AXSA:2008-23:01

リリース日: 
2008/02/18 Monday - 12:00
題名: 
httpd-2.2.3-11.3.1AX
影響のあるチャネル: 
Asianux Server 3 for ia64
Asianux Server 3 for ppc
Asianux Server 3 for x86_64
Asianux Server 3 for x86
Severity: 
Moderate
Description: 

The Apache HTTP Server is a powerful, efficient, and extensible web server.
A flaw was found in the mod_imagemap module. On sites where mod_imagemap was enabled and an imagemap file was publicly available, a cross-site scripting attack was possible. (CVE-2007-5000)
A flaw was found in the mod_autoindex module. On sites where directory listings are used, and the "AddDefaultCharset" directive has been removed from the configuration, a cross-site scripting attack might have been possible against Web browsers which do not correctly derive the response character set following the rules in RFC 2616. (CVE-2007-4465)
A flaw was found in the mod_status module. On sites where mod_status was enabled and the status pages were publicly available, a cross-site scripting attack was possible. (CVE-2007-6388)
A flaw was found in the mod_proxy_balancer module. On sites where mod_proxy_balancer was enabled, a cross-site scripting attack against an authorized user was possible. (CVE-2007-6421)
A flaw was found in the mod_proxy_balancer module. On sites where mod_proxy_balancer was enabled, an authorized user could send a carefully crafted request that would cause the Apache child process handling that request to crash. This could lead to a denial of service if using a threaded Multi-Processing Module. (CVE-2007-6422)
A flaw was found in the mod_proxy_ftp module. On sites where mod_proxy_ftp was enabled and a forward proxy was configured, a cross-site scripting attack was possible against Web browsers which do not correctly derive the response character set following the rules in RFC 2616. (CVE-2008-0005)

解決策: 

パッケージをアップデートしてください。

追加情報: 

N/A

ダウンロード: 
File not found: /var/www/html/asianux/sites/tsn.asianux.com/files/private/buginfo//3903_httpd.txt
File not found: /var/www/html/asianux/sites/tsn.asianux.com/files/private/buginfo//3903_httpd-devel.txt
File not found: /var/www/html/asianux/sites/tsn.asianux.com/files/private/buginfo//3903_httpd-manual.txt
File not found: /var/www/html/asianux/sites/tsn.asianux.com/files/private/buginfo//3903_mod_ssl.txt
File not found: /var/www/html/asianux/sites/tsn.asianux.com/files/private/buginfo//3903_httpd.txt
File not found: /var/www/html/asianux/sites/tsn.asianux.com/files/private/buginfo//3903_httpd-devel.txt
File not found: /var/www/html/asianux/sites/tsn.asianux.com/files/private/buginfo//3903_httpd-devel.txt
File not found: /var/www/html/asianux/sites/tsn.asianux.com/files/private/buginfo//3903_httpd-manual.txt
File not found: /var/www/html/asianux/sites/tsn.asianux.com/files/private/buginfo//3903_mod_ssl.txt
File not found: /var/www/html/asianux/sites/tsn.asianux.com/files/private/buginfo//3903_httpd.txt
File not found: /var/www/html/asianux/sites/tsn.asianux.com/files/private/buginfo//3903_httpd-devel.txt
File not found: /var/www/html/asianux/sites/tsn.asianux.com/files/private/buginfo//3903_httpd-manual.txt
File not found: /var/www/html/asianux/sites/tsn.asianux.com/files/private/buginfo//3903_mod_ssl.txt
File not found: /var/www/html/asianux/sites/tsn.asianux.com/files/private/buginfo//3903_httpd.txt
File not found: /var/www/html/asianux/sites/tsn.asianux.com/files/private/buginfo//3903_httpd-devel.txt
File not found: /var/www/html/asianux/sites/tsn.asianux.com/files/private/buginfo//3903_httpd-devel.txt
File not found: /var/www/html/asianux/sites/tsn.asianux.com/files/private/buginfo//3903_httpd-manual.txt
File not found: /var/www/html/asianux/sites/tsn.asianux.com/files/private/buginfo//3903_mod_ssl.txt
Copyright© 2007-2015 Asianux. All rights reserved.