Oval Definition:oval:org.mitre.oval:def:17648
Revision Date:2014-06-30Version:8
Title:USN-575-1 -- apache2 vulnerabilities
Description:It was discovered that Apache did not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2006-3918
CVE-2007-3847
CVE-2007-4465
CVE-2007-5000
CVE-2007-6388
CVE-2007-6421
CVE-2007-6422
CVE-2008-0005
USN-575-1
Platform(s):Ubuntu 6.06
Ubuntu 6.10
Ubuntu 7.04
Ubuntu 7.10
Product(s):apache2
Definition Synopsis
  • Release section
  • Ubuntu 6.06 is installed
  • AND Packages match section
  • apache2-mpm-perchild DPKG is earlier than 2.0.55-4ubuntu2.3
  • OR apache2-mpm-prefork DPKG is earlier than 2.0.55-4ubuntu2.3
  • OR apache2-mpm-worker DPKG is earlier than 2.0.55-4ubuntu2.3
  • Release section
  • Ubuntu 6.10 is installed
  • AND Packages match section
  • apache2-mpm-perchild DPKG is earlier than 2.0.55-4ubuntu4.2
  • OR apache2-mpm-prefork DPKG is earlier than 2.0.55-4ubuntu4.2
  • OR apache2-mpm-worker DPKG is earlier than 2.0.55-4ubuntu4.2
  • Release section
  • Ubuntu 7.04 is installed
  • AND Packages match section
  • apache2-mpm-event DPKG is earlier than 2.2.3-3.2ubuntu2.1
  • OR apache2-mpm-perchild DPKG is earlier than 2.2.3-3.2ubuntu2.1
  • OR apache2-mpm-prefork DPKG is earlier than 2.2.3-3.2ubuntu2.1
  • OR apache2-mpm-worker DPKG is earlier than 2.2.3-3.2ubuntu2.1
  • Release section
  • Ubuntu 7.10 is installed
  • AND Packages match section
  • apache2-mpm-event DPKG is earlier than 2.2.4-3ubuntu0.1
  • OR apache2-mpm-perchild DPKG is earlier than 2.2.4-3ubuntu0.1
  • OR apache2-mpm-prefork DPKG is earlier than 2.2.4-3ubuntu0.1
  • OR apache2-mpm-worker DPKG is earlier than 2.2.4-3ubuntu0.1
    • BACK