Apache Denial of Service and Cross-Site Scripting
Schweregrad: : Medium
Identificador(es) CVE: : CVE-2006-5752,CVE-2007-3304,CVE-2007-1863
Data do informe: 21 julho 2015
Descrição
Some vulnerabilities have been acknowledged in Apache, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/
Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.
Exposição das informações
Apply associated Trend Micro DPI Rules.
Solução
Trend Micro Deep Security DPI Rule Number: 1000552
Trend Micro Deep Security DPI Rule Name: 1000552 - Generic Cross Site Scripting(XSS) Prevention
Software infectado e versão:
- Apache 1.3.x
- Apache 2.0.x
- Apache 2.2.x