CVE-2003-0789Apache Http Server vulnerability

8 documents7 sources
Severity
10.0CRITICALNVD
EPSS
8.2%
top 7.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apache Http Server
Timeline
PublishedNov 3
Latest updateApr 29

Description

mod_cgid in Apache before 2.0.48, when using a threaded MPM, does not properly handle CGI redirect paths, which could cause Apache to send the output of a CGI program to the wrong client.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDapache/http_server2.0.352.0.48

🔴Vulnerability Details

3
GHSA
GHSA-v9gx-6vwh-26c3: mod_cgid in Apache before 22022-04-29
OSV
CVE-2003-0789: mod_cgid in Apache before 22003-11-03
CVEList
CVE-2003-0789: mod_cgid in Apache before 22003-10-30

📋Vendor Advisories

2
Red Hat
security flaw2003-10-28
Debian
CVE-2003-0789: apache2 - mod_cgid in Apache before 2.0.48, when using a threaded MPM, does not properly h...2003

💬Community

1
Bugzilla
CVE-2003-0789 security flaw2018-08-16
CVE-2003-0789 — Apache Http Server vulnerability | cvebase