httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From wr...@apache.org
Subject svn commit: r1179836 - /httpd/site/trunk/docs/security/vulnerabilities_13.html
Date Thu, 06 Oct 2011 20:35:08 GMT
Author: wrowe
Date: Thu Oct  6 20:35:07 2011
New Revision: 1179836

URL: http://svn.apache.org/viewvc?rev=1179836&view=rev
Log:
Rebuilt

Modified:
    httpd/site/trunk/docs/security/vulnerabilities_13.html

Modified: httpd/site/trunk/docs/security/vulnerabilities_13.html
URL: http://svn.apache.org/viewvc/httpd/site/trunk/docs/security/vulnerabilities_13.html?rev=1179836&r1=1179835&r2=1179836&view=diff
==============================================================================
--- httpd/site/trunk/docs/security/vulnerabilities_13.html [utf-8] (original)
+++ httpd/site/trunk/docs/security/vulnerabilities_13.html [utf-8] Thu Oct  6 20:35:07 2011
@@ -207,27 +207,6 @@ Note that the server-status page is not 
 <dd>
 <b>moderate: </b>
 <b>
-<name name="CVE-2007-6388">mod_status XSS</name>
-</b>
-<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388">CVE-2007-6388</a>
-<p>
-A flaw was found in the mod_status module. On sites where mod_status is
-enabled and the status pages were publicly accessible, a cross-site
-scripting attack is possible.
-Note that the server-status page is not enabled by default and it is best practice to not
make this publicly available.</p>
-</dd>
-<dd>
-  Reported to security team: 15th December 2007<br />
-  Issue public: 2nd January 2008<br />
-  Update released: 19th January 2008<br />
-</dd>
-<dd>
-      Affected: 
-    1.3.39, 1.3.37, 1.3.36, 1.3.35, 1.3.34, 1.3.33, 1.3.32, 1.3.31, 1.3.29, 1.3.28, 1.3.27,
1.3.26, 1.3.24, 1.3.22, 1.3.20, 1.3.19, 1.3.17, 1.3.14, 1.3.12, 1.3.11, 1.3.9, 1.3.6, 1.3.4,
1.3.3, 1.3.2<p />
-</dd>
-<dd>
-<b>moderate: </b>
-<b>
 <name name="CVE-2007-5000">mod_imap XSS</name>
 </b>
 <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000">CVE-2007-5000</a>



Mime
View raw message