exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

CVE-2008-2939

Status Candidate

Overview

CVE-2008-2939 httpd: mod_proxy_ftp globbing XSS

Related Files

HP Security Bulletin HPSBMA02442 SSRT090108
Posted May 27, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified with HP Business Availability Center running Apache. The vulnerabilities could be remotely exploited to allow Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), and Denial of Service (DoS).

tags | advisory, denial of service, vulnerability, xss, csrf
advisories | CVE-2008-2939, CVE-2008-2364, CVE-2008-0005, CVE-2007-6422, CVE-2007-6421, CVE-2007-6420, CVE-2007-6388, CVE-2007-5000
SHA-256 | 8984e6a6d71e3911533469692dc0da853eb51153edc9f05ce6268a71ce2b470d
Mandriva Linux Security Advisory 2009-323
Posted Dec 7, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-323 - Multiple vulnerabilities has been found and corrected in apache. Packages for 2008.0 are being provided due to extended support for Corporate products. This update provides a solution to these vulnerabilities.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2008-1678, CVE-2008-2939, CVE-2009-1191, CVE-2009-1195, CVE-2009-1890, CVE-2009-1891, CVE-2009-3094, CVE-2009-3095, CVE-2009-3555
SHA-256 | e56a54d6bdc82b29375d1213af66206fb4ca08275ca3ccd4eb0ad21e18bffd71
HP Security Bulletin HPSBUX02465 SSRT090192
Posted Oct 23, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS), cross-site scripting (XSS) or unauthorized access. Apache-based Web Server is contained in the Apache Web Server Suite.

tags | advisory, web, denial of service, vulnerability, xss
systems | hpux
advisories | CVE-2006-3918, CVE-2007-4465, CVE-2007-6203, CVE-2008-0005, CVE-2008-0599, CVE-2008-2168, CVE-2008-2364, CVE-2008-2371, CVE-2008-2665, CVE-2008-2666, CVE-2008-2829, CVE-2008-2939, CVE-2008-3658, CVE-2008-3659, CVE-2008-3660, CVE-2008-5498, CVE-2008-5557, CVE-2008-5624
SHA-256 | 917f5771b1ecaed534503ff6b3384773b7597e104b42f7ed74b05115d49f2b09
Mandriva Linux Security Advisory 2009-124
Posted Jul 8, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-124-1 - Multiple vulnerabilities have been found and corrected in apache. These include a cross site scripting vulnerability in proxy_ftp.c in the mod_proxy_ftp module, a memory leak relating to OpenSSL, and a local privilege escalation issue.

tags | advisory, local, vulnerability, xss, memory leak
systems | linux, mandriva
advisories | CVE-2008-1678, CVE-2008-2939, CVE-2009-1195
SHA-256 | 56ee9412c82555f204ae170fef4f805a84fed41592ffff62069451dc7851f636
Mandriva Linux Security Advisory 2009-124
Posted Jun 2, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-124 - Multiple vulnerabilities has been found and corrected in apache including a memory leak in libssl, a cross site scripting vulnerability in proxy_ftp.c, and a local privilege escalation issue.

tags | advisory, local, vulnerability, xss, memory leak
systems | linux, mandriva
advisories | CVE-2008-1678, CVE-2008-2939, CVE-2009-1195
SHA-256 | 621d485edd40612668fe7da7038e0c1f04a40ce36dbfca578ba3006c909d9dca
Ubuntu Security Notice 731-1
Posted Mar 10, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-731-1 - Various cross site scripting and cross site request forgery issues have been addressed in the Apache2 package.

tags | advisory, xss, csrf
systems | linux, ubuntu
advisories | CVE-2007-6203, CVE-2007-6420, CVE-2008-1678, CVE-2008-2168, CVE-2008-2364, CVE-2008-2939
SHA-256 | 53c042689592505b6cc1714dc0b02d8469fa878b9973b4b6057be919a686c447
HP Security Bulletin 2009-00.5
Posted Feb 4, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server or Tomcat-based Servelet Engine. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS), cross-site scripting (XSS), execution of arbitrary code, or cross-site request forgery (CSRF). Apache-based Web Server and Tomcat-based Servelet Engine are contained in the Apache Web Server Suite.

tags | advisory, web, denial of service, arbitrary, vulnerability, xss, csrf
systems | hpux
advisories | CVE-2007-6420, CVE-2008-1232, CVE-2008-1947, CVE-2008-2364, CVE-2008-2370, CVE-2008-2938, CVE-2008-2939, CVE-2008-3658
SHA-256 | 98b02b39e8efb68d6c260ae6b528aaa0975fbbdee2d8d7324a63f20b0db19b90
Mandriva Linux Security Advisory 2008-195
Posted Sep 14, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A vulnerability was discovered in the mod_proxy module in Apache where it did not limit the number of forwarded interim responses, allowing remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses. A cross-site scripting vulnerability was found in the mod_proxy_ftp module in Apache that allowed remote attackers to inject arbitrary web script or HTML via wildcards in a pathname in an FTP URI. The updated packages have been patched to prevent these issues.

tags | advisory, remote, web, denial of service, arbitrary, xss
systems | linux, mandriva
advisories | CVE-2008-2364, CVE-2008-2939
SHA-256 | eefcd7affcefc029018a74894afb697590a6b4c89f838d1f022b84f5df80b7af
Mandriva Linux Security Advisory 2008-194
Posted Sep 14, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A cross-site scripting vulnerability was found in the mod_proxy_ftp module in Apache that allowed remote attackers to inject arbitrary web script or HTML via wildcards in a pathname in an FTP URI. The updated packages have been patched to prevent these issues.

tags | advisory, remote, web, arbitrary, xss
systems | linux, mandriva
advisories | CVE-2008-2939
SHA-256 | dade434f9e5a0c7e7bcaf59b0a7ac1fbaac10219396b5fb73bd94b97642f1eed
Rapid7 Security Advisory 33
Posted Aug 6, 2008
Authored by Rapid7, Marc Bevand | Site rapid7.com

Rapid7 Security Advisory - mod_proxy_ftp as included with Apache versions 2.2.9 and below and 2.0.63 and below suffers from a cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2008-2939
SHA-256 | d723a57690d72923966acad66797f24628da48767d63926e982dee54557fc43f
Page 1 of 1
Back1Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    0 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close