SUSE CVE-2007-6420

Cross-site request forgery CSRF vulnerability in the balancer-manager in modproxybalancer for Apache HTTP Server 2.2.x allows remote attackers to gain privileges via unspecified vectors...

SUSE CVE-2007-6421

Cross-site scripting XSS vulnerability in balancer-manager in modproxybalancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the 1 ss, 2 wr, or 3 rr parameters, or 4 the URL...

USN-5487-2 apache2 regression

USN-5487-1 fixed several vulnerabilities in Apache. Unfortunately, that update introduced a regression when proxying balancer manager connections in some configurations on Ubuntu 14.04 ESM. This update reverts those changes till further fix. We apologize for the inconvenience. Original advisory...

USN-4113-2 apache2 regression

USN-4113-1 fixed vulnerabilities in the Apache HTTP server. Unfortunately, that update introduced a regression when proxying balancer manager connections in some configurations. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Stefan Eissing discovered...

Debian DLA-1900-2 : apache2 regression update

The update of apache2 released as DLA-1900-1 contained an incomplete fix for CVE-2019-10092, a limited cross-site scripting issue affecting the modproxy error page. The old patch rather introduced a new CSRF protection which also caused a regression, an inability to dynamically change the status ...

Scientific Linux Security Update : httpd on SL6.x i386/x86_64 (20150722)

A flaw was found in the way httpd handled HTTP Trailer headers when processing requests using chunked encoding. A malicious client could use Trailer headers to set additional HTTP headers after header processing was performed by other modules. This could, for example, lead to a bypass of header...

httpd: XSS flaw in mod_proxy_balancer manager interface

Multiple cross-site scripting XSS vulnerabilities in the balancerhandler function in the manager interface in modproxybalancer.c in the modproxybalancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML vi...

Debian DSA-2637-1 : apache2 - several issues

Several vulnerabilities have been found in the Apache HTTPD server. - CVE-2012-3499 The modules modinfo, modstatus, modimagemap, modldap, and modproxyftp did not properly escape hostnames and URIs in HTML output, causing cross site scripting vulnerabilities. - CVE-2012-4558 Modproxybalancer did n...

No title provided

A cross-site request forgery issue was found in the modproxybalancer module. A remote attacker could cause a denial of service if modproxybalancer is enabled and an authenticated user is targeted. CVE-2007-6420...

apache -- multiple vulnerabilities

Apache HTTP server project reports: The following potential security flaws are addressed: CVE-2008-2364: modproxyhttp: Better handling of excessive interim responses from origin server to prevent potential denial of service and high memory usage. Reported by Ryujiro Shibuya. CVE-2007-6420:...

Apache < 2.2.8 Multiple Vulnerabilities

Binary data 4385.prm...

httpd mod_proxy_balancer cross-site scripting

Cross-site scripting XSS vulnerability in balancer-manager in modproxybalancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the 1 ss, 2 wr, or 3 rr parameters, or 4 the URL...

httpd mod_proxy_balancer cross-site scripting

Cross-site scripting XSS vulnerability in balancer-manager in modproxybalancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the 1 ss, 2 wr, or 3 rr parameters, or 4 the URL...

CVE-2007-6420

Cross-site request forgery CSRF vulnerability in the balancer-manager in modproxybalancer for Apache HTTP Server 2.2.x allows remote attackers to gain privileges via unspecified vectors...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the balancer-manager in modproxybalancer for Apache HTTP Server 2.2.x allows remote attackers to gain privileges via unspecified vectors...

DEBIAN-CVE-2007-6420

Cross-site request forgery CSRF vulnerability in the balancer-manager in modproxybalancer for Apache HTTP Server 2.2.x allows remote attackers to gain privileges via unspecified vectors...

DEBIAN-CVE-2007-6421

Cross-site scripting XSS vulnerability in balancer-manager in modproxybalancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the 1 ss, 2 wr, or 3 rr parameters, or 4 the URL...

CVE-2007-6421

Cross-site scripting XSS vulnerability in balancer-manager in modproxybalancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the 1 ss, 2 wr, or 3 rr parameters, or 4 the URL...

CVE-2007-6421

CVE-2007-6421 is an XSS vulnerability in Apache HTTP Server 2.2.0–2.2.6 within the balancer-manager component of mod_proxy_balancer. An attacker could inject arbitrary script/HTML via the (1) ss, (2) wr, or (3) rr parameters, or via the URL. Affected product: Apache httpd 2.2.x (balancer-manager)...