Oval Definition:oval:org.mitre.oval:def:12238
Revision Date:2015-04-20Version:29
Title:HP-UX Apache-based Web Server, Local Information Disclosure, Increase of Privilege, Remote Denial of Service (DoS)
Description:http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated using a Flash SWF file.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2006-3918
Platform(s):HP-UX 11
Product(s):
Definition Synopsis
  • Criteria meets HP Security Bulletin HPSBUX02612
  • HP-UX B.11.23
  • AND filesets tests
  • hpuxwsAPACHE.APACHE2 version is less than B.2.0.63.01
  • OR hpuxwsAPCH32.APACHE version is less than B.2.0.63.01
  • OR hpuxwsAPACHE.AUTH_LDAP version is less than B.2.0.63.01
  • OR hpuxwsAPACHE.AUTH_LDAP2 version is less than B.2.0.63.01
  • OR hpuxwsAPCH32.APACHE2 version is less than B.2.0.63.01
  • OR hpuxwsAPCH32.AUTH_LDAP version is less than B.2.0.63.01
  • OR hpuxwsAPACHE.MOD_JK version is less than B.2.0.63.01
  • OR hpuxwsAPCH32.AUTH_LDAP2 version is less than B.2.0.63.01
  • OR hpuxwsAPACHE.MOD_JK2 version is less than B.2.0.63.01
  • OR hpuxwsAPACHE.MOD_PERL version is less than B.2.0.63.01
  • OR hpuxwsAPCH32.MOD_JK version is less than B.2.0.63.01
  • OR hpuxwsAPCH32.MOD_JK2 version is less than B.2.0.63.01
  • OR hpuxwsAPACHE.MOD_PERL2 version is less than B.2.0.63.01
  • OR hpuxwsAPACHE.PHP version is less than B.2.0.63.01
  • OR hpuxwsAPCH32.MOD_PERL version is less than B.2.0.63.01
  • OR hpuxwsAPACHE.PHP2 version is less than B.2.0.63.01
  • OR hpuxwsAPCH32.MOD_PERL2 version is less than B.2.0.63.01
  • OR hpuxwsAPACHE.WEBPROXY version is less than B.2.0.63.01
  • OR hpuxwsAPCH32.WEBPROXY version is less than B.2.0.63.01
  • OR hpuxwsAPCH32.PHP version is less than B.2.0.63.01
  • OR hpuxwsAPACHE.APACHE version is less than B.2.0.63.01
  • OR hpuxwsAPCH32.PHP2 version is less than B.2.0.63.01
  • OR Criteria meets HP Security Bulletin HPSBUX02612
  • HP-UX B.11.11
  • AND filesets tests
  • hpuxwsAPACHE.APACHE version is less than B.2.0.63.01
  • OR hpuxwsAPACHE.APACHE2 version is less than B.2.0.63.01
  • OR hpuxwsAPACHE.AUTH_LDAP version is less than B.2.0.63.01
  • OR hpuxwsAPACHE.AUTH_LDAP2 version is less than B.2.0.63.01
  • OR hpuxwsAPACHE.MOD_JK version is less than B.2.0.63.01
  • OR hpuxwsAPACHE.MOD_JK2 version is less than B.2.0.63.01
  • OR hpuxwsAPACHE.MOD_PERL version is less than B.2.0.63.01
  • OR hpuxwsAPACHE.MOD_PERL2 version is less than B.2.0.63.01
  • OR hpuxwsAPACHE.WEBPROXY version is less than B.2.0.63.01
  • OR hpuxwsAPACHE.PHP version is less than B.2.0.63.01
  • OR hpuxwsAPACHE.PHP2 version is less than B.2.0.63.01
  • OR Criteria meets HP Security Bulletin HPSBUX02612
  • HP-UX B.11.31
  • AND filesets tests
  • hpuxwsAPACHE.APACHE2 version is less than B.2.0.63.01
  • OR hpuxwsAPCH32.APACHE version is less than B.2.0.63.01
  • OR hpuxwsAPACHE.AUTH_LDAP version is less than B.2.0.63.01
  • OR hpuxwsAPACHE.AUTH_LDAP2 version is less than B.2.0.63.01
  • OR hpuxwsAPCH32.APACHE2 version is less than B.2.0.63.01
  • OR hpuxwsAPCH32.AUTH_LDAP version is less than B.2.0.63.01
  • OR hpuxwsAPACHE.MOD_JK version is less than B.2.0.63.01
  • OR hpuxwsAPCH32.AUTH_LDAP2 version is less than B.2.0.63.01
  • OR hpuxwsAPACHE.MOD_JK2 version is less than B.2.0.63.01
  • OR hpuxwsAPACHE.MOD_PERL version is less than B.2.0.63.01
  • OR hpuxwsAPCH32.MOD_JK version is less than B.2.0.63.01
  • OR hpuxwsAPCH32.MOD_JK2 version is less than B.2.0.63.01
  • OR hpuxwsAPACHE.MOD_PERL2 version is less than B.2.0.63.01
  • OR hpuxwsAPCH32.MOD_PERL version is less than B.2.0.63.01
  • OR hpuxwsAPACHE.PHP version is less than B.2.0.63.01
  • OR hpuxwsAPACHE.PHP2 version is less than B.2.0.63.01
  • OR hpuxwsAPCH32.MOD_PERL2 version is less than B.2.0.63.01
  • OR hpuxwsAPCH32.PHP version is less than B.2.0.63.01
  • OR hpuxwsAPACHE.WEBPROXY version is less than B.2.0.63.01
  • OR hpuxwsAPCH32.WEBPROXY version is less than B.2.0.63.01
  • OR hpuxwsAPACHE.APACHE version is less than B.2.0.63.01
  • OR hpuxwsAPCH32.PHP2 version is less than B.2.0.63.01
    • BACK