CVE-2001-0729 — Apache Http Server vulnerability

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

2.3%

top 15.21%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apache Http Server

Timeline

PublishedOct 30

Latest updateApr 30

Description

Apache 1.3.20 on Windows servers allows remote attackers to bypass the default index page and list directory contents via a URL with a large number of / (slash) characters.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDapache/http_server1.3.20

🔴Vulnerability Details

GHSA

GHSA-24pg-m258-76qq: Apache 1↗2022-04-30

▶

CVEList

CVE-2001-0729: Apache 1↗2001-10-12

▶