CVE-2007-6388

Impact:
Moderate
Public Date:
2007-12-29
Bugzilla:
427228: CVE-2007-6388 apache mod_status cross-site scripting

The MITRE CVE dictionary describes this issue as:

Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Find out more about CVE-2007-6388 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Satellite Proxy v 4.2 (RHEL v.4 AS) RHSA-2008:0523 2008-06-30
Red Hat Enterprise Linux version 3 (httpd) RHSA-2008:0005 2008-01-15
Red Hat Application Stack v1 for Enterprise Linux AS (v.4) (httpd) RHSA-2008:0007 2008-01-15
Red Hat Satellite Proxy v 5.0 (RHEL v.4 AS) RHSA-2008:0263 2008-05-20
Red Hat Application Stack v2 for Enterprise Linux (v.5) (httpd) RHSA-2008:0009 2008-01-21
Red Hat Satellite v 4.2 (RHEL v.3 AS) RHSA-2008:0524 2008-06-30
Red Hat Enterprise Linux version 2.1 (apache) RHSA-2008:0004 2008-01-15
Red Hat Satellite 5.0 (RHEL v.4 AS) RHSA-2008:0261 2008-05-20
Red Hat Enterprise Linux version 5 (httpd) RHSA-2008:0008 2008-01-15
Red Hat Satellite v 4.2 (RHEL v.4 AS) RHSA-2008:0524 2008-06-30
Red Hat Satellite Proxy v 4.2 (RHEL v.3 AS) RHSA-2008:0523 2008-06-30
Red Hat Certificate System 7.3 for 4AS RHSA-2010:0602 2010-08-04
Red Hat Enterprise Linux version 4 (httpd) RHSA-2008:0006 2008-01-15