1
PublicDateAtUSN: 2008-01-08
3
Candidate: CVE-2007-6388
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388
6
https://usn.ubuntu.com/usn/usn-575-1
8
Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP
9
Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through
10
1.3.39, when the server-status page is enabled, allows remote attackers to
11
inject arbitrary web script or HTML via unspecified vectors.
14
jdstrand> redhat has patch for all releases now
21
dapper_apache: ignored (reached end-of-life)
22
edgy_apache: needed (reached end-of-life)
23
feisty_apache: needed (reached end-of-life)
33
dapper_apache2: released (2.0.55-4ubuntu2.3)
34
edgy_apache2: released (2.0.55-4ubuntu4.2)
35
feisty_apache2: released (2.2.3-3.2ubuntu2.1)
36
gutsy_apache2: released (2.2.4-3ubuntu0.1)
37
hardy_apache2: not-affected (2.2.8-1)
38
intrepid_apache2: not-affected (2.2.8-1)
39
jaunty_apache2: not-affected (2.2.8-1)
40
karmic_apache2: not-affected (2.2.8-1)
41
devel_apache2: not-affected (2.2.8-1)