QID 87456

IBM HTTP Server powered by Apache is based on the Apache HTTP Server available for multiple platforms.

CVE-2021-26691: Apache HTTP Server is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the mod_session.
CVE-2021-26690:Apache HTTP Server is vulnerable to a denial of service, caused by a NULL pointer dereference.
CVE-2018-17199:Apache HTTP Server could allow a remote attacker to bypass security restrictions, caused by checking the session expiry time before decoding the session by mod_session.

Affected Versions:
IBM HTTP Server V9.0.0.0 through 9.0.0.10
QID Detection Logic (Authenticated):
Operating System: Windows
The QID checks the key "HKLM\SYSTEM\CurrentControlSet\Services" to see if IBM HTTP Server is installed on the host or not.

QID Detection Logic (Authenticated):
Operating System: Linux
The QID uses netstat command to extract install directory for IBM HTTP Server. "version.signature" is used to verify the version.

QID Detection Logic (Un-Authenticated):
This checks for vulnerable version of IBM HTTP server.

An attacker could exploit this vulnerability to ignore session expiry time and gain access to the application.