httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From yaber...@ca.ibm.com
Subject [users@httpd] Apache 1.3.41 and CVE-2012-0053
Date Fri, 03 May 2013 13:01:13 GMT
Hi,

We are trying to validate if Apache 1.3.41 is vulnerable to CVE-2012-0053.
Tenant Nessus vulnerability scanner seems to think it's but according to 
the advisory on Apache website and NIST vulnerability database, only 2.2.0 
to 2.2.21 are vulnerable to this.
I know Apache 1.3.x is not supported anymore but the security advisories 
are usually listed as "not fixed" on Apache Security Reports webpage.
Also, the advisory doesn't affect Apache 2.0.x

With all this being said, I believe it does not affect 1.3.x but I'm 
looking for more opinions.


Best regards,

Yannick Bergeron
Mime
View raw message