CVE-2000-0868Apache Http Server vulnerability

4 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
8.8%
top 7.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apache Http ServerSuse Linux
Timeline
PublishedNov 14
Latest updateApr 30

Description

The default configuration of Apache 1.3.12 in SuSE Linux 6.4 allows remote attackers to read source code for CGI scripts by replacing the /cgi-bin/ in the requested URL with /cgi-bin-sdb/.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

NVDsuse/suse_linux6.3, 6.4+1
NVDapache/http_server1.3.12

Patches

Patch: archives.neohapsis.comPatch: www.atstake.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-r7r9-rf39-874f: The default configuration of Apache 12022-04-30
CVEList
CVE-2000-0868: The default configuration of Apache 12001-01-22

🔍Detection Rules

1
Suricata
GPL WEB_SERVER printenv access2010-09-23
CVE-2000-0868 — Apache Http Server vulnerability | cvebase