Описание
Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via a wildcard in the last directory component in the pathname in an FTP URI.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | |
| devel | DNE | |
| feisty | not-affected | |
| gutsy | DNE | |
| hardy | DNE | |
| intrepid | DNE | |
| upstream | not-affected |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 2.0.55-4ubuntu2.4 |
| devel | not-affected | 2.2.9-7ubuntu1 |
| feisty | ignored | end of life, was needed |
| gutsy | released | 2.2.4-3ubuntu0.2 |
| hardy | released | 2.2.8-1ubuntu0.4 |
| intrepid | not-affected | 2.2.9-7ubuntu1 |
| upstream | released | 2.2.9-7 |
Показывать по
4.3 Medium
CVSS2
Связанные уязвимости
Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via a wildcard in the last directory component in the pathname in an FTP URI.
Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via a wildcard in the last directory component in the pathname in an FTP URI.
Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_pro ...
Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via a wildcard in the last directory component in the pathname in an FTP URI.
ELSA-2008-0967: httpd security and bug fix update (MODERATE)
4.3 Medium
CVSS2