Secunia Logo  


Secunia PSI WorldMap
 
Apache Modules Multiple Vulnerabilities
Secunia Advisory: SA28046
Release Date: 2007-12-12
Last Update: 2008-07-10
Popularity: 20,039 views

Critical:
Less critical
Impact: Cross Site Scripting
DoS
Where: From remote
Solution Status: Vendor Patch

Software:Apache 2.2.x

Secunia CVSS-2 Score: Available in Secunia business solutions

Subscribe: Instant alerts on relevant vulnerabilities


Advisory Content (Page 2 of 3)[ 1 ] [ 2 ] [ 3 ]

Solution:
Update to version 2.2.9.
http://httpd.apache.org/download.cgi

Provided and/or discovered by:
1) Reported by the vendor.
2, 3, 4, 5) sp3x, SecurityReason
6) The vendor thanks Joe Orton, Amund Elstad, and Dr Stephen Henson

Changelog:
2008-01-07: Updated advisory to include vulnerabilities #2, #3, and #4.
2008-01-15: Updated credits section and "Original Advisory" section.
2008-01-16: Added link to "Original Advisory" section.
2008-01-21: Updated "Description" and "Solution" sections. Added CVE reference.
2008-01-28: Added CVE reference.
2008-06-16: Added additional details about CVE-2007-6420 through vulnerability #5. Updated "Solution" section.
2008-07-10: Added vulnerability #6. Added CVE reference.

Original Advisory:
http://httpd.apache.org/security/vulnerabilities_22.html
http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?revision=608860

SecurityReason:
http://securityreason.com/securityalert/3541
http://securityreason.com/securityalert/3523
http://securityreason.com/securityalert/3526

Change Page:
[ 1 ] [ 2 ] [ 3 ]



Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.

Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
  
Latest Advisories

24th Nov, 2009
New advisories: 8
New vulnerabilities: 19
Updated advisories: 13

Highly // 273 views
SUSE Update for Multiple Packages
Less // 243 views
Debian update for php-mail
Less // 286 views
Fedora update for snort
Not // 267 views
Fedora update for asterisk

23rd Nov, 2009
New advisories: 16
New vulnerabilities: 116
Updated advisories: 33


Solutions | More...  


Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.

Ideas, suggestions, and other feedback are most welcome.

Most Popular - 3 Hours

1. Internet Explorer Charset Inheritance Cross-Site Scripting Vulnerability // 27 views
2. Internet Explorer Layout Handling Memory Corruption Vulnerability // 26 views
3. Firefox Sage Extension Cross-Context Scripting Vulnerability // 26 views
4. WordPress WP-Cumulus Plugin "tagcloud" Cross-Site Scripting Vulnerability // 24 views
5. Cacti Multiple Script Insertion Vulnerabilities // 23 views
6. Adobe Flash Player Multiple Vulnerabilities // 22 views
7. Opera Multiple Vulnerabilities // 22 views
8. SUSE Update for Multiple Packages // 22 views
9. Debian update for php-mail // 21 views
10. PEAR Net_Ping Command Injection Vulnerability // 20 views