7 matches found
SLES9: Security update for Apache 2
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: apache2 apache2-worker apache2-prefork libapr0 apache2-doc apache2-devel apache2-example-pages For more information, please visit the referenced security...
Gentoo Security Advisory GLSA 200803-19 (apache)
The remote host is missing updates announced in advisory GLSA 200803-19. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
SuSE 10 Security Update : Apache 2 (ZYPP Patch Number 5128)
This update fixes multiple bugs in apache : - cross-site scripting problem in modimap. CVE-2007-5000 - cross-site scripting problem in modstatus. CVE-2007-6388 - cross-site scripting problem in the ftp proxy module. CVE-2008-0005 - cross-site scripting problem in the error page for status code 41...
openSUSE 10 Security Update : apache2 (apache2-5127)
This update fixes multiple bugs in apache : - cross site scripting problem in modimap CVE-2007-5000 - cross site scripting problem in modstatus CVE-2007-6388 - cross site scripting problem in the error page for status code 413 CVE-2007-6203 - cross site scripting problem in modproxybalancer...
Apache 2.2.x < 2.2.8 Multiple Vulnerabilities (XSS, DoS)
According to its banner, the version of Apache 2.2.x running on the remote host is prior to 2.2.8. It is, therefore, affected by the following vulnerabilities : - A cross-site scripting issue involving modimagemap CVE-2007-5000. - A cross-site scripting issue involving 413 error pages via a...
CVE-2007-6203
Apache HTTP Server 2.0.x and 2.2.x are affected by CVE-2007-6203, where the HTTP Method header is not sanitized when reflected in a 413 Response, enabling cross-site scripting-like attacks via headers sent by the client. The root cause is lack of sanitization of the Method specifier header in suc...
CVE-2007-6203
Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting XSS style attacks using web client components that can send arbitrary...