FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2007-6420

This CVE name corresponds to:

Entered Topic
2008-06-24 apache -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2007-6420 at cve.mitre.org

Details

Type Candidate
Name CVE-2007-6420
Phase Assigned(20071217)

Description

Cross-site request forgery (CSRF) vulnerability in the balancer-manager in mod_proxy_balancer for Apache HTTP Server 2.2.x allows remote attackers to gain privileges via unspecified vectors.

References

Source Reference
BUGTRAQ 20080110 SecurityReason - Apache2 CSRF, XSS, Memory Corruption and Denial of Service Vulnerability
BUGTRAQ 20080729 rPSA-2008-0236-1 httpd mod_ssl
CONFIRM http://support.apple.com/kb/HT3216
APPLE APPLE-SA-2008-10-09
GENTOO GLSA-200807-06
HP HPSBUX02401
HP SSRT090005
REDHAT RHSA-2008:0966
SUSE SUSE-SR:2008:024
UBUNTU USN-731-1
BID 27236
BID 31681
OVAL oval:org.mitre.oval:def:8371
SECUNIA 34219
VUPEN ADV-2008-2780
VUPEN ADV-2009-0320
SECUNIA 31026
SECUNIA 32222
SECUNIA 33797
SREASON 3523

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.