Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0017

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2003-0017
Last Modified 10 Sep 2008 03:17:23
Published 07 Feb 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0017

Summary

Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as ">", which causes a different filename to be processed and served.

Vulnerable Systems

Application

  • Apache Http Server 2.0.36

  • Apache Http Server 2.0.37

  • Apache Http Server 2.0.38

  • Apache Http Server 2.0.39

  • Apache Http Server 2.0.40

  • Apache Http Server 2.0.41

  • Apache Http Server 2.0.42

  • Apache Http Server 2.0.43


References

CONFIRM - http://marc.theaimsgroup.com/?l=apache-httpd-announce&m=104313442901017&w=2


Last Updated: 27 May 2016 10:37:45