Lucene search
Ubuntu.comUB:CVE-2008-0005HistoryJan 11, 2008 - 12:00 a.m.
CVE-2008-0005
2008-01-1100:00:00
ubuntu.com
ubuntu.com
8
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.015 Low
EPSS
Percentile
86.8%
mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev,
and 1.3.x before 1.3.40-dev does not define a charset, which allows remote
attackers to conduct cross-site scripting (XSS) attacks using UTF-7
encoding.
Notes
| Author | Note |
|---|---|
| jdstrand | redhat has patch for all releases |
Related
veracode
veracode
Cross-Site Scripting (XSS)
2020-04-10 00:19:36
httpd
httpd
Apache Httpd < 2.2.8 : mod_proxy_ftp UTF-7 XSS
2007-12-15 00:00:00
Apache Httpd < 2.0.63 : mod_proxy_ftp UTF-7 XSS
2007-12-15 00:00:00
debiancve
debiancve
CVE-2008-0005
2008-01-12 00:46:00
cve
cve
CVE-2008-0005
2008-01-12 00:46:00
seebug
seebug
Apache 'mod_proxy_ftp'未定义字符集UTF-7跨站脚本漏洞
2008-01-14 00:00:00
prion
prion
Cross site scripting
2008-01-12 00:46:00
securityvulns
securityvulns
SecurityReason - Apache (mod_proxy_ftp) Undefined Charset UTF-7 XSS Vulnerability
2008-01-12 00:00:00
Apache multiple security vulnerabilities
2008-01-24 00:00:00
redhat
redhat
(RHSA-2008:0007) Moderate: httpd security update
2008-01-15 00:00:00
(RHSA-2008:0004) Moderate: apache security update
2008-01-15 00:00:00
(RHSA-2008:0006) Moderate: httpd security update
2008-01-15 00:00:00
nessus
nessus
Apache < 2.0.63 Multiple XSS Vulnerabilities
2008-03-07 00:00:00
RHEL 4 : httpd (RHSA-2008:0006)
2008-01-15 00:00:00
RHEL 2.1 : apache (RHSA-2008:0004)
2008-01-15 00:00:00
openvas
openvas
SLES9: Security update for Apache
2009-10-10 00:00:00
RedHat Update for httpd RHSA-2008:0006-01
2009-03-06 00:00:00
CentOS Update for apache CESA-2008:0004-01 centos2 i386
2009-02-27 00:00:00
centos
centos
apache security update
2008-01-16 02:42:35
httpd, mod_ssl security update
2008-01-15 13:48:01
httpd, mod_ssl security update
2008-01-15 12:48:29
oraclelinux
oraclelinux
Moderate: httpd security update
2008-01-15 00:00:00
Moderate: httpd security update
2008-01-15 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: httpd-2.2.8-1.fc8
2008-02-16 02:11:16
[SECURITY] Fedora 7 Update: httpd-2.2.8-1.fc7
2008-02-16 02:08:32
altlinux
altlinux
Security fix for the ALT Linux 9 package apache2 version 2.2.8-alt1
2008-02-29 00:00:00
Security fix for the ALT Linux 10 package apache2 version 2.2.8-alt1
2008-02-29 00:00:00
Security fix for the ALT Linux 8 package apache2 version 2.2.8-alt1
2008-02-29 00:00:00
slackware
slackware
[slackware-security] httpd
2008-02-15 01:22:54
gentoo
gentoo
Apache: Multiple vulnerabilities
2008-03-11 00:00:00
suse
suse
cross site scripting in apache2,apache
2008-04-04 16:29:16
vmware
vmware
VMware Hosted products update libpng and Apache HTTP Server
2009-08-20 00:00:00
VMware Hosted products update libpng and Apache HTTP Server
2009-08-20 00:00:00
ubuntu
ubuntu
Apache vulnerabilities
2008-02-04 00:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.015 Low
EPSS
Percentile
86.8%
Related for UB:CVE-2008-0005