Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0789

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2003-0789
Last Modified 06 Aug 2013 03:08:20
Published 03 Nov 2003 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0789

Summary

mod_cgid in Apache before 2.0.48, when using a threaded MPM, does not properly handle CGI redirect paths, which could cause Apache to send the output of a CGI program to the wrong client.

Vulnerable Systems

Application

  • Apache Http Server 2.0.48


References

REDHAT - RHSA-2003:320

BUGTRAQ - 20031031 GLSA: apache (200310-04)

XF - apache-modcgi-info-disclosure(13552)

BID - 8926

HP - HPSBUX0311-301

MANDRAKE - MDKSA-2003:103

CIAC - O-015

GENTOO - 200310-04

CONFIRM - http://lists.apple.com/mhonarc/security-announce/msg00045.html

CONFIRM - http://docs.info.apple.com/article.html?artnum=61798

CONECTIVA - CLA-2003:775

CONFIRM - http://apache.secsup.org/dist/httpd/Announcement2.html

BID - 9504

APPLE - APPLE-SA-2004-01-26


Last Updated: 27 May 2016 10:38:03