[CentOS] security compliance vs. old software versions

Wed Jun 30 12:31:14 UTC 2010
Kai Schaetzl <maillists at conactive.com>

Les Mikesell wrote on Tue, 29 Jun 2010 17:52:37 -0500:

> Apache Server 2.x Prior To 2.2.14 Multiple Vulnerabilities Apache 
> \'mod_proxy_ftp\' Wildcard Characters Cross-Site Scripting.

Remove that module from httpd.conf and try again. If it still gives that 
warning you've proven the tool is braindead. You could also just tell 
Apache not to add a server signature. I wonder how the tool will react to 
that :-) Or is run locally and scans the rpm database?

Kai

-- 
Get your web at Conactive Internet Services: http://www.conactive.com