CVE-2003-1138

Exploit

EPSS 3.18%
Published 27.10.2003 05:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

The default configuration of Apache 2.0.40, as shipped with Red Hat Linux 9.0, allows remote attackers to list directory contents, even if auto indexing is turned off and there is a default web page configured, via a GET request containing a double slash (//).

Affected products Warnungen 0 Metrics 2 CWE 0 References 5

Data is provided by the National Vulnerability Database (NVD)

Redhat ≫ Interchange Version2.0.40_21.5 Editioni386

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	3.18%	0.858

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

http://www.securityfocus.com/archive/1/342578

Vendor Advisory

Exploit

http://www.securityfocus.com/bid/8898

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2003-1138

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2003-1138

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2003-1138

EUVD