Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2002-1157
Description:Cross-site scripting vulnerability in the mod_ssl Apache module 2.8.9 and earlier, when UseCanonicalName is off and wildcard DNS is enabled, allows remote attackers to execute script as other web site visitors, via the server name in an HTTPS response on the SSL port, which is used in a self-referencing URL, a different vulnerability than CAN-2002-0840.
Test IDs: 1.3.6.1.4.1.25623.1.0.51221   1.3.6.1.4.1.25623.1.0.51544   1.3.6.1.4.1.25623.1.0.11622   1.3.6.1.4.1.25623.1.0.53433   1.3.6.1.4.1.25623.1.0.50844  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2002-1157
BugTraq ID: 6029
http://www.securityfocus.com/bid/6029
Bugtraq: 20021023 [OpenPKG-SA-2002.010] OpenPKG Security Advisory (apache) (Google Search)
http://online.securityfocus.com/archive/1/296753
Bugtraq: 20021026 GLSA: mod_ssl (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2002-10/0374.html
Conectiva Linux advisory: CLA-2002:541
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000541
Debian Security Information: DSA-181 (Google Search)
http://www.debian.org/security/2002/dsa-181
En Garde Linux Advisory: ESA-20021029-027
http://www.linuxsecurity.com/advisories/other_advisory-2512.html
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-072.php
http://www.osvdb.org/2107
RedHat Security Advisories: RHSA-2002:222
http://www.redhat.com/support/errata/RHSA-2002-222.html
RedHat Security Advisories: RHSA-2002:243
http://www.redhat.com/support/errata/RHSA-2002-243.html
RedHat Security Advisories: RHSA-2002:244
http://www.redhat.com/support/errata/RHSA-2002-244.html
RedHat Security Advisories: RHSA-2002:248
http://www.redhat.com/support/errata/RHSA-2002-248.html
RedHat Security Advisories: RHSA-2002:251
http://www.redhat.com/support/errata/RHSA-2002-251.html
RedHat Security Advisories: RHSA-2003:106
http://www.redhat.com/support/errata/RHSA-2003-106.html
XForce ISS Database: apache-modssl-host-xss(10457)
http://www.iss.net/security_center/static/10457.php




© 1998-2024 E-Soft Inc. All rights reserved.