Apache - CVE-2007-6388

Description

Kayran has detected that Cross-site scripting (XSS) can be done in mod_status in the version of the Apache HTTP Server being used.
This vulnerability can be exploited only if mod_status pages are publicly accessible.
Also known as CVE-2007-6388.

If mod_status is enabled and the status pages are publicly accessible, a cross-site scripting attack is possible.
If the server-status page is enabled, remote attackers can inject arbitrary web script or HTML by abusing unspecified vectors.

This vulnerability allow attackers to modify system files and information.

Severity/Score

CVSS Version 2.0 – 4.3 Medium

Networking? – Social Engineering

In our time, we know that socializing has a very high importance and that every person (almost) has a basic need to maintain certain “connection”

To serve or not to serve – DoS vs. DDoS

If you’ve heard of the beautiful term called DoS before, great! that’s not it. To the “veterans” among us this term usually attributed to DOS

Man-In-The-Middle Attacks

Do you know these people who just push themselves into conversations?That’s Man-In-The-Middle Attacks. And from a wider angle, Man-In-The-Middle Attacks, or MITM, are built around

What is Kayran

Kayran scanner is helping all businesses, both SMBs and enterprises, to test their online assets and products for over 30,000+ vulnerabilities.Kayran’s mission is to make

The average hacker shopping list – the CVE

When i take an X-Rey my doctor sits me down and simply “roast” me with stuff like how un-healthy i am, how i should stop

Assets – Not just for Realtors

Throughout our lives we have learned that almost everything has a value. Whether it’s your car, phone and even a piece of paper lying down

Apache – CVE-2007-6388

Description

Severity/Score

Recommendation

References

To serve or not to serve – DoS vs. DDoS

Man-In-The-Middle Attacks

What is Kayran

The average hacker shopping list – the CVE

Assets – Not just for Realtors

Links

registered user?