Apache has a dangerous vulnerability
Secunia has quoted an independent security researcher as saying a dangerous vulnerability has been discovered in Apache software.
That is the type of Apache HTTP Server application vulnerability, which could allow hackers to initiate attacks in the form of cross-site scripting.
Also according to Secunia, the "Expect:" input component (header) in Apache is not handled properly before returning the user. It is this weakness that allows hackers to execute binary HTML forms and script code on the user's browser session at "problematic" sites (usually a fake site created by hackers).
The vulnerability is determined to affect versions of Apache 1.3.35, 2.0.58, and 2.2.2. Secunia also built a prototype for this vulnerability at: http://secunia.com/expect_header_cross-site_scripting_vulnerability_test/
- Apache released a new version
- AOL patched the image search vulnerability
- Windows has never seen a dangerous zero-day vulnerability
- New vulnerability in Windows network features
- ACDSee generates a security vulnerability
- Detects the third vulnerability in Microsoft Excel
- Latest vulnerability in Winamp
- Microsoft Word vulnerability becomes
- Google Desktop vulnerability before the new attack
- New serious vulnerability threatens IE
- Internet Explorer may crash because of a new vulnerability
- $ 12,000 for a vulnerability in Vista or IE7