A vulnerability was discovered in the mod_proxy module in Apache where it did not limit the number of forwarded interim responses, allowing remote HTTP servers to cause a denial of service via a large number of interim responses . A cross-site scripting vulnerability was found in the mod_proxy_ftp module in Apache that allowed remote attackers to inject arbitrary web script or HTML via wildcards in a pathname in an FTP URI . The updated packages have been patched to prevent these issues.