User: Password:
Subscribe / Log in / New account

apache: cross-site scripting

Package(s):apache CVE #(s):CVE-2006-3918
Created:August 9, 2006 Updated:April 4, 2008
Description: From the Red Hat advisory: "A bug was found in Apache where an invalid Expect header sent to the server was returned to the user in an unescaped error message. This could allow an attacker to perform a cross-site scripting attack if a victim was tricked into connecting to a site and sending a carefully crafted Expect header."
SuSE SUSE-SA:2008:021 apache2,apache 2008-04-04
Ubuntu USN-575-1 apache2 2008-02-04
SuSE SUSE-SA:2006:051 apache2 2006-09-08
Debian DSA-1167-1 apache 2005-09-04
Red Hat RHSA-2006:0619-01 httpd 2006-08-10
Red Hat RHSA-2006:0618-01 apache 2006-08-08

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds