CVE-2001-0108 — Mandrake Linux vulnerability

6 documents6 sources

Severity

5.0MEDIUMNVD

EPSS

0.4%

top 41.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mandrakesoft Mandrake Linux PHP

Timeline

PublishedMar 12

Latest updateApr 30

Description

PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶NVDphp/php4 versions+3

▶NVDmandrakesoft/mandrake_linux7.2

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-j2hw-525w-j8q2: PHP Apache module 4↗2022-04-30

▶

CVEList

CVE-2001-0108: PHP Apache module 4↗2001-09-18

▶

💥Exploits & PoCs

Exploit-DB

HP-UX 11.0 - SWVerify Buffer Overflow↗2001-09-03

▶

📋Vendor Advisories

Red Hat

security flaw↗2001-01-12

▶

💬Community

Bugzilla

CVE-2001-0108 security flaw↗2018-08-16

▶