WEB VULNERABILITY SCANNER DOWNLOAD TRIAL FREE EDITION PRODUCT TOUR WEB SITE SECURITY CENTRE

Unfiltered Header Injection in Apache 1.3.34/2.0.57/2.2.1 Security Vulnerability

Description
This version of Apache is vulnerable to HTML injection (includingmalicious Javascript code) through "Expect" header. Until not it was not classed as security vulnerability as an attacker has no way to influence the Expect header a victim will send to a target site. However, according to Amit Klein's paper: "Forging HTTP request headers with Flash" there is a working cross site scripting (XSS) attack against Apache 1.3.34, 2.0.57 and 2.2.1 (as long as theclient browser is IE or Firefox, and it supports Flash 6/7+).
Affected Apache versions (up to 1.3.34/2.0.57/2.2.1).

Impact
Malicious users may inject JavaScript, VBScript, ActiveX, HTML or Flash to fool a user in order to gather data from them.An attacker can steal the session cookie and take over the account, impersonating the user.It is also possible to modify the content of the page presented to the user.

References
Unfiltered Header Injection in Apache 1.3.34/2.0.57/2.2.1
Forging HTTP request headers with Flash
Apache homepage

View entire list of over 400 known Web Application Vulnerabilities and the specific technologies which they target. See Web Vulnerabilities in popular applications such as: WordPress, Tiki Wiki, PHPNuke, PHPMyAdmin, phpBB, Mambo, PHP-Fusion, Mantis, Invision Power Board

Get latest new web vulnerabilities via RSS

Download a FREE trial of Acunetix WVS
Take a product tour of Acunetix WVS (includes screenshots & system overview) or view the datasheet (PDF)
Learn more about SQL injection, Cross site scripting (XSS), other web attacks and PCI-DSS at the Web Site Security Centre
See what the IT Press has to say about Acunetix WVS in the reviews page, or read our customer testimonials
List of vulnerabilities Acunetix WVS checks for.
Application Vulnerabilities in popular web applications that Acunetix WVS checks for