Answered step by step
Verified Expert Solution
Link Copied!
Question
1 Approved Answer

A vulnerability scan returned the following results for a web server that hosts multiple wiki sites: Apache-HTTPD-cve-2014-023: Apache HTTPD: mod_cgid denial of service CVE-20140231 Due

A vulnerability scan returned the following results for a web server that hosts multiple wiki sites: Apache-HTTPD-cve-2014-023: Apache HTTPD: mod_cgid denial of service CVE-20140231
Due to a flaw found in mog_cgid, a server using mod_cgid to host CGI scripts could be vulnerable to a DoS attack caused by a remote attacker who is exploiting a weakness in non-standard input, causing processes to hang indefinitely.
image text in transcribed
The security analyst has confirmed the server hosts standard CGI scripts for the wiki sites, does not have mod_cgid installed, is running Apache 2.2.22, and is not behind a WAF. The server is located in the DMZ, and the purpose of the server is to allow customers to add entries into a publicly accessible database.
Which of the following would be the MOST efficient way to address this finding? (Choose one)
Place the server behind a WAF to prevent DoS attacks from occurring.
Document the finding as a false positive.
Upgrade to the newest version of Apache.
Disable the HTTP service and use only HTTPS to access the server.
FRIENDS! PLEASE USE YOUR OWN KNOWLEDGE. I KNOW HOW TO GOOGLE MYSELF.
192.68.7.35:80 192.68.7.35:443 Running HTTP service product HTTPD exists: Apache HTTPD 2.2.22 VulnerableversionofproductHTTPDfound: ApacheHTTPD2.2.22 Running HTTPS service product HTTPD exists: Apache HTTPD 2.2.22 Vulnerable version of product HTTPD found: Apache HTTPD 2.2.22

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image
Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image_step_2

Step: 3

blur-text-image_step3

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Students explore these related Databases questions