Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The web server must use a vendor-supported version of the web server software.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-2246 | WG190 W20 | SV-36498r1_rule | ECSC-1 | High |
| Description |
|---|
| Many vulnerabilities are associated with older versions of web server software. As hot fixes and patches are issued, these solutions are included in the next version of the server software. Maintaining the web server at a current version makes the efforts of a malicious user to exploit the web service more difficult. |
| STIG | Date |
|---|---|
| APACHE SERVER 2.0 for Windows | 2011-12-12 |
Details
| Check Text ( C-35600r1_chk ) |
|---|
| Determine the version of the Apache software that is running on the system. Use the command line interface and navigate to the directory where Apache httpd Server is installed. From the command line type the following command: apache.exe –v. Press Enter. This will display the version of apache installed on the system. If the version of Apache is not at the following version or higher, this is a finding. Apache httpd server version 2.0 - Release 2.0.64 (Oct 2010) |
| Fix Text (F-30834r1_fix) |
|---|
| Upgrade software to a supported version. |