Ubuntu: Apache vulnerabilities |
|
| BugsAlert Home > Ubuntu: Apache vulnerabilities | |
|
LinuxSecurity.com: It was discovered that Apache did not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. This was only vulnerable in Ubuntu 6.06. (CVE-2006-3918) Original Source: http://www.linuxsecurity.com/content/view/134017?rdf Learn more about Ubuntu: Apache vulnerabilities |
|
| Tags: ubuntu apache vulnerabilities | |
Related Items |
|
|
Slackware: rsync
|
|
|
FrSIRT - Novell Forum Unspecified Remote Tcl Code Execution Vulnerability
|
|
|
CVE-2008-3272 (Kernel)
|
|
|
MS07-048 - Important: Vulnerabilities in Windows Gadgets Could Allow Remote Code Execution (938123)
|
|
|
Gentoo update for ircservices
|
|
|
Avaya Message Storage Server Input Validation Vulnerabilities
|
|
|
VUPEN - minimal-ablog SQL Injection and File Upload Vulnerabilities
|
|
