CVE-2002-0061
published 2002-03-21CVE-2002-0061: Apache for Win32 before 1.3.24, and 2.0.x before 2.0.34-beta, allows remote attackers to execute arbitrary commands via shell metacharacters (a | pipe…
high7.5CVSS 3.1
AVNACLAuNCPIPAP
EXPLOIT
Apache for Win32 before 1.3.24, and 2.0.x before 2.0.34-beta, allows remote attackers to execute arbitrary commands via shell metacharacters (a | pipe character) provided as arguments to batch (.bat) or .cmd scripts, which are sent unfiltered to the shell interpreter, typically cmd.exe.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | http_server | < 1.3.24 | 1.3.24 |
| apache | http_server | >= 2.0.0 < 2.0.34 | 2.0.34 |