Signature Detail

HTTP: Apache HTTP Server mod_negotiation Filename Handling Cross Site Scripting

This signature detects attempts to exploit a known Cross-Site Scripting vulnerability in Apache HTTP Server. A successful attack can result in script execution.

Extended Description

Apache 'mod_negotiation' is prone to an HTML-injection and an HTTP response-splitting vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing an attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, and influence or misrepresent how web content is served, cached, or interpreted; other attacks are also possible.

Affected Products

• Apache Software Foundation Apache 1.3.0
• Apache Software Foundation Apache 1.3.1
• Apache Software Foundation Apache 1.3.11
• Apache Software Foundation Apache 1.3.12
• Apache Software Foundation Apache 1.3.14
• Apache Software Foundation Apache 1.3.17
• Apache Software Foundation Apache 1.3.18
• Apache Software Foundation Apache 1.3.19
• Apache Software Foundation Apache 1.3.20
• Apache Software Foundation Apache 1.3.22
• Apache Software Foundation Apache 1.3.23
• Apache Software Foundation Apache 1.3.24
• Apache Software Foundation Apache 1.3.25
• Apache Software Foundation Apache 1.3.26
• Apache Software Foundation Apache 1.3.27
• Apache Software Foundation Apache 1.3.28
• Apache Software Foundation Apache 1.3.29
• Apache Software Foundation Apache 1.3.3
• Apache Software Foundation Apache 1.3.31
• Apache Software Foundation Apache 1.3.32
• Apache Software Foundation Apache 1.3.33
• Apache Software Foundation Apache 1.3.34
• Apache Software Foundation Apache 1.3.35
• Apache Software Foundation Apache 1.3.35 -Dev
• Apache Software Foundation Apache 1.3.36
• Apache Software Foundation Apache 1.3.37
• Apache Software Foundation Apache 1.3.39
• Apache Software Foundation Apache 2.0.0
• Apache Software Foundation Apache 2.0.0 A9
• Apache Software Foundation Apache 2.0.28
• Apache Software Foundation Apache 2.0.28 Beta
• Apache Software Foundation Apache 2.0.32
• Apache Software Foundation Apache 2.0.35
• Apache Software Foundation Apache 2.0.36
• Apache Software Foundation Apache 2.0.37
• Apache Software Foundation Apache 2.0.38
• Apache Software Foundation Apache 2.0.39
• Apache Software Foundation Apache 2.0.40
• Apache Software Foundation Apache 2.0.41
• Apache Software Foundation Apache 2.0.42
• Apache Software Foundation Apache 2.0.43
• Apache Software Foundation Apache 2.0.44
• Apache Software Foundation Apache 2.0.45
• Apache Software Foundation Apache 2.0.46
• Apache Software Foundation Apache 2.0.47
• Apache Software Foundation Apache 2.0.48
• Apache Software Foundation Apache 2.0.49
• Apache Software Foundation Apache 2.0.50
• Apache Software Foundation Apache 2.0.51
• Apache Software Foundation Apache 2.0.52
• Apache Software Foundation Apache 2.0.53
• Apache Software Foundation Apache 2.0.54
• Apache Software Foundation Apache 2.0.55
• Apache Software Foundation Apache 2.0.56 -Dev
• Apache Software Foundation Apache 2.0.58
• Apache Software Foundation Apache 2.0.59
• Apache Software Foundation Apache 2.0.60-Dev
• Apache Software Foundation Apache 2.0.61-Dev
• Apache Software Foundation Apache 2.2.0
• Apache Software Foundation Apache 2.2.2
• Apache Software Foundation Apache 2.2.3
• Apache Software Foundation Apache 2.2.4
• Apache Software Foundation Apache 2.2.5
• Apache Software Foundation Apache 2.2.5-Dev
• Apache Software Foundation Apache 2.2.6
• Apache Software Foundation Apache 2.2.6-Dev
• Apple Mac OS X Server 10.5
• Apple Mac OS X Server 10.5.1
• Apple Mac OS X Server 10.5.2
• Apple Mac OS X Server 10.5.3
• Apple Mac OS X Server 10.5.4
• Apple Mac OS X Server 10.5.5
• Apple Mac OS X Server 10.5.6
• Apple Mac OS X Server 10.5.7
• Gentoo Linux

References

• BugTraq: 27409
• CVE: CVE-2008-0455