Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0661

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0661
Last Modified 10 Sep 2008 03:12:40
Published 12 Aug 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0661

Summary

Directory traversal vulnerability in Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote attackers to read arbitrary files and execute commands via .. (dot dot) sequences containing \ (backslash) characters.

Vulnerable Systems

Application

  • Apache Http Server 2.0

  • Apache Http Server 2.0.28

  • Apache Http Server 2.0.32

  • Apache Http Server 2.0.34

  • Apache Http Server 2.0.35

  • Apache Http Server 2.0.36

  • Apache Http Server 2.0.37

  • Apache Http Server 2.0.38

  • Apache Http Server 2.0.39


References

CONFIRM - http://httpd.apache.org/info/security_bulletin_20020908a.txt

BID - 5434

XF - apache-access-data(9808)

BUGTRAQ - 20020816 Apache 2.0.39 directory traversal and path disclosure bug

BUGTRAQ - 20020809 Apache 2.0 vulnerability affects non-Unix platforms


Last Updated: 27 May 2016 10:37:00