PCI Compliance - issues with apache

Discussion in 'Installation and "How-To" Questions' started by midas21, Aug 19, 2014.

  1. midas21

    midas21 Bit Poster

    Messages:
    2
    Dear All,

    we are trying to pass the PCI compliance scan, but we are having issues with apache 2.2.3 version. The messages we are having are

    According to its banner, the version of Apache 2.2 installed on the remote host is older than 2.2.14. Such versions are potentially affected by multiple vulnerabilities.

    What should we do?

    Pbas version is 4.5.1-15
    CentOS 5.8
    Apache/2.2.3

    Any ideas?
     
  2. FedorK

    FedorK Mega Poster

    Messages:
    224
    PBAS 4.5 support CentOS 6 version. Please migrate your installation to modern OS and apache will be updated.

    http://kb.odin.com/en/2126

    Thank you.
     
  3. midas21

    midas21 Bit Poster

    Messages:
    2
    PBAS 4.5 also support CentOS 5 version. Suppose migration is the last resort. Any other ideas?
     
  4. FedorK

    FedorK Mega Poster

    Messages:
    224
    CentOS 5 supported only for old customer for possibility of upgrade from one OS to other OS.

    Other idea - compile apache from sources as there is no support of modern apache for centos 5 from vendor.
     

Share This Page