Vulnerability Description: - Apache server vulnerabilities including cross-site scripting and denial of service risks. Affected Packages and Versions: - Package: www-servers/apache on all architectures - Affected versions: = 2.0.55-r1, revision >= 2.0.54-r16 - = 1.3.34-r2, revision >= 1.3.34-r11 - revision >= 1.3.37 Vulnerability Severity: - Severity: normal - Exploitable: remote Background and Impact: - The Apache HTTP server is widely used, with the mod_imap module handling server-side image maps and the mod_ssl module providing secure connections. Vulnerabilities in mod_imap and mod_ssl could allow remote attackers to inject arbitrary HTML or JavaScript for information gathering, or cause a denial of service with certain configurations. Resolution: - Upgrade to the latest Apache version. Instructions are provided for different configurations and versions. Vulnerability References: - CVE-2005-3352 - CVE-2005-3357