Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2006-3918

http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated using a Flash SWF file.

Published

2006-07-28T00:04:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 4.3 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: PARTIAL
Availability Impact: NONE

Exploitability Score

8.6

Impact Score

2.9

Weaknesses

Type: Primary
CWE-79

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	apache	http_server	< 1.3.35	Yes
Operating System	debian	debian_linux	3.1	Yes
Operating System	canonical	ubuntu_linux	6.06	Yes
Operating System	canonical	ubuntu_linux	6.10	Yes
Operating System	canonical	ubuntu_linux	7.04	Yes
Operating System	canonical	ubuntu_linux	7.10	Yes
Operating System	redhat	enterprise_linux_server	2.0	Yes
Operating System	redhat	enterprise_linux_workstation	2.0	Yes

References

ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P Broken Link ([email protected])
http://archives.neohapsis.com/archives/bugtraq/2006-05/0151.html Broken Link, Exploit ([email protected])
http://archives.neohapsis.com/archives/bugtraq/2006-07/0425.html Broken Link, Exploit ([email protected])
http://kb.vmware.com/KanisaPlatform/Publishing/466/5915871_f.SAL_Public.html Third Party Advisory ([email protected])
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html Mailing List, Third Party Advisory ([email protected])
http://marc.info/?l=bugtraq&m=125631037611762&w=2 Issue Tracking, Mailing List, Third Party Advisory ([email protected])
http://marc.info/?l=bugtraq&m=125631037611762&w=2 Issue Tracking, Mailing List, Third Party Advisory ([email protected])
http://marc.info/?l=bugtraq&m=129190899612998&w=2 Issue Tracking, Mailing List, Third Party Advisory ([email protected])
http://marc.info/?l=bugtraq&m=129190899612998&w=2 Issue Tracking, Mailing List, Third Party Advisory ([email protected])
http://marc.info/?l=bugtraq&m=130497311408250&w=2 Issue Tracking, Mailing List, Third Party Advisory ([email protected])
http://marc.info/?l=bugtraq&m=130497311408250&w=2 Issue Tracking, Mailing List, Third Party Advisory ([email protected])
http://openbsd.org/errata.html#httpd2 Third Party Advisory ([email protected])
http://rhn.redhat.com/errata/RHSA-2006-0618.html Third Party Advisory ([email protected])
http://rhn.redhat.com/errata/RHSA-2006-0692.html Third Party Advisory ([email protected])
http://secunia.com/advisories/21172 Not Applicable, Patch, Vendor Advisory ([email protected])
http://secunia.com/advisories/21174 Not Applicable, Patch, Vendor Advisory ([email protected])
http://secunia.com/advisories/21399 Not Applicable ([email protected])
http://secunia.com/advisories/21478 Not Applicable ([email protected])
http://secunia.com/advisories/21598 Not Applicable ([email protected])
http://secunia.com/advisories/21744 Not Applicable ([email protected])
http://secunia.com/advisories/21848 Not Applicable ([email protected])
http://secunia.com/advisories/21986 Not Applicable ([email protected])
http://secunia.com/advisories/22140 Not Applicable ([email protected])
http://secunia.com/advisories/22317 Not Applicable ([email protected])
http://secunia.com/advisories/22523 Not Applicable ([email protected])
http://secunia.com/advisories/28749 Not Applicable ([email protected])
http://secunia.com/advisories/29640 Not Applicable ([email protected])
http://secunia.com/advisories/40256 Not Applicable ([email protected])
http://securityreason.com/securityalert/1294 Exploit, Third Party Advisory ([email protected])
http://securitytracker.com/id?1016569 Broken Link, Third Party Advisory, VDB Entry ([email protected])
http://support.avaya.com/elmodocs2/security/ASA-2006-194.htm Third Party Advisory ([email protected])
http://svn.apache.org/viewvc?view=rev&revision=394965 Exploit, Vendor Advisory ([email protected])
http://www-1.ibm.com/support/docview.wss?uid=swg1PK24631 Third Party Advisory ([email protected])
http://www-1.ibm.com/support/docview.wss?uid=swg24013080 Third Party Advisory ([email protected])
http://www.debian.org/security/2006/dsa-1167 Third Party Advisory ([email protected])
http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-2.html Third Party Advisory ([email protected])
http://www.novell.com/linux/security/advisories/2006_51_apache.html Third Party Advisory ([email protected])
http://www.redhat.com/support/errata/RHSA-2006-0619.html Third Party Advisory ([email protected])
http://www.securityfocus.com/bid/19661 Third Party Advisory, VDB Entry ([email protected])
http://www.securitytracker.com/id?1024144 Broken Link, Third Party Advisory, VDB Entry ([email protected])
http://www.ubuntu.com/usn/usn-575-1 Third Party Advisory ([email protected])
http://www.vupen.com/english/advisories/2006/2963 Permissions Required ([email protected])
http://www.vupen.com/english/advisories/2006/2964 Permissions Required ([email protected])
http://www.vupen.com/english/advisories/2006/3264 Permissions Required ([email protected])
http://www.vupen.com/english/advisories/2006/4207 Permissions Required ([email protected])
http://www.vupen.com/english/advisories/2006/5089 Permissions Required ([email protected])
http://www.vupen.com/english/advisories/2010/1572 Permissions Required ([email protected])
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117 Broken Link ([email protected])
https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E ([email protected])
https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E ([email protected])
https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E ([email protected])
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E ([email protected])
https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E ([email protected])
https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E ([email protected])
https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E ([email protected])
https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E ([email protected])
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10352 Third Party Advisory ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12238 Third Party Advisory ([email protected])
ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://archives.neohapsis.com/archives/bugtraq/2006-05/0151.html Broken Link, Exploit (af854a3a-2127-422b-91ae-364da2661108)
http://archives.neohapsis.com/archives/bugtraq/2006-07/0425.html Broken Link, Exploit (af854a3a-2127-422b-91ae-364da2661108)
http://kb.vmware.com/KanisaPlatform/Publishing/466/5915871_f.SAL_Public.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=125631037611762&w=2 Issue Tracking, Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=125631037611762&w=2 Issue Tracking, Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=129190899612998&w=2 Issue Tracking, Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=129190899612998&w=2 Issue Tracking, Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=130497311408250&w=2 Issue Tracking, Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=130497311408250&w=2 Issue Tracking, Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://openbsd.org/errata.html#httpd2 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2006-0618.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2006-0692.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/21172 Not Applicable, Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/21174 Not Applicable, Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/21399 Not Applicable (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/21478 Not Applicable (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/21598 Not Applicable (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/21744 Not Applicable (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/21848 Not Applicable (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/21986 Not Applicable (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22140 Not Applicable (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22317 Not Applicable (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22523 Not Applicable (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/28749 Not Applicable (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/29640 Not Applicable (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/40256 Not Applicable (af854a3a-2127-422b-91ae-364da2661108)
http://securityreason.com/securityalert/1294 Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1016569 Broken Link, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://support.avaya.com/elmodocs2/security/ASA-2006-194.htm Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://svn.apache.org/viewvc?view=rev&revision=394965 Exploit, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www-1.ibm.com/support/docview.wss?uid=swg1PK24631 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www-1.ibm.com/support/docview.wss?uid=swg24013080 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2006/dsa-1167 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-2.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.novell.com/linux/security/advisories/2006_51_apache.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2006-0619.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/19661 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id?1024144 Broken Link, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/usn-575-1 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2006/2963 Permissions Required (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2006/2964 Permissions Required (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2006/3264 Permissions Required (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2006/4207 Permissions Required (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2006/5089 Permissions Required (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2010/1572 Permissions Required (af854a3a-2127-422b-91ae-364da2661108)
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E (af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E (af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E (af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E (af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E (af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E (af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E (af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E (af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10352 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12238 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)