LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Book review: Open Advice

Linux support for ARM big.LITTLE

LWN.net Weekly Edition for February 9, 2012

XBMC 11 "Eden"

LWN.net Weekly Edition for February 2, 2012

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

apache2: cross-site scripting

Package(s):apache2 CVE #(s):CVE-2008-2939
Created:September 15, 2008 Updated:December 5, 2008
Description:

From the Mandriva advisory:

A cross-site scripting vulnerability was found in the mod_proxy_ftp module in Apache that allowed remote attackers to inject arbitrary web script or HTML via wildcards in a pathname in an FTP URI (CVE-2008-2939).

Alerts:
Red Hat RHSA-2008:0966-02 2008-12-04
rPath rPSA-2008-0327-1 2008-11-22
rPath rPSA-2008-0328-1 2008-11-22
CentOS CESA-2008:0967 2008-11-11
Red Hat RHSA-2008:0967-01 2008-11-11
SuSE SUSE-SR:2008:024 2008-11-07
Mandriva MDVSA-2008:195 2007-09-13
Mandriva MDVSA-2008:194 2008-09-13
(Log in to post comments)

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds