- Home
- CVEs with nessus.description==A flaw in the Apache mod_proxy module was found that could potentially
lead to a denial of service is using a threaded Multi-Processing
Module. On sites where a reverse proxy is configured, a remote
attacker could send a special reequest that would cause the Apache
child process handling the request to crash. Likewise, a similar crash
could occur on sites with a forward proxy configured if a user could
be persuaded to visit a malicious site using the proxy
(CVE-2007-3847).
A flaw in the Apache mod_autoindex module was found. On sites where
directory listings are used and the AddDefaultCharset directive was
removed from the configuration, a cross-site-scripting attack could be
possible against browsers that to not correctly derive the response
character set according to the rules in RGC 2616 (CVE-2007-4465).
The updated packages have been patched to correct this issue.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top