Oval Definition:	oval:org.mitre.oval:def:7716
Revision Date: 2014-07-14 Version: 9 Title: Apache 'mod_proxy_ftp' Wildcard Characters Cross-Site Scripting Vulnerability Description: Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via a wildcard in the last directory component in the pathname in an FTP URI. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2008-2939 Platform(s): Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP Product(s): Apache Definition Synopsis AND Apache HTTP Server 2.0.x is installed on the system AND The version of libhttpd.dll is less than 2.0.64 OR Apache HTTP Server 2.2.x is installed on the system AND The version of libhttpd.dll is less than 2.2.10
BACK