[Frugalware-git] homepage-ng: FSA349-apache
voroskoi
voroskoi at frugalware.org
Mon Jan 21 19:01:17 CET 2008
Git-Url: http://git.frugalware.org/gitweb/gitweb.cgi?p=homepage-ng.git;a=commitdiff;h=6b010317b9fd57686e386e301a7b78d48018a5e1
commit 6b010317b9fd57686e386e301a7b78d48018a5e1
Author: voroskoi <voroskoi at frugalware.org>
Date: Mon Jan 21 19:00:52 2008 +0100
FSA349-apache
diff --git a/frugalware/xml/security.xml b/frugalware/xml/security.xml
index 4c38d08..9b7b960 100644
--- a/frugalware/xml/security.xml
+++ b/frugalware/xml/security.xml
@@ -27,6 +27,19 @@
<fsas>
<fsa>
+ <id>349</id>
+ <date>2008-01-21</date>
+ <author>voroskoi</author>
+ <package>apache</package>
+ <vulnerable>2.2.6-1</vulnerable>
+ <unaffected>2.2.6-2sayshell1</unaffected>
+ <bts></bts>
+ <cve>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000</cve>
+ <desc>A vulnerability have been reported in Apache mod_imagemap module, which can be exploited by malicious people to conduct cross-site scripting attacks.
+ Certain unspecified input passed to "mod_imagemap" is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
+ Successful exploitation requires that "mod_imagemap" is enabled and a mapfile is publicly accessible.</desc>
+ </fsa>
+ <fsa>
<id>348</id>
<date>2008-01-21</date>
<author>voroskoi</author>
More information about the Frugalware-git
mailing list