Jump to content

Apache Proxy version 2.4.46 / Nessus results


Recommended Posts

Hi,
We're currently using Eset within a PCI Compliant environment
as part of that we need to run quarterly nessus scans
I ran one just recently and something cropped up regarding the version of Apache Proxy used by Eset

Currently the latest version from eset is 2.4.46

High    150280    Apache 2.4.x < 2.4.47 Multiple Vulnerabilities
The version of Apache httpd installed on the remote host is prior to 2.4.47. It is, therefore, affected by multiple vulnerabilities as referenced in the 2.4.47 changelog:
IAVA:  2021-A-0259
CVE:  CVE-2019-17567, CVE-2020-13938, CVE-2020-13950, CVE-2020-35452, CVE-2021-26690, CVE-2021-26691, CVE-2021-30641

Medium    150244    Apache 2.4.x < 2.4.48 Vulnerability
The version of Apache httpd installed on the remote host is prior to 2.4.48. It is, therefore, affected by a vulnerability as referenced in the 2.4.48 changelog.
IAVA:  2021-A-0259
CVE:  CVE-2021-31618

Are there any plans to update the version of apache proxy used by eset?
I'll probably have to look into using the apache sources otherwise

Many Thanks

Link to comment
Share on other sites

  • Administrators

Please open a support ticket with your local ESET distributor. I assume that most (if not all vulnerabilities) you've listed do not affect the Apache http proxy that ESET provides.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...