English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 143769 CVE descriptions
and 71225 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2006-24
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
 --------------------------------------------------------------------------

 Original released date: 04 Sep 2006
 Last revised: 04 Sep 2006

 Package: httpd

 Summary: Cross-site scripting vulnerability

 More information:
    Apache is a powerful, full-featured, efficient, and freely-available
    Web server. Apache is also the most popular Web server on the Internet.

    Cross-site scripting (XSS) vulnerability in the Apache.

 Impact:
    This vulnerability allows dangerous tags to be processed by web browsers.

 Affected Products:
    - Turbolinux Appliance Server 2.0
    - Turbolinux FUJI
    - Turbolinux 10 Server x64 Edition
    - Turbolinux Appliance Server 1.0 Hosting Edition
    - Turbolinux Appliance Server 1.0 Workgroup Edition
    - Turbolinux 10 Server
    - Turbolinux Home
    - Turbolinux 10 F...
    - Turbolinux 10 Desktop
    - Turbolinux Multimedia
    - Turbolinux Personal
    - Turbolinux 8 Server
    - Turbolinux 7 Server


 <Turbolinux Appliance Server 2.0>

   Source Packages
   Size: MD5

   httpd-2.0.51-25.src.rpm
      6850738 1bc4ee028af8671b9aff563602a35afd

   Binary Packages
   Size: MD5

   httpd-2.0.51-25.i586.rpm
      1032163 d0019acab22bf4456315d6de9f900b71
   httpd-devel-2.0.51-25.i586.rpm
       224485 1da95c6eb5fa51fe8b280e82d599b26b
   httpd-manual-2.0.51-25.i586.rpm
      1132842 67e3600d72e71d52f19ff2c4b84a61cd
   mod_ssl-2.0.51-25.i586.rpm
        88649 99c0217f2e77f98b2e51f5ff3e5419c6

 <Turbolinux FUJI>

   Source Packages
   Size: MD5

   httpd-2.0.54-13.src.rpm
      7618261 ff3b8108a62d2f4139dfaca2b7b4e10e

   Binary Packages
   Size: MD5

   httpd-2.0.54-13.i686.rpm
      1265687 1413b9bf9f57d777159c8e9e07f6c9d5
   httpd-devel-2.0.54-13.i686.rpm
       275990 25439b4b91d25564cffc2b29938f4298

 <Turbolinux 10 Server x64 Edition> 

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/SRPMS/httpd-2.0.51-25.src.rpm
      6850738 db0cda3ba2a32823d41f6e7eafb8a1bf

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/httpd-2.0.51-25.x86_64.rpm
      1142395 ac34a2f74ac7163bdc015c994a3889f7
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/httpd-debug-2.0.51-25.x86_64.rpm
      3225415 12a3c1e345eb14381feab90d72d40f98
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/httpd-devel-2.0.51-25.x86_64.rpm
       224373 33af9381d8db502791f3993e57a864f1
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/httpd-manual-2.0.51-25.x86_64.rpm
      1132756 5d5a4d48cb2e25de8061b9a9908b3643
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/mod_bwshare-2.0.51-25.x86_64.rpm
        41485 5394e8425ff292b66f55cfa208b122dc
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/mod_ssl-2.0.51-25.x86_64.rpm
        96239 c3bb30dcc38c17bb088492f215d82a78

 <Turbolinux Appliance Server 1.0 Hosting Edition>

   Source Packages
   Size: MD5

   apache-1.3.27-35.src.rpm
      3112347 b8301ae54e34763bddbc1e2599978965

   Binary Packages
   Size: MD5

   apache-1.3.27-35.i586.rpm
       503062 2a8b62002b9ba5c5c62d35b3af0eec65
   apache-devel-1.3.27-35.i586.rpm
        95246 7565bcfce0fa9e8a903a92a86ecc283c
   mod_ssl-2.8.14-35.i586.rpm
       182764 c5069008d3dce57ef89ca1dcb61fd80b

 <Turbolinux Appliance Server 1.0 Workgroup Edition>

   Source Packages
   Size: MD5

   apache-1.3.27-35.src.rpm
      3112347 9eff1d10c74fa75dbf96461b52b58b4e

   Binary Packages
   Size: MD5

   apache-1.3.27-35.i586.rpm
       502612 9c1793e255c1fade2fec347c06b1aa84
   apache-devel-1.3.27-35.i586.rpm
        95350 f5dd62a16512c7b48078d132d80b4f25
   mod_ssl-2.8.14-35.i586.rpm
       182837 38ac3c26a551c7424a29022db92c57a3

 <Turbolinux 10 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/httpd-2.0.51-25.src.rpm
      6850738 1bc4ee028af8671b9aff563602a35afd

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/httpd-2.0.51-25.i586.rpm
      1032163 d0019acab22bf4456315d6de9f900b71
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/httpd-debug-2.0.51-25.i586.rpm
      3240310 5c0d5d025f4795c01e49776ed9f9e27f
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/httpd-devel-2.0.51-25.i586.rpm
       224485 1da95c6eb5fa51fe8b280e82d599b26b
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/httpd-manual-2.0.51-25.i586.rpm
      1132842 67e3600d72e71d52f19ff2c4b84a61cd
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/mod_bwshare-2.0.51-25.i586.rpm
        40706 de513e0861376d329f6e49dd0ea30595
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/mod_ssl-2.0.51-25.i586.rpm
        88649 99c0217f2e77f98b2e51f5ff3e5419c6

 <Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/httpd-2.0.48-20.src.rpm
      6321313 bf763330a095887759ba5f8b0fe5b75b

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/httpd-2.0.48-20.i586.rpm
       893211 78ac0b88ef3a3976e91acde7965de098

 <Turbolinux 8 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/apache-1.3.27-35.src.rpm
      3112347 d3dd6742515f1f13eff80de0531a5599

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/apache-1.3.27-35.i586.rpm
       503252 9ab8e4f7f76a969f20c621798aa1ff50
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/apache-devel-1.3.27-35.i586.rpm
        95367 128d249d18c80ae53bd65d26d71e407e
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/apache-manual-1.3.27-35.i586.rpm
       851229 3800f8b0bfab682677c189bb6aa444de
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/mod_ssl-2.8.14-35.i586.rpm
       182806 aaa8164e75df04903b3a978aff6185e1

 <Turbolinux 7 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/SRPMS/apache-1.3.27-35.src.rpm
      3112347 cff3d6101f10def091398f5c7e1cec49

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/apache-1.3.27-35.i586.rpm
       489417 37609908fffa08e77d9ed117c51cd41d
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/apache-devel-1.3.27-35.i586.rpm
        95374 a825f09459ff386951102af18daf3155
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/apache-manual-1.3.27-35.i586.rpm
       851341 d040a1ed06adb03a2cea7d9280c7531c
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/mod_ssl-2.8.14-35.i586.rpm
       180536 e7930bc57446bd141b01902cd3ef47b2


 CVE
   [CVE-2006-3918]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3918

 --------------------------------------------------------------------------
 Revision History
    04 Sep 2006 Initial release
 --------------------------------------------------------------------------

 Copyright(C) 2006 Turbolinux, Inc. All rights reserved. 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)

iD8DBQFE/BZMK0LzjOqIJMwRAgwzAKCkFxdSY95ZRybsV7AGth635O2b5wCdEw/Q
Srwq1XPjDB0Ie5qjJF0Gyvk=
=eeyM
-----END PGP SIGNATURE-----

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe

© 1998-2019 E-Soft Inc. All rights reserved.