Search 202850 CVE descriptions
and 87302 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:CGI abuses
Title:mod_ssl wildcard DNS cross site scripting vulnerability

The remote host is using a version of mod_ssl which is
older than 2.8.10.

This version is vulnerable to a flaw which may allow an
attacker to successfully perform a cross site scripting attack
under some circumstances.

*** Note that several Linux distributions (such as RedHat)
*** patched the old version of this module. Therefore, this
*** might be a false positive. Please check with your vendor
*** to determine if you really are vulnerable to this flaw

Solution : Upgrade to version 2.8.10 or newer
Risk factor : Low

Cross-Ref: BugTraq ID: 6029
Common Vulnerability Exposure (CVE) ID: CVE-2002-1157
Bugtraq: 20021023 [OpenPKG-SA-2002.010] OpenPKG Security Advisory (apache) (Google Search)
Bugtraq: 20021026 GLSA: mod_ssl (Google Search)
Conectiva Linux advisory: CLA-2002:541
Debian Security Information: DSA-181 (Google Search)
En Garde Linux Advisory: ESA-20021029-027
CopyrightThis script is Copyright (C) 2003 Tenable Network Security

This is only one of 87302 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.