Back to search
CVE-2007-6388
Published: Jan 8, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
RHSA-2008:0005
vendor-advisory
x_refsource_REDHAT
ADV-2008-0554
vdb-entry
x_refsource_VUPEN
ADV-2008-0447
vdb-entry
x_refsource_VUPEN
28922
third-party-advisory
x_refsource_SECUNIA
ADV-2008-0986
vdb-entry
x_refsource_VUPEN
3541
third-party-advisory
x_refsource_SREASON
28749
third-party-advisory
x_refsource_SECUNIA
SSA:2008-045-02
vendor-advisory
x_refsource_SLACKWARE
29988
third-party-advisory
x_refsource_SECUNIA
SSRT090208
vendor-advisory
x_refsource_HP
ADV-2008-1623
vdb-entry
x_refsource_VUPEN
29806
third-party-advisory
x_refsource_SECUNIA
20080716 rPSA-2008-0035-1 httpd mod_ssl
mailing-list
x_refsource_BUGTRAQ
FEDORA-2008-1695
vendor-advisory
x_refsource_FEDORA
1019154
vdb-entry
x_refsource_SECTRACK
28526
third-party-advisory
x_refsource_SECUNIA
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
x_refsource_CONFIRM
RHSA-2008:0006
vendor-advisory
x_refsource_REDHAT
oval:org.mitre.oval:def:10272
vdb-entry
signature
x_refsource_OVAL
31142
third-party-advisory
x_refsource_SECUNIA
ADV-2008-0924
vdb-entry
x_refsource_VUPEN
233623
vendor-advisory
x_refsource_SUNALERT
RHSA-2008:0007
vendor-advisory
x_refsource_REDHAT
http://httpd.apache.org/security/vulnerabilities_20.html
x_refsource_CONFIRM
ADV-2008-0047
vdb-entry
x_refsource_VUPEN
TA08-150A
third-party-advisory
x_refsource_CERT
RHSA-2008:0008
vendor-advisory
x_refsource_REDHAT
FEDORA-2008-1711
vendor-advisory
x_refsource_FEDORA
RHSA-2008:0009
vendor-advisory
x_refsource_REDHAT
MDVSA-2008:014
vendor-advisory
x_refsource_MANDRIVA
29420
third-party-advisory
x_refsource_SECUNIA
29504
third-party-advisory
x_refsource_SECUNIA
http://httpd.apache.org/security/vulnerabilities_22.html
x_refsource_CONFIRM
SSRT080015
vendor-advisory
x_refsource_HP
APPLE-SA-2008-03-18
vendor-advisory
x_refsource_APPLE
30430
third-party-advisory
x_refsource_SECUNIA
APPLE-SA-2008-05-28
vendor-advisory
x_refsource_APPLE
http://support.avaya.com/elmodocs2/security/ASA-2008-032.htm
x_refsource_CONFIRM
apache-status-page-xss(39472)
vdb-entry
x_refsource_XF
ADV-2008-0809
vdb-entry
x_refsource_VUPEN
HPSBOV02683
vendor-advisory
x_refsource_HP
20090821 VMSA-2009-0010 VMware Hosted products update libpng and Apache HTTP Server
mailing-list
x_refsource_BUGTRAQ
28467
third-party-advisory
x_refsource_SECUNIA
SSRT080059
vendor-advisory
x_refsource_HP
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=689039
x_refsource_CONFIRM
PK65782
vendor-advisory
x_refsource_AIXAPAR
HPSBUX02313
vendor-advisory
x_refsource_HP
RHSA-2008:0004
vendor-advisory
x_refsource_REDHAT
[security-announce] 20090820 VMSA-2009-0010 VMware Hosted products update libpng and Apache HTTP Server
mailing-list
x_refsource_MLIST
28607
third-party-advisory
x_refsource_SECUNIA
PK62966
vendor-advisory
x_refsource_AIXAPAR
SUSE-SA:2008:021
vendor-advisory
x_refsource_SUSE
30356
third-party-advisory
x_refsource_SECUNIA
http://httpd.apache.org/security/vulnerabilities_13.html
x_refsource_CONFIRM
PK63273
vendor-advisory
x_refsource_AIXAPAR
MDVSA-2008:015
vendor-advisory
x_refsource_MANDRIVA
http://docs.info.apple.com/article.html?artnum=307562
x_refsource_CONFIRM
33200
third-party-advisory
x_refsource_SECUNIA
28965
third-party-advisory
x_refsource_SECUNIA
28471
third-party-advisory
x_refsource_SECUNIA
27237
vdb-entry
x_refsource_BID
HPSBMA02388
vendor-advisory
x_refsource_HP
ADV-2008-1697
vdb-entry
x_refsource_VUPEN
RHSA-2008:0261
vendor-advisory
x_refsource_REDHAT
USN-575-1
vendor-advisory
x_refsource_UBUNTU
29640
third-party-advisory
x_refsource_SECUNIA
32800
third-party-advisory
x_refsource_SECUNIA
28977
third-party-advisory
x_refsource_SECUNIA
30732
third-party-advisory
x_refsource_SECUNIA
ADV-2008-1224
vdb-entry
x_refsource_VUPEN
PK59667
vendor-advisory
x_refsource_AIXAPAR
MDVSA-2008:016
vendor-advisory
x_refsource_MANDRIVA
[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
mailing-list
x_refsource_MLIST
[httpd-cvs] 20210330 svn commit: r1888194 [5/13] - /httpd/site/trunk/content/security/json/
mailing-list
x_refsource_MLIST
[httpd-cvs] 20210330 svn commit: r1073139 [5/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
mailing-list
x_refsource_MLIST
[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now