The host is installed with Apache 2.4.x before 2.4.2 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to handle a zero-length directory name in the LD_LIBRARY_PATH. Successful exploitation could allow remote attackers to search the current directory for DSO's.