Security Portal

Intrusion Prevention Service

Signature Version: 4.818


WEB Apache HTTP Server mod_proxy_ftp Wildcard Characters Cross-Site Scripting (CVE-2008-2939)
Threat Level: High
Release Date: 2010/3/9
Category: Web Attacks
Signature ID: 1110064
Included In: Full
Affected OS: Linux, FreeBSD, Other Unix
Description: There exist a cross-site scripting vulnerability in Apache mod_proxy_ftp module. The flaw is due to lack of sanitization of user supplied input data.
Impact: Remote code execution
Recommendation: Update vendor's patch.
False Positive: None
False Negative: None
Additional Information (Links open in new window):
Reference(s): BID-30560; CVE-2008-2939

Search the Threat Database
Enter Rule ID or Name