Check Point Advisories

Update Protection against Apache Header Injection Vulnerability

Check Point Reference: CPAI-2006-060
Date Published: 6 Jun 2006
Severity: Medium
Last Updated: Monday 07 May, 2007
Source: SecurityFocus
Protection Provided by:
Who is Vulnerable? Apache 1.3.34/2.0.57/2.2.1
Vulnerability Description A flaw has been identified in Apache 1.3.34/2.0.57/2.2.1. The flaw specifically exists in the Expect header. Attackers can exploit This flaw by appending malformed Expect headers in outgoing HTTP requests and redirect users to Web sites of their choice.
Update/Patch AvaliableThis issue has been corrected in latest Apache versions 1.3.35/2.0.58/2.2.2.
Vulnerability DetailsAttackers can leverage this flaw to inject HTML code through the Expect header.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK