Description
This alert was generated using only banner information. It may be a false positive.
Fixed in Apache httpd 2.2.9:
-
low: mod_proxy_balancer CSRF CVE-2007-6420
The mod_proxy_balancer provided an administrative interface that could be vulnerable to cross-site request forgery (CSRF) attacks. -
moderate: mod_proxy_http DoS CVE-2008-2364
A flaw was found in the handling of excessive interim responses from an origin server when using mod_proxy_http. A remote attacker could cause a denial of service or high memory usage.
Affected Apache versions (2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0).
Remediation
Upgrade Apache 2.x to the latest version.
References
Related Vulnerabilities
Squid Improper Input Validation Vulnerability (CVE-2015-3455)
WordPress Plugin Interactive Geo Maps Cross-Site Scripting (1.5.8)
Oracle Application Server Other Vulnerability (CVE-2006-1884)
Oracle JRE CVE-2013-2438 Vulnerability (CVE-2013-2438)
WordPress Plugin YouTube Cross-Site Request Forgery (11.8.1)