CVE-2007-1862

Related Files

Gentoo Linux Security Advisory 200711-6

Posted Nov 7, 2007

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200711-06 - Multiple cross-site scripting vulnerabilities have been discovered in mod_status and mod_autoindex. An error has been discovered in the recall_headers() function in mod_mem_cache. The mod_cache module does not properly sanitize requests before processing them. The Prefork module does not properly check PID values before sending signals. The mod_proxy module does not correctly check headers before processing them. Versions less than 2.2.6 are affected.

tags | advisory, vulnerability, xss

systems | linux, gentoo

advisories | CVE-2006-5752, CVE-2007-1862, CVE-2007-1863, CVE-2007-3304, CVE-2007-3847, CVE-2007-4465

SHA-256 | 3af714c78881d176cc1b41256f3f354e3c88517f7cc34687fe2d8f0b5a7a9ef6

Download | Favorite | View

Mandriva Linux Security Advisory 2007.127

Posted Jun 21, 2007

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - The recall_headers function in mod_mem_cache in Apache 2.2.4 does not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously-used data, which could be used to obtain potentially sensitive information by unauthorized users.

tags | advisory, web

systems | linux, mandriva

advisories | CVE-2007-1862

SHA-256 | 2c58e81c7fdbf47fc1aff0fb58209c44403b34e89fa427097bb7f681267e7a30

Download | Favorite | View