• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Apache Mod_AutoIndex.C Undefined Charset Cross-Site Scripting Vulnerability

References:

• Apache Homepage (Apache Software Foundation)
  
• Changes with Apache 2.2.6 (Apache)
  
• Apache2 Undefined Charset UTF-7 XSS Vulnerability (Maksymilian Arciemowicz)
  
• ASA-2008-026 httpd security update (RHSA-2008-0005) (Avaya)
  
• ASA-2008-031 Apache security update (RHSA-2008-0004) (Avaya Inc.)
  
• ASA-2008-032 httpd security update (RHSA-2008-0006) (Avaya)
  
• HPSBUX02365 SSRT080118 rev.1 - HP-UX Running Apache, Remote Cross Site Scripting (HP)
  
• Interstage HTTP Server: Cross-site Scripting Problem (CVE-2007-4465/ CVE-2007-62 (Fujitsu)
  
• RHSA-2007:0911-6 httpd security update (Red Hat)
  
• RHSA-2008:0004-7 - apache security update (Red Hat)
  
• RHSA-2008:0005-4 - httpd security update (Red Hat)
  
• RHSA-2008:0006-6 - httpd security update (Red Hat)
  
• RHSA-2008:0008-6 httpd security update (Red Hat)
  
• RHSA-2008:0261-4 Moderate: Red Hat Network Satellite Server security update (Red Hat)