CVE-2008-0005
12.01.2008, 00:46
mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding.
Cross-site Scripting
Vendor | Product | Version |
---|---|---|
apache | http_server | 2.0.35 ≤ 𝑥 < 2.0.63 |
apache | http_server | 2.2.0 ≤ 𝑥 < 2.2.8 |
canonical | ubuntu_linux | 6.06 |
canonical | ubuntu_linux | 6.10 |
canonical | ubuntu_linux | 7.04 |
canonical | ubuntu_linux | 7.10 |
𝑥
= Vulnerable software versions

Debian Releases

Ubuntu Releases
Ubuntu Product | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
apache |
| ||||||||||||||||
apache2 |
|
References