低危 Apache HTTP Server up to 2.2.2 HTTP Header 跨站脚本攻击

CVE编号

CVE-2006-3918

利用情况

POC 已公开

补丁情况

官方补丁

披露时间

2006-07-28
漏洞描述
(1)6.0.2.13之前的IBM HTTP Server 6.0和6.1.0.1之前的6.1和(2)1.3.35之前的Apache HTTP Server 1.3、2.0.58之前的2.0和2.2.2之前的2.2的http_protocol.c当HTTP请求中的Expect报头反映在错误消息中时,请对其进行清理,这可能允许使用可在请求中发送任意报头的Web客户端组件进行跨站点脚本(XSS)样式的攻击,如使用Flash SWF文件所示。
解决建议
建议您更新当前系统或软件至最新版,完成漏洞的修复。
参考链接
ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P
http://archives.neohapsis.com/archives/bugtraq/2006-05/0151.html
http://archives.neohapsis.com/archives/bugtraq/2006-07/0425.html
http://kb.vmware.com/KanisaPlatform/Publishing/466/5915871_f.SAL_Public.html
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html
http://marc.info/?l=bugtraq&m=125631037611762&w=2
http://marc.info/?l=bugtraq&m=129190899612998&w=2
http://marc.info/?l=bugtraq&m=130497311408250&w=2
http://openbsd.org/errata.html#httpd2
http://rhn.redhat.com/errata/RHSA-2006-0618.html
http://rhn.redhat.com/errata/RHSA-2006-0692.html
http://secunia.com/advisories/21172
http://secunia.com/advisories/21174
http://secunia.com/advisories/21399
http://secunia.com/advisories/21478
http://secunia.com/advisories/21598
http://secunia.com/advisories/21744
http://secunia.com/advisories/21848
http://secunia.com/advisories/21986
http://secunia.com/advisories/22140
http://secunia.com/advisories/22317
http://secunia.com/advisories/22523
http://secunia.com/advisories/28749
http://secunia.com/advisories/29640
http://secunia.com/advisories/40256
http://securityreason.com/securityalert/1294
http://securitytracker.com/id?1016569
http://support.avaya.com/elmodocs2/security/ASA-2006-194.htm
http://svn.apache.org/viewvc?view=rev&revision=394965
http://www-1.ibm.com/support/docview.wss?uid=swg1PK24631
http://www-1.ibm.com/support/docview.wss?uid=swg24013080
http://www.debian.org/security/2006/dsa-1167
http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-2.html
http://www.novell.com/linux/security/advisories/2006_51_apache.html
http://www.redhat.com/support/errata/RHSA-2006-0619.html
http://www.securityfocus.com/bid/19661
http://www.securitytracker.com/id?1024144
http://www.ubuntu.com/usn/usn-575-1
http://www.vupen.com/english/advisories/2006/2963
http://www.vupen.com/english/advisories/2006/2964
http://www.vupen.com/english/advisories/2006/3264
http://www.vupen.com/english/advisories/2006/4207
http://www.vupen.com/english/advisories/2006/5089
http://www.vupen.com/english/advisories/2010/1572
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117
https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab3...
https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb7...
https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a...
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f...
https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb...
https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5e...
https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2b...
https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f6988585512...
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f...
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
受影响软件情况
# 类型 厂商 产品 版本 影响面
1
运行在以下环境
应用 apache http_server 1.3 -
运行在以下环境
应用 apache http_server 1.3.1 -
运行在以下环境
应用 apache http_server 1.3.11 -
运行在以下环境
应用 apache http_server 1.3.12 -
运行在以下环境
应用 apache http_server 1.3.17 -
运行在以下环境
应用 apache http_server 1.3.18 -
运行在以下环境
应用 apache http_server 1.3.19 -
运行在以下环境
应用 apache http_server 1.3.20 -
运行在以下环境
应用 apache http_server 1.3.22 -
运行在以下环境
应用 apache http_server 2.0 -
运行在以下环境
应用 apache http_server 2.0.57 -
运行在以下环境
应用 apache http_server 2.2 -
运行在以下环境
应用 apache http_server 2.2.1 -
运行在以下环境
应用 ibm http_server 6.0 -
运行在以下环境
应用 ibm http_server 6.1 -
运行在以下环境
系统 debian_10 apache2 * Up to
(excluding)
2.0.55-4.1
运行在以下环境
系统 debian_11 apache2 * Up to
(excluding)
2.0.55-4.1
运行在以下环境
系统 debian_12 apache2 * Up to
(excluding)
2.0.55-4.1
运行在以下环境
系统 debian_3.1 apache2 * Up to
(excluding)
2.0.54-5sarge2
运行在以下环境
系统 opensuse_10.1 apache2 * Up to
(excluding)
2.2.3-16.17.3
运行在以下环境
系统 opensuse_10.2 apache2 * Up to
(excluding)
2.2.3-24
运行在以下环境
系统 opensuse_10.3 apache2 * Up to
(excluding)
2.2.4-70.4
阿里云评分
3.3
  • 攻击路径
    远程
  • 攻击复杂度
    复杂
  • 权限要求
    无需权限
  • 影响范围
    有限影响
  • EXP成熟度
    POC 已公开
  • 补丁情况
    官方补丁
  • 数据保密性
    无影响
  • 数据完整性
    传输被破坏
  • 服务器危害
    无影响
  • 全网数量
    N/A
CWE-ID 漏洞类型
CWE-79 在Web页面生成时对输入的转义处理不恰当(跨站脚本)
NVD-CWE-Other
阿里云安全产品覆盖情况