Impact
cross site scripting
Solution
Please Install the Updated Packages.
Insight
Various minor bugs have been fixed in the Apache 1 and Apache 2 web servers and released as a roll-up update.
Security problems that were fixed include:
- cross site scripting problem when processing the 'Expect' header CVE-2006-3918 (Apache 1 only)
- cross site scripting problem in mod_imap CVE-2007-5000 (Apache 1 and 2)
- cross site scripting problem in mod_status CVE-2007-6388 (Apache 1 and 2)
- cross site scripting problem in the ftp proxy module CVE-2008-0005 (Apache 1 and 2)
- cross site scripting problem in the error page for status code 413 CVE-2007-6203 (Apache 2)
- cross site scripting problem in mod_proxy_balancer CVE-2007-6421 (Apache 2)
- A flaw in mod_proxy_balancer allowed attackers to crash apache CVE-2007-6422 (Apache 2)
Affected
apache2,apache on SUSE LINUX 10.1, openSUSE 10.2, openSUSE 10.3, SUSE SLES 9, Novell Linux Desktop 9 SDK, Novell Linux Desktop 9, Open Enterprise Server, Novell Linux POS 9, SLE SDK 10 SP1, SUSE Linux Enterprise Server 10 SP1
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2006-3918, CVE-2007-5000, CVE-2007-6203, CVE-2007-6388, CVE-2007-6421, CVE-2007-6422, CVE-2008-0005 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities