Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0913

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2000-0913
Last Modified 05 Sep 2008 04:22:10
Published 19 Dec 2000 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-0913

Summary

mod_rewrite in Apache 1.3.12 and earlier allows remote attackers to read arbitrary files if a RewriteRule directive is expanded to include a filename whose name contains a regular expression.

Vulnerable Systems

Application

  • Apache Http Server 0.8.11

  • Apache Http Server 0.8.14

  • Apache Http Server 1.0

  • Apache Http Server 1.0.2

  • Apache Http Server 1.0.3

  • Apache Http Server 1.0.5

  • Apache Http Server 1.1

  • Apache Http Server 1.1.1

  • Apache Http Server 1.3.11

  • Apache Http Server 1.3.12


References

XF - apache-rewrite-view-files

BID - 1728

REDHAT - RHSA-2000:095

REDHAT - RHSA-2000:088

MANDRAKE - MDKSA-2000:060

CALDERA - CSSA-2000-035.0

HP - HPSBUX0010-126

BUGTRAQ - 20001011 Conectiva Linux Security Announcement - apache

BUGTRAQ - 20000929 Security vulnerability in Apache mod_rewrite


Last Updated: 27 May 2016 10:35:56