virus logo Intrusion Prevention

Apache.mod_negotiation.Filename.Handling.XSS

description-logoDescription

This indicates an attempt to exploit a cross site scripting (XSS) vulnerability in Apache HTTP Server.
The vulnerability is due to the software's failure to validate user supplied input data. It can be exploited by an attacker to execute arbitrary HTML code on a victim's web browser, within the context of a trusted web site.

affected-products-logoAffected Products

Apache HTTP Server, 1.3
Apache HTTP Server, 1.3.1
Apache HTTP Server, 1.3.11
Apache HTTP Server, 1.3.12
Apache HTTP Server, 1.3.14
Apache HTTP Server, 1.3.17
Apache HTTP Server, 1.3.18
Apache HTTP Server, 1.3.19
Apache HTTP Server, 1.3.20
Apache HTTP Server, 1.3.22
Apache HTTP Server, 1.3.23
Apache HTTP Server, 1.3.24
Apache HTTP Server, 1.3.25
Apache HTTP Server, 1.3.26
Apache HTTP Server, 1.3.27
Apache HTTP Server, 1.3.28
Apache HTTP Server, 1.3.29
Apache HTTP Server, 1.3.3
Apache HTTP Server, 1.3.31
Apache HTTP Server, 1.3.32
Apache HTTP Server, 1.3.33
Apache HTTP Server, 1.3.34
Apache HTTP Server, 1.3.35
Apache HTTP Server, 1.3.35dev
Apache HTTP Server, 1.3.36
Apache HTTP Server, 1.3.37
Apache HTTP Server, 1.3.39
Apache HTTP Server, 2.0
Apache HTTP Server, 2.0 A9
Apache HTTP Server, 2.0.28
Apache HTTP Server, 2.0.28 Beta
Apache HTTP Server, 2.0.32
Apache HTTP Server, 2.0.35
Apache HTTP Server, 2.0.36
Apache HTTP Server, 2.0.37
Apache HTTP Server, 2.0.38
Apache HTTP Server, 2.0.39
Apache HTTP Server, 2.0.40
Apache HTTP Server, 2.0.41
Apache HTTP Server, 2.0.42
Apache HTTP Server, 2.0.43
Apache HTTP Server, 2.0.44
Apache HTTP Server, 2.0.45
Apache HTTP Server, 2.0.46
Apache HTTP Server, 2.0.47
Apache HTTP Server, 2.0.48
Apache HTTP Server, 2.0.49
Apache HTTP Server, 2.0.50
Apache HTTP Server, 2.0.51
Apache HTTP Server, 2.0.52
Apache HTTP Server, 2.0.53
Apache HTTP Server, 2.0.54
Apache HTTP Server, 2.0.55
Apache HTTP Server, 2.0.56 Dev
Apache HTTP Server, 2.0.58
Apache HTTP Server, 2.0.59
Apache HTTP Server, 2.0.60 Dev
Apache HTTP Server, 2.0.61 Dev
Apache HTTP Server, 2.2.0
Apache HTTP Server, 2.2.2
Apache HTTP Server, 2.2.3
Apache HTTP Server, 2.2.4
Apache HTTP Server, 2.2.5
Apache HTTP Server, 2.2.5 Dev
Apache HTTP Server, 2.2.6
Apache HTTP Server, 2.2.6 Dev

Impact logoImpact

System Compromise: cross site scripting.

recomended-action-logoRecommended Actions

Apply the most recent upgrades or patches from the vendor:
http://apache.org/.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)
ID 15458
Created Mar 05, 2008
Updated Nov 15, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2008-0455
Exploit Prediction Score 82.02%
Default Action drop
Active
Affected OS Windows, Linux
Affected App Apache