Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6420

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2007-6420
Last Modified 07 Mar 2011 10:02:41
Published 11 Jan 2008 07:46:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-6420

Summary

Cross-site request forgery (CSRF) vulnerability in the balancer-manager in mod_proxy_balancer for Apache HTTP Server 2.2.x allows remote attackers to gain privileges via unspecified vectors.

Vulnerable Systems

Application

  • Apache Http Server 2.2.0

  • Apache Http Server 2.2.2

  • Apache Http Server 2.2.3

  • Apache Http Server 2.2.4

  • Apache Http Server 2.2.5

  • Apache Http Server 2.2.6


References

BID - 27236

BUGTRAQ - 20080110 SecurityReason - Apache2 CSRF, XSS, Memory Corruption and Denial of Service Vulnerability

VUPEN - ADV-2009-0320

VUPEN - ADV-2008-2780

UBUNTU - USN-731-1

BID - 31681

BUGTRAQ - 20080729 rPSA-2008-0236-1 httpd mod_ssl

REDHAT - RHSA-2008:0966

CONFIRM - http://support.apple.com/kb/HT3216

GENTOO - GLSA-200807-06

SECUNIA - 34219

SECUNIA - 33797

SECUNIA - 32222

SECUNIA - 31026

HP - SSRT090005

SUSE - SUSE-SR:2008:024

APPLE - APPLE-SA-2008-10-09

SREASON - 3523

HP - HPSBUX02401

Related Patches

Apple 2008-10-09 Security Update 2008-007 Server (Leopard)

Apple 2008-10-09 Security Update 2008-007 Client (Leopard)


Last Updated: 27 May 2016 10:47:27