- EPSS 6.77%
- Veröffentlicht 30.10.2001 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:54:50
Apache 1.3.20 on Windows servers allows remote attackers to bypass the default index page and list directory contents via a URL with a large number of / (slash) characters.
- EPSS 11.92%
- Veröffentlicht 30.10.2001 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:54:51
split-logfile in Apache 1.3.20 allows remote attackers to overwrite arbitrary files that end in the .log extension via an HTTP request with a / (slash) in the Host: header.
CVE-2001-0766
- EPSS 8.86%
- Veröffentlicht 18.10.2001 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:54:55
Apache on MacOS X Client 10.0.3 with the HFS+ file system allows remote attackers to bypass access restrictions via a URL that contains some characters whose case is not matched by Apache's filters.
- EPSS 56.76%
- Veröffentlicht 01.10.2001 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:54:51
Apache 1.3.20 with Multiviews enabled allows remote attackers to view directory contents and bypass the index page via a URL containing the "M=D" query string.
- EPSS 4.31%
- Veröffentlicht 31.08.2001 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:55:31
Apache with mod_rewrite enabled on most UNIX systems allows remote attackers to bypass RewriteRules by inserting extra / (slash) characters into the requested path, which causes the regular expression in the RewriteRule to fail.
- EPSS 12.01%
- Veröffentlicht 12.05.2001 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:56:04
Apache before 1.3.20 on Windows and OS/2 systems allows remote attackers to cause a denial of service (GPF) via an HTTP request for a URI that contains a large number of / (slash) or other characters, which causes certain functions to dereference a n...
CVE-2001-0131
- EPSS 2.31%
- Veröffentlicht 12.03.2001 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:53:43
htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local users to overwrite arbitrary files via a symlink attack.
- EPSS 75.24%
- Veröffentlicht 12.03.2001 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:55:14
The default installation of Apache before 1.3.19 allows remote attackers to list directories instead of the multiview index.html file via an HTTP request for a path that contains many / (slash) characters, which causes the path to be mishandled by (1...
- EPSS 8.6%
- Veröffentlicht 16.02.2001 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:53:32
PHP 3.x (PHP3) on Apache 1.3.6 allows remote attackers to read arbitrary files via a modified .. (dot dot) attack containing "%5c" (encoded backslash) sequences.
- EPSS 34.58%
- Veröffentlicht 19.12.2000 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:52:45
mod_rewrite in Apache 1.3.12 and earlier allows remote attackers to read arbitrary files if a RewriteRule directive is expanded to include a filename whose name contains a regular expression.