Description
This alert was generated using only banner information. It may be a false positive.
Fixed in Apache httpd 2.2.10:
-
low: mod_proxy_ftp globbing XSS CVE-2008-2939
A flaw was found in the handling of wildcards in the path of a FTP URL with mod_proxy_ftp. If mod_proxy_ftp is enabled to support FTP-over-HTTP, requests containing globbing characters could lead to cross-site scripting (XSS) attacks.
Affected Apache versions (2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0).
Remediation
Upgrade Apache 2.x to the latest version.
References
Related Vulnerabilities
RubyGems Cryptographic Issues Vulnerability (CVE-2013-4287)
WordPress Plugin GiveWP-Donation and Fundraising Platform Information Disclosure (2.20.2)
WordPress Plugin Integration for WooCommerce and QuickBooks Cross-Site Scripting (1.1.8)
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Cross-Site Request Forgery (5.1.0)
WordPress Plugin SAML SP Single Sign On-SSO login Unspecified Vulnerability (4.8.70)