CVE-2007-6420

Impact:
Low
Public Date:
2008-09-01
CWE:
CWE-352
Bugzilla:
471009: CVE-2007-6420 mod_proxy_balancer CSRF

The MITRE CVE dictionary describes this issue as:

Cross-site request forgery (CSRF) vulnerability in the balancer-manager in mod_proxy_balancer for Apache HTTP Server 2.2.x allows remote attackers to gain privileges via unspecified vectors.

Find out more about CVE-2007-6420 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

mod_proxy_balancer is shipped in Red Hat Enterprise Linux 5 and Red Hat Application Stack v2. We do not plan on correcting this issue as it poses a very low security risk: The balancer manager is not enabled by default, the user targeted by the CSRF would need to be authenticated, and the consequences of an exploit would be limited to a web server denial of service.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Application Stack v2 for Enterprise Linux (v.5) RHSA-2008:0966 2008-12-04

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact Red Hat Product Security.

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.