Options None AuthName...

Security Question - This might be a stupid question however I never refrain from asking them. The following lines were logged several times over with different clients logged. [error] [client 24.1.32.111] File does not exist: /usr/local/www/scripts/root.exe [error] [clien...

chmod 777 and security - hey all, If I 'chmod 777' my apache directory (yeah, the whole thing, not just working dir), who can take advantage of this? Just people on my LAN, or users outside it too? Thanks!

Security Question??? - Hello all, I've recently installed Apache.(just a few days ago) Today I looked at my logs to find some unusual queries. I run SuSE Linux 8.2, Apache 2.0.4.7. #1---> ((( the hostname ))) - - [30/Jul/2003:11:50:52 -0500] "GET /default.ida?XXXXX...

IP based and name based ... security flaw? - I have a strange problem. I have a apache webserver with Jakarta tomcat running.... binded with MOD_JK so I can access them both on port 80. When I access the server by servername like http://infoserver.intranet.com there is no problem... When I access...
   Web Hosting and Web Master Forums (Home) -> Apache All times are: Pacific Time (US & Canada) (change)
Page 1 of 1

 
 You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



[ Contact us | Terms of Service/Privacy Policy ]