CVE-2003-0017Apache Http Server vulnerability

3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
3.3%
top 12.84%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apache Http Server
Timeline
PublishedFeb 7
Latest updateApr 29

Description

Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as ">", which causes a different filename to be processed and served.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDapache/http_server8 versions+7

🔴Vulnerability Details

2
GHSA
GHSA-hhrh-qrm3-h22r: Apache 22022-04-29
CVEList
CVE-2003-0017: Apache 22004-09-01
CVE-2003-0017 — Apache Http Server vulnerability | cvebase