K17267: XSS vulnerability in Apache CVE-2002-0840

Security Advisory Description Cross-site scripting XSS vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the...

SOL17267 - XSS vulnerability in Apache CVE-2002-0840

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...

HP-UX Update for Apache HPSBUX00224

Check for the Version of Apache OpenVAS Vulnerability Test HP-UX Update for Apache HPSBUX00224 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of t...

Debian Security Advisory DSA 187-1 (apache)

The remote host is missing an update to apache announced via advisory DSA 187-1. OpenVAS Vulnerability Test $Id: deb1871.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 187-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

HP-UX PHSS_28098 : HP-UX Running Apache, Increased Privileges or Denial of Service (DoS) or Execution of Arbitrary Code (HPSBUX00224 SSRT2393 rev.3)

s700800 11.04 Virtualvault 4.5 OWS update : Potential vulnerability regarding ownership permissions of System V shared memory based scoreboards. CERT VU825353, CVE CAN-2002-0839 Potential cross-site scripting vulnerability in the default error page when using wildcard DNS. CERT VU240329, CVE...

CVE-2002-0840

CVE-2002-0840 is a cross-site scripting (XSS) vulnerability in the default error page of Apache. It affects Apache 2.0 before 2.0.43 and 1.3.x up to 1.3.26, when UseCanonicalName is set to off and wildcard DNS is supported. An attacker can inject script via the Host header to execute in other vis...

CVE-2002-0840

...

CVE-2002-0840

Cross-site scripting XSS vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header, a different...

CVE-2002-0840

Cross-site scripting XSS vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header, a different...

Apache HTTPD server vulnerable to cross site scripting on error page when using wildcard DNS

Overview Versions of the Apache HTTPD server with wildcard DNS enabled and UseCanonicalName disabled, are vulnerable to a cross-site scripting attack. Description Apache HTTPD servers versions 2.0.42 and prior, and 1.3.26 and prior, with wildcard DNS enabled and UseCanonicalName disabled, are...