QwikSec

Security Database

CVE

CWE

Training

CVE-2002-0840

Published: Sep 1, 2004

Modified: Aug 8, 2024

PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header, a different vulnerability than CAN-2002-1157.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_DEBIAN

http://marc.info/?l=apache-httpd-announce&m=103367938230488&w=2

x_refsource_CONFIRM

ESA-20021007-024

vendor-advisory

x_refsource_ENGARDE

vendor-advisory

x_refsource_HP

vendor-advisory

x_refsource_DEBIAN

http://www.apacheweek.com/issues/02-10-04

x_refsource_CONFIRM

vendor-advisory

x_refsource_DEBIAN

20021003 [OpenPKG-SA-2002.009] OpenPKG Security Advisory (apache)

mailing-list

x_refsource_BUGTRAQ

vendor-advisory

x_refsource_MANDRAKE

vendor-advisory

x_refsource_CONECTIVA

20021017 TSLSA-2002-0069-apache

mailing-list

x_refsource_BUGTRAQ

20021002 Apache 2 Cross-Site Scripting

mailing-list

x_refsource_BUGTRAQ

vendor-advisory

x_refsource_REDHAT

vdb-entry

x_refsource_OSVDB

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

apache-http-host-xss(10241)

vdb-entry

x_refsource_XF

20021002 Apache 2 Cross-Site Scripting

mailing-list

x_refsource_VULNWATCH

third-party-advisory

x_refsource_CERT-VN

vdb-entry

x_refsource_BID

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

mailing-list

x_refsource_MLIST

[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

mailing-list

x_refsource_MLIST

[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

mailing-list

x_refsource_MLIST

[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

mailing-list

x_refsource_MLIST

[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/

mailing-list

x_refsource_MLIST

[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

mailing-list

x_refsource_MLIST

[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

mailing-list

x_refsource_MLIST

[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/

mailing-list

x_refsource_MLIST

[httpd-cvs] 20210330 svn commit: r1073149 [2/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/

mailing-list

x_refsource_MLIST

[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/

mailing-list

x_refsource_MLIST

[httpd-cvs] 20210603 svn commit: r1075360 [1/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

mailing-list

x_refsource_MLIST

[httpd-cvs] 20210606 svn commit: r1075470 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

mailing-list

x_refsource_MLIST

[httpd-cvs] 20210606 svn commit: r1075470 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.