CVE-2007-6420 vulnerabilities and exploits

(subscribe to this query)

Cross-site request forgery (CSRF) vulnerability in the balancer-manager in mod_proxy_balancer for Apache HTTP Server 2.2.x allows remote malicious users to gain privileges via unspecified vectors.

Apache Http Server 2.2.0 Apache Http Server 2.2.2 Apache Http Server 2.2.3 Apache Http Server 2.2.4 Apache Http Server 2.2.5 Apache Http Server 2.2.6 Apache Http Server 2.2.8 Canonical Ubuntu Linux 6.06 Canonical Ubuntu Linux 7.10 Canonical Ubuntu Linux 8.04

Cross-site scripting (XSS) vulnerability in Apache 2.2.6 and previous versions allows remote malicious users to inject arbitrary web script or HTML via UTF-7 encoded URLs that are not properly handled when displaying the 403 Forbidden error page.

Apache Http Server -Apache Http Server 2.0 Apache Http Server 2.0.9 Apache Http Server 2.0.28 Apache Http Server 2.0.32 Apache Http Server 2.0.34 Apache Http Server 2.0.35 Apache Http Server 2.0.36 Apache Http Server 2.0.37 Apache Http Server 2.0.38 Apache Http Server 2.0.39 Apache Http Server 2.0.40

1 EDB exploit

The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a la...

Apache Http Server Canonical Ubuntu Linux 6.06 Canonical Ubuntu Linux 7.10 Canonical Ubuntu Linux 8.04 Fedoraproject Fedora 8 Fedoraproject Fedora 9 Redhat Enterprise Linux Desktop 3.0 Redhat Enterprise Linux Desktop 4.0 Redhat Enterprise Linux Desktop 5.0 Redhat Enterprise Linux Eus 4.7 Redhat Enterprise Linux Eus 5.2 Redhat Enterprise Linux Server 3.0

Memory leak in the zlib_stateful_init function in crypto/comp/c_zlib.c in libssl in OpenSSL 0.9.8f up to and including 0.9.8h allows remote malicious users to cause a denial of service (memory consumption) via multiple calls, as demonstrated by initial SSL client handshakes to th...

Openssl Openssl 0.9.8f Openssl Openssl 0.9.8g Openssl Openssl 0.9.8h

Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting (XSS) style attacks using web client components...

Apache Http Server 2.0.46 Apache Http Server 2.0.47 Apache Http Server 2.0.48 Apache Http Server 2.0.49 Apache Http Server 2.0.50 Apache Http Server 2.0.51 Apache Http Server 2.0.52 Apache Http Server 2.0.53 Apache Http Server 2.0.54 Apache Http Server 2.0.55 Apache Http Server 2.0.57 Apache Http Server 2.0.58

1 EDB exploit

Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and previous versions, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and previous versions 2.2 versions, allows remote malicious users to inject arbitrary web sc...

Apache Http Server Apple Mac Os X Canonical Ubuntu Linux 6.06 Canonical Ubuntu Linux 7.10 Canonical Ubuntu Linux 8.04 Opensuse Opensuse 10.2 Opensuse Opensuse 10.3 Opensuse Opensuse 11.0

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook