Apache Denial of Service and Cross-Site Scripting
Publish Date: 21 juillet 2015
Gravité: : Medium
Identifiant(s) CVE: : CVE-2006-5752,CVE-2007-3304,CVE-2007-1863
Date du conseil: 21 juillet 2015
Description
Some vulnerabilities have been acknowledged in Apache, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/
Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.
Information Exposure Rating:
Apply associated Trend Micro DPI Rules.
Solutions
Trend Micro Deep Security DPI Rule Number: 1000552
Trend Micro Deep Security DPI Rule Name: 1000552 - Generic Cross Site Scripting(XSS) Prevention
Affected software and version:
- Apache 1.3.x
- Apache 2.0.x
- Apache 2.2.x