Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusTenable4712.PRM
HistoryOct 21, 2008 - 12:00 a.m.

Apache < 2.2.10 Multiple Vulnerabilities

2008-10-2100:00:00
Tenable
www.tenable.com
15
JSON

Versions of Apache HTTP Server earlier than 2.2.10 are potentially affected by multiple vulnerabilities :

  • An information disclosure vulnerability in mod_proxy_http. Note that this only affects Apache on Unix systems. (CVE-2010-2791)

  • The mod_proxy_ftp module in the version of Apache installed on the remote host fails to properly sanitize user-supplied URL input before using it to generate dynamic HTML output. Using specially crafted requests for FTP URLs with globbing characters (such as asterisk, tilde, opening square bracket, etc.), an attacker may be able to leverage this issue to inject arbitrary HTML and script code into a user’s browser to be executed within the security context of the affected site. (CVE-2008-2939)

Binary data 4712.prm
VendorProductVersionCPE
apachehttp_server2.0cpe:/a:apache:http_server:2.0

Related

openvas 51
checkpoint_advisories 3
freebsd 1
cve 2
debiancve 2
ubuntucve 2
veracode 2
seebug 3
httpd 3
prion 2
securityvulns 7
nessus 27
cert 1
redhat 3
f5 2
centos 2
oraclelinux 2
packetstorm 1
ubuntu 1
altlinux 3
kaspersky 1
gentoo 1
oracle 1
openvas
openvas
Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability
2010-10-19 00:00:00
Apache HTTP Server 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability
2010-10-19 00:00:00
FreeBSD Ports: apache
2009-03-13 00:00:00
checkpoint_advisories
checkpoint_advisories
Update protection against Apache HTTP Server mod_proxy_ftp Wildcard Characters Cross Site Scripting
2008-09-19 00:00:00
Update Protection against Apache mod_proxy_ftp XSS Vulnerability
2008-09-19 00:00:00
Apache Server mod_proxy_ftp Wildcard Characters Cross-Site Scripting (CVE-2008-2939)
2009-09-30 00:00:00
freebsd
freebsd
apache -- Cross-site scripting vulnerability
2008-07-25 00:00:00
cve
cve
CVE-2008-2939
2008-08-06 18:41:00
CVE-2010-2791
2010-08-05 18:17:00
debiancve
debiancve
CVE-2008-2939
2008-08-06 18:41:00
CVE-2010-2791
2010-08-05 18:17:00
ubuntucve
ubuntucve
CVE-2008-2939
2008-08-06 00:00:00
CVE-2010-2791
2010-08-05 00:00:00
veracode
veracode
Cross-Site Scripting (XSS)
2020-04-10 00:29:44
Information Disclosure
2020-04-10 00:47:09
seebug
seebug
Apache mod_proxy_ftp模块通配符字符跨站脚本漏洞
2008-08-08 00:00:00
IBM HTTP Server mod_proxy_ftp 跨站脚本漏洞
2009-02-16 00:00:00
Unix平台Apache mod_proxy_http模块超时处理信息泄露漏洞
2010-08-03 00:00:00
httpd
httpd
Apache Httpd < 2.0.64 : mod_proxy_ftp globbing XSS
2008-07-28 00:00:00
Apache Httpd < 2.2.10 : Timeout detection flaw (mod_proxy_http)
2010-07-23 00:00:00
Apache Httpd < 2.2.10 : mod_proxy_ftp globbing XSS
2008-07-28 00:00:00
prion
prion
Cross site scripting
2008-08-06 18:41:00
Design/Logic Flaw
2010-08-05 18:17:00
securityvulns
securityvulns
Apache HTTP Server mod_proxy_ftp Wildcard Characters Cross-Site Scripting
2008-08-07 00:00:00
Apache mod_proxy_ftp crossite scripting
2008-08-07 00:00:00
Apache mod_proxy_http information leak
2010-08-19 00:00:00
nessus
nessus
Apache mod_proxy_ftp Directory Component Wildcard Character Globbing XSS
2008-10-16 00:00:00
SuSE9 Security Update : Apache 2 (YOU Patch Number 12258)
2009-09-24 00:00:00
FreeBSD : apache -- XSS vulnerability (f1892066-0e74-11de-92de-000bcdc1757a)
2009-03-12 00:00:00
cert
cert
Apache mod_proxy_ftp XSS vulnerability
2008-08-08 00:00:00
redhat
redhat
(RHSA-2008:0967) Moderate: httpd security and bug fix update
2008-11-11 00:00:00
(RHSA-2010:0659) Moderate: httpd security and bug fix update
2010-08-30 00:00:00
(RHSA-2008:0966) Moderate: Red Hat Application Stack v2.2 security and enhancement update
2008-12-04 00:00:00
f5
f5
SOL23332326 - Apache HTTPD vulnerability CVE-2010-2791
2015-12-29 00:00:00
K23332326 : Apache HTTPD vulnerability CVE-2010-2791
2015-12-29 00:00:00
centos
centos
httpd, mod_ssl security update
2010-08-31 21:00:21
httpd, mod_ssl security update
2008-11-11 20:45:50
oraclelinux
oraclelinux
httpd security and bug fix update
2010-08-30 00:00:00
httpd security and bug fix update
2008-11-11 00:00:00
packetstorm
packetstorm
ProtonMail.ch Header Injection / CSRF
2014-05-30 00:00:00
ubuntu
ubuntu
Apache vulnerabilities
2009-03-10 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package apache2 version 2.2.12-alt1
2009-07-30 00:00:00
Security fix for the ALT Linux 9 package apache2 version 2.2.12-alt1
2009-07-30 00:00:00
Security fix for the ALT Linux 10 package apache2 version 2.2.12-alt1
2009-07-30 00:00:00
kaspersky
kaspersky
KLA10066 Multiple vulnerabilities in Apache httpd
2010-10-19 00:00:00
gentoo
gentoo
Apache HTTP Server: Multiple vulnerabilities
2012-06-24 00:00:00
oracle
oracle
Oracle Critical Patch Update - April 2013
2013-04-16 00:00:00
JSON
Related for 4712.PRM
openvas51checkpoint_advisories3freebsd1cve2debiancve2ubuntucve2veracode2seebug3httpd3prion2securityvulns7nessus27cert1redhat3f52centos2oraclelinux2packetstorm1ubuntu1altlinux3kaspersky1gentoo1oracle1