Upstream information
Description
Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.NVD CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Novell/SUSE information
Novell Bugzilla entry: 352235, 355888 SUSE Security Advisories:- SUSE-SA:2008:021, published Fri, 04 Apr 2008 16:00:00 +0000
List of released packages
| Product(s) | Fixed package version(s) | References |
|---|---|---|
| Novell Linux Desktop 9 SDK for x86 Novell Linux Desktop 9 SDK for x86_64 |
| core9.s390 core9.x86 YOU Patch Nr: 12124 |
| Novell Linux Desktop 9 for x86 Novell Linux Desktop 9 for x86_64 |
| core9.s390 core9.x86 YOU Patch Nr: 12124 |
| Open Enterprise Server |
| core9.s390 core9.x86 YOU Patch Nr: 12124 |
| Novell Linux Desktop 9 SDK for x86 Novell Linux Desktop 9 SDK for x86_64 |
| core9.x86 core9.s390 YOU Patch Nr: 12125 |
| Open Enterprise Server |
| core9.x86 core9.s390 YOU Patch Nr: 12125 |
| SUSE LINUX 10.1 |
|