HTTP: Apache SSI Cross-Side-Scripting in URL
This signature detects possible attempts to exploit a Cross-Site Scripting vulnerability in Apache. A successful attack can result in script execution.
Extended Description
Apache is reported to be vulnerable to cross site scripting attacks. This vulnerability is due to the SSI error pages of the webserver not being properly sanitized of malicious HTML code. Attacker-supplied HTML and script code may be executed on a web client visiting the malicious link in the context of the webserver. Attacks of this nature may make it possible for attackers to manipulate web content or to steal cookie-based authentication credentials. It may be possible to take arbitrary actions as the victim user.
Affected Products
Sun cobalt_qube_3,Apache_software_foundation apache
References
BugTraq: 5847
CVE: CVE-2002-0840
URL: http://marc.theaimsgroup.com/?l=bugtraq&m=103357160425708&w=2 http://www.apacheweek.com/issues/02-10-04
Short Name
HTTP:XSS:APACHE-SSI-XSS
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Apache CVE-2002-0840 Cross-Side-Scripting SSI URL bid:5847 in
Release Date
01/18/2007
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Oracle
Sun
Hp
Apache_software_foundation
Ibm
CVSS Score
6.8