- Home
- CVEs with nessus.description==A flaw was found in the mod_proxy module. On sites where a reverse
proxy is configured, a remote attacker could send a carefully crafted
request that would cause the Apache child process handling that
request to crash. On sites where a forward proxy is configured, an
attacker could cause a similar crash if a user could be persuaded to
visit a malicious site using the proxy. This could lead to a denial of
service if using a threaded Multi-Processing Module. (CVE-2007-3847)
A flaw was found in the mod_autoindex module. On sites where directory
listings are used, and the 'AddDefaultCharset' directive has been
removed from the configuration, a cross-site scripting attack might
have been possible against Web browsers which do not correctly derive
the response character set following the rules in RFC 2616.
(CVE-2007-4465)
A flaw was found in the mod_imagemap module. On sites where
mod_imagemap was enabled and an imagemap file was publicly available,
a cross-site scripting attack was possible. (CVE-2007-5000)
A flaw was found in the mod_status module. On sites where mod_status
was enabled and the status pages were publicly available, a cross-site
scripting attack was possible. (CVE-2007-6388)
A flaw was found in the mod_proxy_balancer module. On sites where
mod_proxy_balancer was enabled, a cross-site scripting attack against
an authorized user was possible. (CVE-2007-6421)
A flaw was found in the mod_proxy_balancer module. On sites where
mod_proxy_balancer was enabled, an authorized user could send a
carefully crafted request that would cause the Apache child process
handling that request to crash. This could lead to a denial of service
if using a threaded Multi-Processing Module. (CVE-2007-6422)
A flaw was found in the mod_proxy_ftp module. On sites where
mod_proxy_ftp was enabled and a forward proxy was configured, a
cross-site scripting attack was possible against Web browsers which do
not correctly derive the response character set following the rules in
RFC 2616. (CVE-2008-0005)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top