|
|
Apache HTTP Server Mod_Status Cross-Site Scripting Vulnerability
|
Bugtraq ID:
|
24645
|
|
Class:
|
Input Validation Error
|
|
CVE:
|
CVE-2006-5752
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Jun 26 2007 12:00AM
|
|
Updated:
|
Jun 30 2008 11:52PM
|
|
Credit:
|
Stefan Esser is credited with the discovery of this vulnerability.
|
|
Vulnerable:
|
Ubuntu Ubuntu Linux 7.04 sparc
Ubuntu Ubuntu Linux 7.04 powerpc
Ubuntu Ubuntu Linux 7.04 i386
Ubuntu Ubuntu Linux 7.04 amd64
Ubuntu Ubuntu Linux 6.10 sparc
Ubuntu Ubuntu Linux 6.10 powerpc
Ubuntu Ubuntu Linux 6.10 i386
Ubuntu Ubuntu Linux 6.10 amd64
Ubuntu Ubuntu Linux 6.06 LTS sparc
Ubuntu Ubuntu Linux 6.06 LTS powerpc
Ubuntu Ubuntu Linux 6.06 LTS i386
Ubuntu Ubuntu Linux 6.06 LTS amd64
Turbolinux Turbolinux Server 10.0 x86
Turbolinux Turbolinux Server 10.0
Turbolinux Turbolinux Server 10.0.0 x64
Turbolinux FUJI 0
Turbolinux Appliance Server 2.0
Trustix Secure Linux 3.0.5
Trustix Secure Linux 3.0
Trustix Secure Linux 2.2
Trustix Operating System Enterprise Server 2.0
Sun Solaris 9_x86
Sun Solaris 9
Sun Solaris 8_x86
Sun Solaris 8
Sun Solaris 10_x86
Sun Solaris 10.0_x86
Sun Solaris 10.0
Sun Solaris 10
SGI ProPack 3.0 SP6
S.u.S.E. SLE SDK 10.SP1
S.u.S.E. openSUSE 10.3
S.u.S.E. openSUSE 10.2
S.u.S.E. Open-Enterprise-Server 0
S.u.S.E. Novell Linux POS 9
S.u.S.E. Novell Linux Desktop 9.0
S.u.S.E. Novell Linux Desktop 9
S.u.S.E. Linux Professional 10.0 OSS
S.u.S.E. Linux Professional 10.1
S.u.S.E. Linux Personal 10.0 OSS
S.u.S.E. Linux Personal 10.1
S.u.S.E. Linux Enterprise Server 9
S.u.S.E. Linux Enterprise Server 10.SP1
S.u.S.E. Linux Enterprise SDK 10
rPath rPath Linux 1
RedHat Red Hat Network Satellite Server 5.0
RedHat Network Satellite (for RHEL 4) 4.2
RedHat Network Proxy (for RHEL 4) 5.0
RedHat Network Proxy (for RHEL 4) 4.2
RedHat Network Proxy (for RHEL 3) 4.2
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux WS 2.1 IA64
RedHat Enterprise Linux WS 2.1
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux ES 2.1 IA64
RedHat Enterprise Linux ES 2.1
RedHat Enterprise Linux Desktop Workstation 5 client
RedHat Enterprise Linux Desktop 5 client
RedHat Enterprise Linux AS 4
RedHat Enterprise Linux AS 3
RedHat Enterprise Linux AS 2.1 IA64
RedHat Enterprise Linux AS 2.1
RedHat Enterprise Linux 5 server
RedHat Desktop 4.0
RedHat Desktop 3.0
RedHat Advanced Workstation for the Itanium Processor 2.1 IA64
RedHat Advanced Workstation for the Itanium Processor 2.1
RedHat Network Satellite (for RHEL 3) 4.2
MandrakeSoft Multi Network Firewall 2.0
MandrakeSoft Linux Mandrake 2007.1 x86_64
MandrakeSoft Linux Mandrake 2007.1
MandrakeSoft Linux Mandrake 2007.0 x86_64
MandrakeSoft Linux Mandrake 2007.0
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
MandrakeSoft Corporate Server 4.0
IBM HTTP Server 2.0.47 .1
IBM HTTP Server 2.0.47
IBM HTTP Server 2.0.42 .2
IBM HTTP Server 2.0.42 .1
IBM HTTP Server 2.0.42
IBM HTTP Server 1.3.28 .1
IBM HTTP Server 1.3.28
IBM HTTP Server 1.3.26 .2
IBM HTTP Server 1.3.26 .1
IBM HTTP Server 1.3.26
IBM HTTP Server 1.3.19 .5
IBM HTTP Server 1.3.19 .4
IBM HTTP Server 1.3.19 .3
IBM HTTP Server 1.3.19 .2
IBM HTTP Server 1.3.19 .1
IBM HTTP Server 1.3.19
IBM HTTP Server 1.3.12 .7
IBM HTTP Server 1.3.12 .6
IBM HTTP Server 1.3.12 .5
IBM HTTP Server 1.3.12 .4
-
IBM AIX 4.3.3
-
IBM AIX 5.1
-
RedHat Linux 7.1
-
S.u.S.E. Linux 7.2
IBM HTTP Server 1.3.12 .3
-
HP HP-UX 11.0
-
Microsoft Windows NT 4.0 SP6a
-
Microsoft Windows NT 4.0 SP5
-
Microsoft Windows NT 4.0 SP4
-
Sun Solaris 8
-
Sun Solaris 7.0
-
Sun Solaris 2.6
IBM HTTP Server 1.3.12 .2
IBM HTTP Server 1.3.12 .1
IBM HTTP Server 1.3.12
IBM HTTP Server 1.3.6 win32
IBM HTTP Server 1.3.6 .4 win32
IBM HTTP Server 1.3.6 .3
IBM HTTP Server 1.3.6 .2 win32
IBM HTTP Server 1.3.6 .2 unix
IBM HTTP Server 1.3.3 win32
IBM HTTP Server 1.0
IBM HTTP Server 6.1.0.1
IBM HTTP Server 6.1.0
IBM HTTP Server 6.0.2.13
IBM HTTP Server 6.0.2.12
IBM HTTP Server 2.2.2
IBM HTTP Server 2.2.1
IBM HTTP Server 2.0.58
HP HP-UX B.11.31
HP HP-UX B.11.11
Gentoo Linux
Fujitsu INTERSTAGE Studio Standard-J Edition 9.0
Fujitsu INTERSTAGE Studio Standard-J Edition 8.0.1
Fujitsu INTERSTAGE Studio Standard-J Edition 8.0.1
Fujitsu INTERSTAGE Studio Enterprise Edition 9.0
Fujitsu INTERSTAGE Studio Enterprise Edition 8.0.1
Fujitsu INTERSTAGE Job Workload Server 8.1
Fujitsu INTERSTAGE Business Application Server Enterprise 8.0
Fujitsu INTERSTAGE Apworks Standard-J Edition 8.0
Fujitsu INTERSTAGE Apworks Modelers-J Edition 7.0
Fujitsu INTERSTAGE Apworks Modelers-J Edition 6.0A
Fujitsu INTERSTAGE Apworks Modelers-J Edition 6.0
Fujitsu INTERSTAGE Apworks Enterprise Edition 8.0
Fujitsu iNTERSTAGE Application Server Web-J Edition 5.0
Fujitsu INTERSTAGE Application Server Standard-J Edition 9.0 A
Fujitsu INTERSTAGE Application Server Standard-J Edition 9.0
Fujitsu INTERSTAGE Application Server Standard-J Edition 8.0.2
Fujitsu INTERSTAGE Application Server Standard-J Edition 8.0.2
Fujitsu INTERSTAGE Application Server Standard-J Edition 8.0.1
Fujitsu INTERSTAGE Application Server Standard-J Edition 8.0
Fujitsu iNTERSTAGE Application Server Standard Edition 5.0
Fujitsu INTERSTAGE Application Server Plus Developer 5.0.1
Fujitsu INTERSTAGE Application Server Plus Developer 7.0
Fujitsu INTERSTAGE Application Server Plus Developer 6.0
Fujitsu Interstage Application Server Plus 7.0.1
Fujitsu Interstage Application Server Plus 5.0.1
Fujitsu Interstage Application Server Plus 7.0
Fujitsu Interstage Application Server Plus 6.0
Fujitsu INTERSTAGE Application Server Enterprise Edition 9.0 A
Fujitsu INTERSTAGE Application Server Enterprise Edition 9.0
Fujitsu INTERSTAGE Application Server Enterprise Edition 8.0.2
Fujitsu INTERSTAGE Application Server Enterprise Edition 8.0.1
Fujitsu INTERSTAGE Application Server Enterprise Edition 8.0
Fujitsu INTERSTAGE Application Server Enterprise Edition 7.0.1
Fujitsu INTERSTAGE Application Server Enterprise Edition 5.0.1
Fujitsu INTERSTAGE Application Server Enterprise Edition 7.0
Fujitsu INTERSTAGE Application Server Enterprise Edition 6.0A
Fujitsu INTERSTAGE Application Server Enterprise Edition 6.0
Fujitsu INTERSTAGE Application Server Enterprise Edition 5.0
Avaya Messaging Storage Server MSS 3.0
Avaya Message Networking
Avaya Interactive Response 1.3
Avaya Interactive Response 3.0
Avaya Interactive Response 2.0
Apache Software Foundation Apache 2.2.4
Apache Software Foundation Apache 2.2.3
Apache Software Foundation Apache 2.2 .0
|
|
|
|
Not Vulnerable:
|
Apache Software Foundation Apache 2.2.6
Apache Software Foundation Apache 2.3.38-dev
Apache Software Foundation Apache 2.0.60-dev
|
|
|
