Apache.mod_negotiation.Filename.Handling.XSS
Description
This indicates an attempt to exploit a cross site scripting (XSS) vulnerability in Apache HTTP Server.
The vulnerability is due to the software's failure to validate user supplied input data. It can be exploited by an attacker to execute arbitrary HTML code on a victim's web browser, within the context of a trusted web site.
Affected Products
Apache HTTP Server, 1.3
Apache HTTP Server, 1.3.1
Apache HTTP Server, 1.3.11
Apache HTTP Server, 1.3.12
Apache HTTP Server, 1.3.14
Apache HTTP Server, 1.3.17
Apache HTTP Server, 1.3.18
Apache HTTP Server, 1.3.19
Apache HTTP Server, 1.3.20
Apache HTTP Server, 1.3.22
Apache HTTP Server, 1.3.23
Apache HTTP Server, 1.3.24
Apache HTTP Server, 1.3.25
Apache HTTP Server, 1.3.26
Apache HTTP Server, 1.3.27
Apache HTTP Server, 1.3.28
Apache HTTP Server, 1.3.29
Apache HTTP Server, 1.3.3
Apache HTTP Server, 1.3.31
Apache HTTP Server, 1.3.32
Apache HTTP Server, 1.3.33
Apache HTTP Server, 1.3.34
Apache HTTP Server, 1.3.35
Apache HTTP Server, 1.3.35dev
Apache HTTP Server, 1.3.36
Apache HTTP Server, 1.3.37
Apache HTTP Server, 1.3.39
Apache HTTP Server, 2.0
Apache HTTP Server, 2.0 A9
Apache HTTP Server, 2.0.28
Apache HTTP Server, 2.0.28 Beta
Apache HTTP Server, 2.0.32
Apache HTTP Server, 2.0.35
Apache HTTP Server, 2.0.36
Apache HTTP Server, 2.0.37
Apache HTTP Server, 2.0.38
Apache HTTP Server, 2.0.39
Apache HTTP Server, 2.0.40
Apache HTTP Server, 2.0.41
Apache HTTP Server, 2.0.42
Apache HTTP Server, 2.0.43
Apache HTTP Server, 2.0.44
Apache HTTP Server, 2.0.45
Apache HTTP Server, 2.0.46
Apache HTTP Server, 2.0.47
Apache HTTP Server, 2.0.48
Apache HTTP Server, 2.0.49
Apache HTTP Server, 2.0.50
Apache HTTP Server, 2.0.51
Apache HTTP Server, 2.0.52
Apache HTTP Server, 2.0.53
Apache HTTP Server, 2.0.54
Apache HTTP Server, 2.0.55
Apache HTTP Server, 2.0.56 Dev
Apache HTTP Server, 2.0.58
Apache HTTP Server, 2.0.59
Apache HTTP Server, 2.0.60 Dev
Apache HTTP Server, 2.0.61 Dev
Apache HTTP Server, 2.2.0
Apache HTTP Server, 2.2.2
Apache HTTP Server, 2.2.3
Apache HTTP Server, 2.2.4
Apache HTTP Server, 2.2.5
Apache HTTP Server, 2.2.5 Dev
Apache HTTP Server, 2.2.6
Apache HTTP Server, 2.2.6 Dev
Impact
System Compromise: cross site scripting.
Recommended Actions
Apply the most recent upgrades or patches from the vendor:
http://apache.org/.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |