CVE Database

CVE-2006-5752

Impact: Moderate
Public: 2007-06-20
Bugzilla: 245112: CVE-2006-5752 httpd mod_status XSS
IAVA: 2013-A-0144

Details

The MITRE CVE dictionary describes this issue as:

Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browsers that perform "charset detection" when the content-type is not specified.

Find out more about CVE-2006-5752 from the MITRE CVE dictionary and NIST NVD.

Red Hat security errata

Platform Errata Release Date
Red Hat Application Stack v1 for Enterprise Linux AS (v.4) (httpd) RHSA-2007:0557 July 13, 2007
Red Hat Certificate System 7.3 for 4AS RHSA-2010:0602 August 04, 2010
Red Hat Enterprise Linux version 2.1 (apache) RHSA-2007:0532 June 26, 2007
Red Hat Enterprise Linux version 3 (httpd) RHSA-2007:0533 June 27, 2007
Red Hat Enterprise Linux version 4 (httpd) RHSA-2007:0534 June 26, 2007
Red Hat Enterprise Linux version 5 (httpd) RHSA-2007:0556 June 26, 2007
Red Hat Satellite 5.0 (RHEL v.4 AS) RHSA-2008:0261 May 20, 2008
Red Hat Satellite Proxy v 4.2 (RHEL v.3 AS) RHSA-2008:0523 June 30, 2008
Red Hat Satellite Proxy v 4.2 (RHEL v.4 AS) RHSA-2008:0523 June 30, 2008
Red Hat Satellite Proxy v 5.0 (RHEL v.4 AS) RHSA-2008:0263 May 20, 2008
Red Hat Satellite v 4.2 (RHEL v.3 AS) RHSA-2008:0524 June 30, 2008
Red Hat Satellite v 4.2 (RHEL v.4 AS) RHSA-2008:0524 June 30, 2008

External References

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.