AnsweredAssumed Answered

Apache Vulnerability on my SBS 2003

Question asked by Dennis Riggs on Jun 9, 2011
Latest reply on Jun 12, 2011 by qualyschris

My latest vulnerability scan on my SBS 2003 server produced a new level 5 vulnerability and I don't understand why.


QID 62042

Apache Mod_Proxy Remote Negative Content-Length Buffer Overflow Vulnerability         port 6515/tcp


Threat: Apache Web server includes a proxy moduel (mod_proxy) to privide a proxy/cache for FTP, HTTP, and SSL


Solution: Apache fixed the security issue in Apache HTTP Server 2.x series


Why would this vulnerability just show up for the first time (I do weekly scans on my Small Business Server 2003)?


Would Apache Web Server even be installed and running on my SBS?  How do I know?

From what I have researched Apache is not even recommended to be running with a SBS.


Is this vulnerability for real or a false positive? 


Any suggestions as to what I need to do to resolve this issue?