Apache Denial of Service and Cross-Site Scripting
Publish date: 21 de julio de 2015
Gravedad: Medio
Identificadores de CVE : CVE-2006-5752,CVE-2007-3304,CVE-2007-1863
Fecha recomendada: 21 de julio de 2015
Descripción
Some vulnerabilities have been acknowledged in Apache, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/
Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.
Revelación de la información
Apply associated Trend Micro DPI Rules.
Soluciones
Trend Micro Deep Security DPI Rule Number: 1000552
Trend Micro Deep Security DPI Rule Name: 1000552 - Generic Cross Site Scripting(XSS) Prevention
Software y versión afectados
- Apache 1.3.x
- Apache 2.0.x
- Apache 2.2.x