virus logo Intrusion Prevention

Apache.Server-Status.Info.Leak

description-logoDescription

This indicates an attempt to exploit an Information Disclosure vulnerability in Apache server.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. A remote attacker can exploit this to gain unauthorized access to information such as IP addresses of people accessing the server, files being accessed, etc.

affected-products-logoAffected Products

Apache HTTP Server

Impact logoImpact

Information Disclosure: Remote attackers can gain information from vulnerable systems.

recomended-action-logoRecommended Actions

Disable server status on Apache servers.
http://httpd.apache.org/docs/2.2/mod/mod_status.html

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

http://urlfind.org/?server-status
ID 33784
Created Nov 23, 2012
Updated Feb 04, 2015
Risk black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
CVE ID
Default Action pass
Active
Affected OS All
Affected App Apache