Lucene search
Ubuntu.comUB:CVE-2007-6388HistoryJan 08, 2008 - 12:00 a.m.
CVE-2007-6388
2008-01-0800:00:00
ubuntu.com
ubuntu.com
16
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.818 High
EPSS
Percentile
98.3%
Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP
Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through
1.3.39, when the server-status page is enabled, allows remote attackers to
inject arbitrary web script or HTML via unspecified vectors.
Notes
| Author | Note |
|---|---|
| jdstrand | redhat has patch for all releases now |
Related
openvas
openvas
HP-UX Update for Apache HPSBUX02313
2009-05-05 00:00:00
HP-UX Update for Apache HPSBUX02313
2009-05-05 00:00:00
Slackware Advisory SSA:2008-210-02 httpd
2012-09-11 00:00:00
httpd
httpd
Apache Httpd < 2.0.63 : mod_status XSS
2007-12-15 00:00:00
Apache Httpd < 2.2.8 : mod_status XSS
2007-12-15 00:00:00
Apache Httpd < 1.3.41 : mod_status XSS
2007-12-15 00:00:00
cve
cve
CVE-2007-6388
2008-01-08 18:46:00
prion
prion
Cross site scripting
2008-01-08 18:46:00
seebug
seebug
Apache HTTP Server 2.2.6, 2.0.61和1.3.39 'mod_status'跨站脚本漏洞
2008-01-14 00:00:00
debiancve
debiancve
CVE-2007-6388
2008-01-08 18:46:00
securityvulns
securityvulns
SecurityReason - Apache (mod_status) Refresh Header - Open Redirector (XSS)
2008-01-16 00:00:00
HP OpenView Network Node Manager crossite scripting
2008-11-21 00:00:00
veracode
veracode
Cross-Site Scripting (XSS)
2020-04-10 00:19:35
slackware
slackware
[slackware-security] httpd
2008-07-29 05:31:49
[slackware-security] apache
2008-02-15 01:23:13
[slackware-security] httpd
2008-02-15 01:22:54
nessus
nessus
Slackware 12.0 / 12.1 / current : httpd (SSA:2008-210-02)
2008-07-29 00:00:00
Apache < 2.0.63 Multiple XSS Vulnerabilities
2008-03-07 00:00:00
redhat
redhat
(RHSA-2008:0007) Moderate: httpd security update
2008-01-15 00:00:00
(RHSA-2008:0004) Moderate: apache security update
2008-01-15 00:00:00
(RHSA-2008:0006) Moderate: httpd security update
2008-01-15 00:00:00
oraclelinux
oraclelinux
Moderate: httpd security update
2008-01-15 00:00:00
Moderate: httpd security update
2008-01-15 00:00:00
Moderate: httpd security update
2008-01-15 00:00:00
centos
centos
apache security update
2008-01-16 02:42:35
httpd, mod_ssl security update
2008-01-15 13:48:01
httpd, mod_ssl security update
2008-01-15 12:48:29
altlinux
altlinux
Security fix for the ALT Linux 9 package apache2 version 2.2.8-alt1
2008-02-29 00:00:00
Security fix for the ALT Linux 10 package apache2 version 2.2.8-alt1
2008-02-29 00:00:00
Security fix for the ALT Linux 8 package apache2 version 2.2.8-alt1
2008-02-29 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: httpd-2.2.8-1.fc8
2008-02-16 02:11:16
[SECURITY] Fedora 7 Update: httpd-2.2.8-1.fc7
2008-02-16 02:08:32
suse
suse
cross site scripting in apache2,apache
2008-04-04 16:29:16
vmware
vmware
VMware Hosted products update libpng and Apache HTTP Server
2009-08-20 00:00:00
VMware Hosted products update libpng and Apache HTTP Server
2009-08-20 00:00:00
ubuntu
ubuntu
Apache vulnerabilities
2008-02-04 00:00:00
oracle
oracle
Oracle Critical Patch Update - July 2013
2013-07-16 00:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.818 High
EPSS
Percentile
98.3%
Related for UB:CVE-2007-6388