Lucene search
Apache Team FoundationHTTPD:DD8F8D4ADFA35A9E15BABEFA2C71C9EDHistoryOct 19, 2006 - 12:00 a.m.
Apache Httpd < 2.2.6 : mod_status cross-site scripting
2006-10-1900:00:00
Apache Team Foundation
httpd.apache.org
12
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.049 Low
EPSS
Percentile
92.7%
A flaw was found in the mod_status module. On sites where the server-status page is publicly accessible and ExtendedStatus is enabled this could lead to a cross-site scripting attack. Note that the server-status page is not enabled by default and it is best practice to not make this publicly available.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache httpd | eq | 2.2.4 | |
| apache httpd | eq | 2.2.3 | |
| apache httpd | eq | 2.2.2 | |
| apache httpd | eq | 2.2.0 |
Related
cve
cve
CVE-2006-5752
2007-06-27 17:30:00
httpd
httpd
Apache Httpd < 2.0.61 : mod_status cross-site scripting
2006-10-19 00:00:00
Apache Httpd < 1.3.39 : mod_status cross-site scripting
2006-10-19 00:00:00
veracode
veracode
Cross-site Scripting (XSS)
2020-04-10 00:16:40
debiancve
debiancve
CVE-2006-5752
2007-06-27 17:30:00
ubuntucve
ubuntucve
CVE-2006-5752
2007-06-27 00:00:00
nessus
nessus
CentOS 4 : httpd (CESA-2007:0534)
2007-06-27 00:00:00
Oracle Linux 3 : httpd (ELSA-2007-0533)
2013-07-12 00:00:00
RHEL 4 : httpd (RHSA-2007:0534)
2007-06-27 00:00:00
centos
centos
apache security update
2007-06-26 23:35:19
httpd, mod_ssl security update
2007-06-27 15:34:54
httpd, mod_ssl security update
2007-06-27 00:14:54
oraclelinux
oraclelinux
Moderate: httpd security update
2007-06-26 00:00:00
Moderate: httpd security update
2007-06-27 00:00:00
Moderate: httpd security update
2007-06-26 00:00:00
redhat
redhat
(RHSA-2007:0534) Moderate: httpd security update
2007-06-26 00:00:00
(RHSA-2007:0532) Moderate: apache security update
2007-06-26 00:00:00
(RHSA-2007:0533) Moderate: httpd security update
2007-06-27 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package apache2 version 2.2.4-alt31
2007-07-05 00:00:00
Security fix for the ALT Linux 10 package apache2 version 2.2.4-alt30
2007-07-04 00:00:00
Security fix for the ALT Linux 8 package apache2 version 2.2.4-alt30
2007-07-04 00:00:00
openvas
openvas
Ubuntu Update for apache2 vulnerabilities USN-499-1
2009-03-23 00:00:00
Oracle: Security Advisory (ELSA-2007-0556)
2015-10-08 00:00:00
Ubuntu: Security Advisory (USN-499-1)
2009-03-23 00:00:00
ubuntu
ubuntu
Apache vulnerabilities
2007-08-17 00:00:00
fedora
fedora
[SECURITY] Fedora Core 5 Update: httpd-2.2.2-1.3
2007-07-02 15:01:38
[SECURITY] Fedora Core 6 Update: httpd-2.2.4-2.1.fc6
2007-07-12 22:53:51
[SECURITY] Fedora 7 Update: httpd-2.2.4-4.1.fc7
2007-06-27 03:52:42
securityvulns
securityvulns
[Full-disclosure] rPSA-2007-0182-1 httpd mod_ssl
2007-09-14 00:00:00
suse
suse
remote denial of service in apache2
2007-11-19 15:20:20
freebsd
freebsd
apache -- multiple vulnerabilities
2007-09-07 00:00:00
gentoo
gentoo
Apache: Multiple vulnerabilities
2007-11-07 00:00:00
vmware
vmware
VMware Hosted products update libpng and Apache HTTP Server
2009-08-20 00:00:00
VMware Hosted products update libpng and Apache HTTP Server
2009-08-20 00:00:00
oracle
oracle
Oracle Critical Patch Update - July 2013
2013-07-16 00:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.049 Low
EPSS
Percentile
92.7%
Related for HTTPD:DD8F8D4ADFA35A9E15BABEFA2C71C9ED