NVD Vulnerability Detail

CVE-2012-2687

Summary	Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is not properly handled during construction of a variant list.
Publication Date	Aug. 23, 2012, 4:55 a.m.
Registration Date	Jan. 28, 2021, 2:58 p.m.
Last Update	Nov. 21, 2024, 10:39 a.m.

CVSS2.0 : LOW
Score	2.6
Vector	AV:N/AC:H/Au:N/C:N/I:P/A:N
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	高
攻撃前の認証要否(Au)	不要
機密性への影響(C)	なし
完全性への影響(I)	低
可用性への影響(A)	なし
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	はい

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:apache:http_server:2.2.23:::::::*
cpe:2.3:a:apache:http_server:2.4.1:::::::*
cpe:2.3:a:apache:http_server:2.2.11:::::::*
cpe:2.3:a:apache:http_server:2.2.0:::::::*
cpe:2.3:a:apache:http_server:2.2.10:::::::*
cpe:2.3:a:apache:http_server:2.2.13:::::::*
cpe:2.3:a:apache:http_server:2.2.2:::::::*
cpe:2.3:a:apache:http_server:2.4.0:::::::*
cpe:2.3:a:apache:http_server:2.2.4:::::::*
cpe:2.3:a:apache:http_server:2.2.17:::::::*
cpe:2.3:a:apache:http_server:2.2.16:::::::*
cpe:2.3:a:apache:http_server:2.2.21:::::::*
cpe:2.3:a:apache:http_server:2.2.8:::::::*
cpe:2.3:a:apache:http_server:2.2.14:::::::*
cpe:2.3:a:apache:http_server:2.2.6:::::::*
cpe:2.3:a:apache:http_server:2.2.22:::::::*
cpe:2.3:a:apache:http_server:2.2.19:::::::*
cpe:2.3:a:apache:http_server:2.2.9:::::::*
cpe:2.3:a:apache:http_server:2.2.18:::::::*
cpe:2.3:a:apache:http_server:2.2.12:::::::*
cpe:2.3:a:apache:http_server:2.2.3:::::::*
cpe:2.3:a:apache:http_server:2.4.2:::::::*
cpe:2.3:a:apache:http_server:2.2.15:::::::*
cpe:2.3:a:apache:http_server:2.2.20:::::::*
cpe:2.3:a:apache:http_server:2.2.1:::::::*

Related information, measures and tools

No	URL	タグ
1	http://httpd.apache.org/security/vulnerabilities_24.html	Vendor Advisory
2	http://httpd.apache.org/security/vulnerabilities_24.html	Vendor Advisory
3	http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html
4	http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html
5	http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html
6	http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html
7	http://lists.opensuse.org/opensuse-updates/2013-02/msg00011.html
8	http://lists.opensuse.org/opensuse-updates/2013-02/msg00011.html
9	http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html
10	http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html
11	http://mail-archives.apache.org/mod_mbox/www-announce/201208.mbox/%3C0BFFEA9B-801B-4BAA-9534-56F640268E30%40apache.org%3E
12	http://mail-archives.apache.org/mod_mbox/www-announce/201208.mbox/%3C0BFFEA9B-801B-4BAA-9534-56F640268E30%40apache.org%3E
13	http://marc.info/?l=bugtraq&m=136612293908376&w=2
14	http://marc.info/?l=bugtraq&m=136612293908376&w=2
15	http://marc.info/?l=bugtraq&m=136612293908376&w=2
16	http://marc.info/?l=bugtraq&m=136612293908376&w=2
17	http://rhn.redhat.com/errata/RHSA-2012-1591.html
18	http://rhn.redhat.com/errata/RHSA-2012-1591.html
19	http://rhn.redhat.com/errata/RHSA-2012-1592.html
20	http://rhn.redhat.com/errata/RHSA-2012-1592.html
21	http://rhn.redhat.com/errata/RHSA-2012-1594.html
22	http://rhn.redhat.com/errata/RHSA-2012-1594.html
23	http://rhn.redhat.com/errata/RHSA-2013-0130.html
24	http://rhn.redhat.com/errata/RHSA-2013-0130.html
25	http://secunia.com/advisories/50894
26	http://secunia.com/advisories/50894
27	http://secunia.com/advisories/51607
28	http://secunia.com/advisories/51607
29	http://support.apple.com/kb/HT5880
30	http://support.apple.com/kb/HT5880
31	http://www.apache.org/dist/httpd/CHANGES_2.4.3
32	http://www.apache.org/dist/httpd/CHANGES_2.4.3
33	http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html
34	http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html
35	http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
36	http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
37	http://www.securityfocus.com/bid/55131
38	http://www.securityfocus.com/bid/55131
39	http://www.ubuntu.com/usn/USN-1627-1
40	http://www.ubuntu.com/usn/USN-1627-1
41	http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf
42	http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf
43	http://www-01.ibm.com/support/docview.wss?uid=nas2a2b50a0ca011b37c86257a96003c9a4f
44	http://www-01.ibm.com/support/docview.wss?uid=nas2a2b50a0ca011b37c86257a96003c9a4f
45	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
46	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
47	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
48	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
49	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
50	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
51	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
52	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
53	https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E
54	https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E
55	https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E
56	https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E
57	https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
58	https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
59	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
60	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
61	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
62	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
63	https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E
64	https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E
65	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
66	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
67	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
68	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
69	https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
70	https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
71	https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
72	https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
73	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
74	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
75	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
76	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
77	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
78	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
79	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
80	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
81	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
82	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
83	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18832
84	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18832
85	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19539
86	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19539

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-79	クロスサイト・スクリプティング（XSS）	https://cwe.mitre.org/data/definitions/79.html

JVN Vulnerability Information

Apache HTTP Server の mod_negotiation モジュールにおけるクロスサイトスクリプティングの脆弱性

Title	Apache HTTP Server の mod_negotiation モジュールにおけるクロスサイトスクリプティングの脆弱性
Summary	Apache HTTP Server の mod_negotiation モジュールの mod_negotiation.c 内の make_variant_list 関数には、MultiViews オプションが有効になっている場合、クロスサイトスクリプティングの脆弱性が存在します。
Possible impacts	第三者により、variant リストの作成において適切に処理されない巧妙に細工されたファイル名を介して、任意の Web スクリプトまたは HTML を挿入される可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	June 13, 2012, midnight
Registration Date	Aug. 24, 2012, 2:11 p.m.
Last Update	Aug. 2, 2016, 5:34 p.m.

Affected System

Apache Software Foundation

Apache HTTP Server 2.4.3 未満の 2.4.x

オラクル

Oracle HTTP Server

アップル

Apple Mac OS X v10.6.8

Apple Mac OS X v10.7.5

Apple Mac OS X v10.8 から v10.8.4

Apple Mac OS X Server v10.6.8

Apple Mac OS X Server v10.7.5

日本電気

CSVIEW /FAQナビすべてのバージョン

CSVIEW /Webアンケートすべてのバージョン

WebOTX Application Server Enterprise V8.2 から V8.5

WebOTX Application Server Express V8.2 から V8.5

WebOTX Application Server Foundation V8.2 から V8.5

WebOTX Application Server Standard V8.2 から V8.5

WebOTX Enterprise Service Bus V8.2 から V8.5

WebOTX Portal V8.2 から V8.4

富士通

Interstage Application Framework Suite

Interstage Application Server

Interstage Apworks

Interstage Business Application Server

Interstage Job Workload Server

Interstage Studio

Interstage Web Server

Interstage Web Server Express

Systemwalker Resource Coordinator

日立

Cosminexus Application Server Enterprise Version 6

Cosminexus Application Server Standard Version 6

Cosminexus Application Server Version 5

Cosminexus Client Version 6

Cosminexus Developer Light Version 6

Cosminexus Developer Professional Version 6

Cosminexus Developer Standard Version 6

Cosminexus Developer Version 5

Cosminexus HTTP Server

Cosminexus Primary Server Base

Cosminexus Studio Version 5

Hitachi Web Server

Hitachi Web Server - Security Enhancement

uCosminexus Application Server

uCosminexus Application Server Express

uCosminexus Application Server Light

uCosminexus Application Server Smart

uCosminexus Application Server Enterprise

uCosminexus Application Server Smart Edition

uCosminexus Application Server Standard

uCosminexus Application Server Standard -R

uCosminexus Developer

uCosminexus Developer 01

uCosminexus Developer Professional

uCosminexus Developer Professional for Plug-in

uCosminexus Developer Light

uCosminexus Developer Standard

uCosminexus Primary Server Base

uCosminexus Service Architect

uCosminexus Service Platform

uCosminexus Service Platform - Messaging

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2012-2687	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2687
National Vulnerability Database (NVD)
2	CVE-2012-2687	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2687

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-79	https://jvndb.jvn.jp/ja/cwe/CWE-79.html

ベンダー情報

No	Name	URL
Apache httpd 2.4 vulnerabilities
1	Fixed in Apache httpd 2.4.3	http://httpd.apache.org/security/vulnerabilities_24.html#2.4.3
Apple Mailing Lists
2	APPLE-SA-2013-09-12-1	http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html
Apple Security Updates
3	HT5880	http://support.apple.com/kb/HT5880
Apple セキュリティアップデート
4	HT5880	http://support.apple.com/kb/HT5880?viewlocale=ja_JP
Changes with Apache
5	Apache 2.4.3	http://www.apache.org/dist/httpd/CHANGES_2.4.3
Hitachi Software Vulnerability Information
6	HS12-028	http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-028/index.html
IBM APAR
7	SE53614	http://www-01.ibm.com/support/docview.wss?uid=nas2a2b50a0ca011b37c86257a96003c9a4f
Mailing list archives
8	Apache HTTP Server 2.4.3 Released	http://mail-archives.apache.org/mod_mbox/www-announce/201208.mbox/%3C0BFFEA9B-801B-4BAA-9534-56F640268E30@apache.org%3E
NEC製品セキュリティ情報
9	NV14-007	http://jpn.nec.com/security-info/secinfo/nv14-007.html
opensuse-updates
10	openSUSE-SU-2013:0243	http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html
11	openSUSE-SU-2013:0245	http://lists.opensuse.org/opensuse-updates/2013-02/msg00011.html
12	openSUSE-SU-2013:0248	http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html
Oracle Critical Patch Update
13	Oracle Critical Patch Update Advisory - July 2013	http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
14	Text Form of Oracle Critical Patch Update - July 2013 Risk Matrices	http://www.oracle.com/technetwork/topics/security/cpujuly2013verbose-1899830.html
Red Hat Security Advisory
15	RHSA-2012:1591	http://rhn.redhat.com/errata/RHSA-2012-1591.html
16	RHSA-2012:1592	http://rhn.redhat.com/errata/RHSA-2012-1592.html
17	RHSA-2012:1594	http://rhn.redhat.com/errata/RHSA-2012-1594.html
18	RHSA-2013:0130	http://rhn.redhat.com/errata/RHSA-2013-0130.html
SECURITY BLOG
19	July 2013 Critical Patch Update Released	https://blogs.oracle.com/security/entry/july_2013_critical_patch_update
20	Multiple vulnerabilities in Apache HTTP server (Jan 29, 2013)	https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_apache_http2
21	Multiple vulnerabilities in Apache HTTP Server (Jul 16, 2013)	https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_apache_http3
Ubuntu Security Notice
22	USN-1627-1	http://www.ubuntu.com/usn/USN-1627-1/
Xerox Security Bulletin
23	XRX13-003	http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf
ソフトウェア製品セキュリティ情報
24	HS12-028	http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS12-028/index.html
富士通セキュリティ情報
25	Interstage HTTP Server (CVE-2011-3607/ CVE-2012-3499/ CVE-2012-2687/ CVE-2013-1862)	http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_as_201303.html

Change Log

No	Changed Details	Date of change
0	[2012年08月24日] 掲載 [2012年12月03日] 影響を受けるシステム：日立 (HS12-028) の情報を追加ベンダ情報：日立 (HS12-028) を追加 [2012年12月26日] ベンダ情報：Ubuntu (USN-1627-1) を追加 [2013年01月11日] ベンダ情報：レッドハット (RHSA-2012:1591) を追加ベンダ情報：レッドハット (RHSA-2012:1592) を追加ベンダ情報：レッドハット (RHSA-2012:1594) を追加 [2013年01月25日] ベンダ情報：オラクル (Multiple vulnerabilities in Apache HTTP server) を追加 [2013年06月10日] ベンダ情報：Apache Software Foundation (Apache HTTP Server 2.4.3 Released) を追加ベンダ情報：Xerox (XRX13-003) を追加ベンダ情報：Novell (openSUSE-SU-2013:0243) を追加ベンダ情報：Novell (openSUSE-SU-2013:0245) を追加ベンダ情報：Novell (openSUSE-SU-2013:0248) を追加ベンダ情報：レッドハット (RHSA-2013:0130) を追加 [2013年07月18日] 影響を受けるシステム：オラクル (Oracle Critical Patch Update Advisory - July 2013) の情報を追加ベンダ情報：オラクル (Oracle Critical Patch Update Advisory - July 2013) を追加ベンダ情報：オラクル (Text Form of Oracle Critical Patch Update - July 2013 Risk Matrices) を追加ベンダ情報：オラクル (July 2013 Critical Patch Update Released) を追加 [2013年07月25日] ベンダ情報：オラクル (Multiple vulnerabilities in Apache HTTP Server (Jul 16, 2013)) を追加 [2013年09月30日] 影響を受けるシステム：アップル (HT5880) の情報を追加ベンダ情報：アップル (HT5880) を追加ベンダ情報：アップル (APPLE-SA-2013-09-12-1) を追加 [2013年11月28日] 影響を受けるシステム：内容を更新ベンダ情報：IBM (SE53614) を追加ベンダ情報：富士通 (Interstage HTTP Server (CVE-2011-3607/ CVE-2012-3499/ CVE-2012-2687/ CVE-2013-1862)) を追加 [2014年06月03日] 影響を受けるシステム：日本電気 (NV14-007) の情報を追加ベンダ情報：日本電気 (NV14-007) を追加 [2016年08月02日] 影響を受けるシステム：ベンダ情報の更新に伴い内容を更新	Feb. 17, 2018, 10:37 a.m.

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:apache:http_server:2.2.23:::::::*
cpe:2.3:a:apache:http_server:2.4.1:::::::*
cpe:2.3:a:apache:http_server:2.2.11:::::::*
cpe:2.3:a:apache:http_server:2.2.0:::::::*
cpe:2.3:a:apache:http_server:2.2.10:::::::*
cpe:2.3:a:apache:http_server:2.2.13:::::::*
cpe:2.3:a:apache:http_server:2.2.2:::::::*
cpe:2.3:a:apache:http_server:2.4.0:::::::*
cpe:2.3:a:apache:http_server:2.2.4:::::::*
cpe:2.3:a:apache:http_server:2.2.17:::::::*
cpe:2.3:a:apache:http_server:2.2.16:::::::*
cpe:2.3:a:apache:http_server:2.2.21:::::::*
cpe:2.3:a:apache:http_server:2.2.8:::::::*
cpe:2.3:a:apache:http_server:2.2.14:::::::*
cpe:2.3:a:apache:http_server:2.2.6:::::::*
cpe:2.3:a:apache:http_server:2.2.22:::::::*
cpe:2.3:a:apache:http_server:2.2.19:::::::*
cpe:2.3:a:apache:http_server:2.2.9:::::::*
cpe:2.3:a:apache:http_server:2.2.18:::::::*
cpe:2.3:a:apache:http_server:2.2.12:::::::*
cpe:2.3:a:apache:http_server:2.2.3:::::::*
cpe:2.3:a:apache:http_server:2.4.2:::::::*
cpe:2.3:a:apache:http_server:2.2.15:::::::*
cpe:2.3:a:apache:http_server:2.2.20:::::::*
cpe:2.3:a:apache:http_server:2.2.1:::::::*