Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0061


Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0061
Last Modified 05 Sep 2008 04:27:04
Published 21 Mar 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Apache for Win32 before 1.3.24, and 2.0.x before 2.0.34-beta, allows remote attackers to execute arbitrary commands via shell metacharacters (a | pipe character) provided as arguments to batch (.bat) or .cmd scripts, which are sent unfiltered to the shell interpreter, typically cmd.exe.

Vulnerable Systems


  • Apache Http Server 1.3.23

  • Apache Http Server 2.0.28


BUGTRAQ - 20020321 Vulnerability in Apache for Win32 batch file processing - Remote command execution


BID - 4335

XF - apache-dos-batch-command-execution(8589)

BUGTRAQ - 20020325 Apache 1.3.24 Released! (fwd)

Last Updated: 27 May 2016 10:36:46