CVE-2006-3918

http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated using a Flash SWF file.

• CWE-79

• ftp://patches.sgi.com/support/free/security/advisories/20060801-01-PBroken Link
• http://archives.neohapsis.com/archives/bugtraq/2006-05/0151.htmlBroken Link, Exploit
• http://archives.neohapsis.com/archives/bugtraq/2006-07/0425.htmlBroken Link, Exploit
• http://kb.vmware.com/KanisaPlatform/Publishing/466/5915871_f.SAL_Public.htmlThird Party Advisory
• http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.htmlMailing List, Third Party Advisory
• http://marc.info/?l=bugtraq&m=125631037611762&w=2Issue Tracking, Mailing List, Third Party Advisory
• http://marc.info/?l=bugtraq&m=129190899612998&w=2Issue Tracking, Mailing List, Third Party Advisory
• http://marc.info/?l=bugtraq&m=130497311408250&w=2Issue Tracking, Mailing List, Third Party Advisory
• http://openbsd.org/errata.html#httpd2Third Party Advisory
• http://rhn.redhat.com/errata/RHSA-2006-0618.htmlThird Party Advisory
• http://rhn.redhat.com/errata/RHSA-2006-0692.htmlThird Party Advisory
• http://secunia.com/advisories/21172Not Applicable, Patch, Vendor Advisory
• http://secunia.com/advisories/21174Not Applicable, Patch, Vendor Advisory
• http://secunia.com/advisories/21399Not Applicable
• http://secunia.com/advisories/21478Not Applicable
• http://secunia.com/advisories/21598Not Applicable
• http://secunia.com/advisories/21744Not Applicable
• http://secunia.com/advisories/21848Not Applicable
• http://secunia.com/advisories/21986Not Applicable
• http://secunia.com/advisories/22140Not Applicable
• http://secunia.com/advisories/22317Not Applicable
• http://secunia.com/advisories/22523Not Applicable
• http://secunia.com/advisories/28749Not Applicable
• http://secunia.com/advisories/29640Not Applicable
• http://secunia.com/advisories/40256Not Applicable
• http://securityreason.com/securityalert/1294Exploit, Third Party Advisory
• http://securitytracker.com/id?1016569Broken Link, Third Party Advisory, VDB Entry
• http://support.avaya.com/elmodocs2/security/ASA-2006-194.htmThird Party Advisory
• http://svn.apache.org/viewvc?view=rev&revision=394965Exploit, Vendor Advisory
• http://www-1.ibm.com/support/docview.wss?uid=swg1PK24631Third Party Advisory
• http://www-1.ibm.com/support/docview.wss?uid=swg24013080Third Party Advisory
• http://www.debian.org/security/2006/dsa-1167Third Party Advisory
• http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-2.htmlThird Party Advisory
• http://www.novell.com/linux/security/advisories/2006_51_apache.htmlThird Party Advisory
• http://www.redhat.com/support/errata/RHSA-2006-0619.htmlThird Party Advisory
• http://www.securityfocus.com/bid/19661Third Party Advisory, VDB Entry
• http://www.securitytracker.com/id?1024144Broken Link, Third Party Advisory, VDB Entry
• http://www.ubuntu.com/usn/usn-575-1Third Party Advisory
• http://www.vupen.com/english/advisories/2006/2963Permissions Required
• http://www.vupen.com/english/advisories/2006/2964Permissions Required
• http://www.vupen.com/english/advisories/2006/3264Permissions Required
• http://www.vupen.com/english/advisories/2006/4207Permissions Required
• http://www.vupen.com/english/advisories/2006/5089Permissions Required
• http://www.vupen.com/english/advisories/2010/1572Permissions Required
• http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117Broken Link
• https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10352Third Party Advisory
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12238Third Party Advisory
• ftp://patches.sgi.com/support/free/security/advisories/20060801-01-PBroken Link
• http://archives.neohapsis.com/archives/bugtraq/2006-05/0151.htmlBroken Link, Exploit
• http://archives.neohapsis.com/archives/bugtraq/2006-07/0425.htmlBroken Link, Exploit
• http://kb.vmware.com/KanisaPlatform/Publishing/466/5915871_f.SAL_Public.htmlThird Party Advisory
• http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.htmlMailing List, Third Party Advisory
• http://marc.info/?l=bugtraq&m=125631037611762&w=2Issue Tracking, Mailing List, Third Party Advisory
• http://marc.info/?l=bugtraq&m=129190899612998&w=2Issue Tracking, Mailing List, Third Party Advisory
• http://marc.info/?l=bugtraq&m=130497311408250&w=2Issue Tracking, Mailing List, Third Party Advisory
• http://openbsd.org/errata.html#httpd2Third Party Advisory
• http://rhn.redhat.com/errata/RHSA-2006-0618.htmlThird Party Advisory
• http://rhn.redhat.com/errata/RHSA-2006-0692.htmlThird Party Advisory
• http://secunia.com/advisories/21172Not Applicable, Patch, Vendor Advisory
• http://secunia.com/advisories/21174Not Applicable, Patch, Vendor Advisory
• http://secunia.com/advisories/21399Not Applicable
• http://secunia.com/advisories/21478Not Applicable
• http://secunia.com/advisories/21598Not Applicable
• http://secunia.com/advisories/21744Not Applicable
• http://secunia.com/advisories/21848Not Applicable
• http://secunia.com/advisories/21986Not Applicable
• http://secunia.com/advisories/22140Not Applicable
• http://secunia.com/advisories/22317Not Applicable
• http://secunia.com/advisories/22523Not Applicable
• http://secunia.com/advisories/28749Not Applicable
• http://secunia.com/advisories/29640Not Applicable
• http://secunia.com/advisories/40256Not Applicable
• http://securityreason.com/securityalert/1294Exploit, Third Party Advisory
• http://securitytracker.com/id?1016569Broken Link, Third Party Advisory, VDB Entry
• http://support.avaya.com/elmodocs2/security/ASA-2006-194.htmThird Party Advisory
• http://svn.apache.org/viewvc?view=rev&revision=394965Exploit, Vendor Advisory
• http://www-1.ibm.com/support/docview.wss?uid=swg1PK24631Third Party Advisory
• http://www-1.ibm.com/support/docview.wss?uid=swg24013080Third Party Advisory
• http://www.debian.org/security/2006/dsa-1167Third Party Advisory
• http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-2.htmlThird Party Advisory
• http://www.novell.com/linux/security/advisories/2006_51_apache.htmlThird Party Advisory
• http://www.redhat.com/support/errata/RHSA-2006-0619.htmlThird Party Advisory
• http://www.securityfocus.com/bid/19661Third Party Advisory, VDB Entry
• http://www.securitytracker.com/id?1024144Broken Link, Third Party Advisory, VDB Entry
• http://www.ubuntu.com/usn/usn-575-1Third Party Advisory
• http://www.vupen.com/english/advisories/2006/2963Permissions Required
• http://www.vupen.com/english/advisories/2006/2964Permissions Required
• http://www.vupen.com/english/advisories/2006/3264Permissions Required
• http://www.vupen.com/english/advisories/2006/4207Permissions Required
• http://www.vupen.com/english/advisories/2006/5089Permissions Required
• http://www.vupen.com/english/advisories/2010/1572Permissions Required
• http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117Broken Link
• https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10352Third Party Advisory
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12238Third Party Advisory

Published

Jul 28, 2006

Last Modified

Jun 16, 2026

Status

Modified