Apache - CVE-2007-6388

Description

Cytrix has detected that Cross-site scripting (XSS) can be done in mod_status in the version of the Apache HTTP Server being used.
This vulnerability can be exploited only if mod_status pages are publicly accessible.
Also known as CVE-2007-6388.

If mod_status is enabled and the status pages are publicly accessible, a cross-site scripting attack is possible.
If the server-status page is enabled, remote attackers can inject arbitrary web script or HTML by abusing unspecified vectors.

This vulnerability allow attackers to modify system files and information.

Severity/Score

CVSS Version 2.0 – 4.3 Medium

The Risks in Web Applications and other scary things…

There are couple of things regarding Risks in Web-Based Applications that you should know, let’s talk about them. When crossing the street, we look at

HAR Files

In this article, I’ll talk and explain about HAR Files, so if you don’t know what they are, or, what do we use them for,

Models – CIA and AAA

The field of information security is based on a number of basic principles that are important for us. Each principle is part of two main

Passwords 101

Unlike basketballs, “passwords” are things we don’t want to be passed around, especially in a society built around the idea that “mystery” is appealing. We

Cryptography – A Fine Art

As we know, a conversation need at least 2 people to exist, in this conversation of course, the exchange of data and information are being

Zeroed In – Zero-Day Attacks

If you are familiar with programming, you know that Zero ([0]) is usually the starting point of arrays, that is called Zero-based numbering, what does

Apache – CVE-2007-6388

Description

Severity/Score

Recommendation

References

The Risks in Web Applications and other scary things…

HAR Files

Models – CIA and AAA

Passwords 101

Cryptography – A Fine Art

Zeroed In – Zero-Day Attacks

Company

Resources

Docs

Latest posts

Possible Credit Card Number Disclosure

Backdoors – A Dangerous Back Entrance

Internal IP Disclosure