Apache.mod_proxy.Ftp.Undefined.Charset.UTF-7.XSS

description-logoDescription

This indicates an attempt to exploit a Cross Site Scripting (XSS) vulnerability in Apache HTTP Server.
The vulnerability is due to lack of validation of user supplied data sent to module "mod_ftp_proxy". It may be exploited by remote attackers to execute arbitrary HTML code on a target user's web browser, within the context of a trusted web site.

affected-products-logoAffected Products

Apache 2.2.x before 2.2.7-dev
Apache 2.0.x before 2.0.62-dev
Apache 1.3.x before 1.3.40-dev

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Refer to the vendor's web site for a suggested workaround.
http://httpd.apache.org/security/vulnerabilities_20.html

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)