CVE-2008-2939

NONECVSS 0.0

0.0

Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via a wildcard in the last directory component in the pathname in an FTP URI.

🔗 References (124)

secalert@redhathttp://lists.apple.com/archives/security-announce/2009/May/msg00002.html
secalert@redhathttp://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html
secalert@redhathttp://marc.info/?l=bugtraq&m=123376588623823&w=2
secalert@redhathttp://marc.info/?l=bugtraq&m=125631037611762&w=2
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2008-0967.html
secalert@redhathttp://secunia.com/advisories/31384
secalert@redhathttp://secunia.com/advisories/31673
secalert@redhathttp://secunia.com/advisories/32685
secalert@redhathttp://secunia.com/advisories/32838
secalert@redhathttp://secunia.com/advisories/33156
secalert@redhathttp://secunia.com/advisories/33797
secalert@redhathttp://secunia.com/advisories/34219
secalert@redhathttp://secunia.com/advisories/35074
secalert@redhathttp://sunsolve.sun.com/search/document.do?assetkey=1-26-247666-1
secalert@redhathttp://support.apple.com/kb/HT3549

Is Your Infrastructure Affected by CVE-2008-2939?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2008-2939

📅 Published

🔄 Last Modified

🔗 References (124)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2008-2939?