CVE-2006-3918 (CNNVD-200607-476)
MEDIUM
有利用代码
中文标题:
Apache HTTP Server任意HTTP请求标头跨站脚本(XSS)式攻击漏洞
英文标题:
http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HT...
CVSS分数:
4.3
发布时间:
2006-07-28 00:00:00
漏洞类型:
跨站脚本
状态:
PUBLISHED
数据质量分数:
0.30
数据版本:
v4
漏洞描述
中文描述:
(1) IBM HTTP Server 6.0.2.13 之前的6.0版本和6.1.0.1之前的6.1 版本, 以及 (2) Apache HTTP Server 1.3.35之前的1.3版本, 2.0.58之前的2.0版本, 以及2.2.2之前的 2.2 版本中的http_protocol.c在, 出错信息中反映HTTP请求时,未从中清理Expect 标头,攻击者可能会利用可在请求中发送任意标头的web客户端组件进行跨站脚本(XSS)式攻击,比如使用Flash SWF文件。
英文描述:
http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated using a Flash SWF file.
CWE类型:
CWE-79
标签:
remote
linux
Thiago Zaninotti
OSVDB-27488
受影响产品
| 厂商 | 产品 | 版本 | 版本范围 | 平台 | CPE |
|---|---|---|---|---|---|
| apache | http_server | * | - | - |
cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
|
| debian | debian_linux | 3.1 | - | - |
cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
|
| canonical | ubuntu_linux | 6.06 | - | - |
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
|
| canonical | ubuntu_linux | 6.10 | - | - |
cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
|
| canonical | ubuntu_linux | 7.04 | - | - |
cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
|
| canonical | ubuntu_linux | 7.10 | - | - |
cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
|
| redhat | enterprise_linux_server | 2.0 | - | - |
cpe:2.3:o:redhat:enterprise_linux_server:2.0:*:*:*:*:*:*:*
|
| redhat | enterprise_linux_workstation | 2.0 | - | - |
cpe:2.3:o:redhat:enterprise_linux_workstation:2.0:*:*:*:*:*:*:*
|
解决方案
中文解决方案:
(暂无数据)
英文解决方案:
(暂无数据)
临时解决方案:
(暂无数据)
参考链接
20060801-01-P
vendor-advisory
cve.org
访问
cve.org
ADV-2010-1572
vdb-entry
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
28749
third-party-advisory
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
DSA-1167
vendor-advisory
cve.org
访问
cve.org
19661
vdb-entry
cve.org
访问
cve.org
21744
third-party-advisory
cve.org
访问
cve.org
20060724 Write-up by Amit Klein: "Forging HTTP request headers with Flash"
mailing-list
cve.org
访问
cve.org
HPSBUX02465
vendor-advisory
cve.org
访问
cve.org
1024144
vdb-entry
cve.org
访问
cve.org
22317
third-party-advisory
cve.org
访问
cve.org
22523
third-party-advisory
cve.org
访问
cve.org
SSRT090208
vendor-advisory
cve.org
访问
cve.org
ADV-2006-5089
vdb-entry
cve.org
访问
cve.org
ADV-2006-3264
vdb-entry
cve.org
访问
cve.org
20060508 Unfiltered Header Injection in Apache 1.3.34/2.0.57/2.2.1
mailing-list
cve.org
访问
cve.org
21598
third-party-advisory
cve.org
访问
cve.org
21399
third-party-advisory
cve.org
访问
cve.org
oval:org.mitre.oval:def:10352
vdb-entry
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
21478
third-party-advisory
cve.org
访问
cve.org
RHSA-2006:0619
vendor-advisory
cve.org
访问
cve.org
21986
third-party-advisory
cve.org
访问
cve.org
HPSBUX02612
vendor-advisory
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
ADV-2006-4207
vdb-entry
cve.org
访问
cve.org
21848
third-party-advisory
cve.org
访问
cve.org
RHSA-2006:0618
vendor-advisory
cve.org
访问
cve.org
PK24631
vendor-advisory
cve.org
访问
cve.org
SUSE-SA:2008:021
vendor-advisory
cve.org
访问
cve.org
RHSA-2006:0692
vendor-advisory
cve.org
访问
cve.org
40256
third-party-advisory
cve.org
访问
cve.org
SUSE-SA:2006:051
vendor-advisory
cve.org
访问
cve.org
ADV-2006-2963
vdb-entry
cve.org
访问
cve.org
21174
third-party-advisory
cve.org
访问
cve.org
USN-575-1
vendor-advisory
cve.org
访问
cve.org
oval:org.mitre.oval:def:12238
vdb-entry
cve.org
访问
cve.org
29640
third-party-advisory
cve.org
访问
cve.org
1294
third-party-advisory
cve.org
访问
cve.org
[3.9] 012: SECURITY FIX: October 7, 2006
vendor-advisory
cve.org
访问
cve.org
PK27875
vendor-advisory
cve.org
访问
cve.org
21172
third-party-advisory
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
1016569
vdb-entry
cve.org
访问
cve.org
ADV-2006-2964
vdb-entry
cve.org
访问
cve.org
22140
third-party-advisory
cve.org
访问
cve.org
[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
mailing-list
cve.org
访问
cve.org
[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
mailing-list
cve.org
访问
cve.org
[httpd-cvs] 20210330 svn commit: r1888194 [4/13] - /httpd/site/trunk/content/security/json/
mailing-list
cve.org
访问
cve.org
[httpd-cvs] 20210330 svn commit: r1073139 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
mailing-list
cve.org
访问
cve.org
[httpd-cvs] 20210330 svn commit: r1073149 [5/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/
mailing-list
cve.org
访问
cve.org
[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/
mailing-list
cve.org
访问
cve.org
[httpd-cvs] 20210603 svn commit: r1075360 [1/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
mailing-list
cve.org
访问
cve.org
[httpd-cvs] 20210606 svn commit: r1075467 [1/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
mailing-list
cve.org
访问
cve.org
[httpd-cvs] 20210606 svn commit: r1075470 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
mailing-list
cve.org
访问
cve.org
ExploitDB EDB-28424
EXPLOIT
exploitdb
访问
exploitdb
Download Exploit EDB-28424
EXPLOIT
exploitdb
访问
exploitdb
CVE Reference: CVE-2006-3918
ADVISORY
cve.org
访问
cve.org
CVSS评分详情
4.3
MEDIUM
CVSS向量:
AV:N/AC:M/Au:N/C:N/I:P/A:N
CVSS版本:
2.0
机密性
NONE
完整性
PARTIAL
可用性
NONE
时间信息
发布时间:
2006-07-28 00:00:00
修改时间:
2024-08-07 18:48:39
创建时间:
2025-11-11 15:32:36
更新时间:
2025-11-11 16:24:12
利用信息
此漏洞有可利用代码!
利用代码数量:
1
利用来源:
未知
数据源详情
| 数据源 | 记录ID | 版本 | 提取时间 |
|---|---|---|---|
| CVE | cve_CVE-2006-3918 |
2025-11-11 15:17:44 | 2025-11-11 07:32:36 |
| NVD | nvd_CVE-2006-3918 |
2025-11-11 14:51:50 | 2025-11-11 07:41:21 |
| CNNVD | cnnvd_CNNVD-200607-476 |
2025-11-11 15:08:52 | 2025-11-11 07:49:09 |
| EXPLOITDB | exploitdb_EDB-28424 |
2025-11-11 15:05:25 | 2025-11-11 08:24:12 |
版本与语言
当前版本:
v4
主要语言:
EN
支持语言:
EN
ZH
其他标识符:
:
:
安全公告
暂无安全公告信息
变更历史
v4
EXPLOITDB
2025-11-11 16:24:12
references_count: 56 → 59; tags_count: 0 → 4; data_sources: ['cnnvd', 'cve', 'nvd'] → ['cnnvd', 'cve', 'exploitdb', 'nvd']
查看详细变更
- references_count: 56 -> 59
- tags_count: 0 -> 4
- data_sources: ['cnnvd', 'cve', 'nvd'] -> ['cnnvd', 'cve', 'exploitdb', 'nvd']
v3
CNNVD
2025-11-11 15:49:09
vulnerability_type: 未提取 → 跨站脚本; cnnvd_id: 未提取 → CNNVD-200607-476; data_sources: ['cve', 'nvd'] → ['cnnvd', 'cve', 'nvd']
查看详细变更
- vulnerability_type: 未提取 -> 跨站脚本
- cnnvd_id: 未提取 -> CNNVD-200607-476
- data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
v2
NVD
2025-11-11 15:41:21
cvss_score: 未提取 → 4.3; cvss_vector: NOT_EXTRACTED → AV:N/AC:M/Au:N/C:N/I:P/A:N; cvss_version: NOT_EXTRACTED → 2.0; affected_products_count: 0 → 8; references_count: 59 → 56; data_sources: ['cve'] → ['cve', 'nvd']
查看详细变更
- cvss_score: 未提取 -> 4.3
- cvss_vector: NOT_EXTRACTED -> AV:N/AC:M/Au:N/C:N/I:P/A:N
- cvss_version: NOT_EXTRACTED -> 2.0
- affected_products_count: 0 -> 8
- references_count: 59 -> 56
- data_sources: ['cve'] -> ['cve', 'nvd']