Bug 44014 - Fix XSS in error page #413
Summary: Fix XSS in error page #413
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: Core (show other bugs)
Version: 2.2.6
Hardware: Other All
: P2 normal (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
Depends on:
Reported: 2007-12-03 06:50 UTC by Victor Stinner
Modified: 2009-03-11 13:26 UTC (History)
1 user (show)

Fix the XSS (1.11 KB, patch)
2007-12-03 06:50 UTC, Victor Stinner
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Victor Stinner 2007-12-03 06:50:40 UTC
Procheckup just published a bug in Apache 2.2 which is not fixed in Apache 2.2 
branch of Subversion: http://procheckup.com/Vulnerability_PR07-37.php

I wrote a small patch to fix it.
Comment 1 Victor Stinner 2007-12-03 06:50:59 UTC
Created attachment 21220 [details]
Fix the XSS
Comment 2 William A. Rowe Jr. 2007-12-03 11:56:47 UTC
For a host of reasons, this is generally not exploitable in any usual case,
and would represent a very unusual client.  Quoting the "vulnerability" report;

"This type of attack can result in non-persistent defacement of the target site, 
or the redirection of confidential information (i.e. session IDs) to unauthorised 
third parties provided that a web browser is tricked to submit a malformed HTTP 

Given that this is nonsense in the context of a web browser, no CVE will be
assigned, but thank you for the report, it is a bug worth fixing.  Proposed
for backport to 2.2 and 2.0.
Comment 3 Ben Ricker 2009-03-11 11:26:27 UTC
Has this been backported to the 2.0.x branch? If so, what version what that done to? I am trying to track down if 2.0.x has had this bug fixed or not.
Comment 4 Eric Covener 2009-03-11 13:26:31 UTC
fixed in 2.0.x revision 603713, released in 2.0.63: