Jump to content

Apache Proxy version 2.4.46 / Nessus results

Recommended Posts

We're currently using Eset within a PCI Compliant environment
as part of that we need to run quarterly nessus scans
I ran one just recently and something cropped up regarding the version of Apache Proxy used by Eset

Currently the latest version from eset is 2.4.46

High    150280    Apache 2.4.x < 2.4.47 Multiple Vulnerabilities
The version of Apache httpd installed on the remote host is prior to 2.4.47. It is, therefore, affected by multiple vulnerabilities as referenced in the 2.4.47 changelog:
IAVA:  2021-A-0259
CVE:  CVE-2019-17567, CVE-2020-13938, CVE-2020-13950, CVE-2020-35452, CVE-2021-26690, CVE-2021-26691, CVE-2021-30641

Medium    150244    Apache 2.4.x < 2.4.48 Vulnerability
The version of Apache httpd installed on the remote host is prior to 2.4.48. It is, therefore, affected by a vulnerability as referenced in the 2.4.48 changelog.
IAVA:  2021-A-0259
CVE:  CVE-2021-31618

Are there any plans to update the version of apache proxy used by eset?
I'll probably have to look into using the apache sources otherwise

Many Thanks

Link to comment
Share on other sites

  • Administrators

Please open a support ticket with your local ESET distributor. I assume that most (if not all vulnerabilities) you've listed do not affect the Apache http proxy that ESET provides.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

  • Create New...