Lucene search

[email protected]CVE-2002-0661

HistoryAug 12, 2002 - 4:00 a.m.

CVE-2002-0661

2002-08-1204:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

apache

vulnerability

directory traversal

remote attackers

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.96 High

EPSS

Percentile

99.4%

JSON

Directory traversal vulnerability in Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote attackers to read arbitrary files and execute commands via … (dot dot) sequences containing \ (backslash) characters.

CPENameOperatorVersion
apache:http_serverapache http servereq2.0.28
apache:http_serverapache http servereq2.0.35
apache:http_serverapache http servereq2.0.37
apache:http_serverapache http servereq2.0.32
apache:http_serverapache http servereq2.0.34
apache:http_serverapache http servereq2.0.39
apache:http_serverapache http servereq2.0.38
apache:http_serverapache http servereq2.0.36
apache:http_serverapache http servereq2.0

CPE	Name	Operator	Version
apache:http_server	apache http server	eq	2.0.28
apache:http_server	apache http server	eq	2.0.35
apache:http_server	apache http server	eq	2.0.37
apache:http_server	apache http server	eq	2.0.32
apache:http_server	apache http server	eq	2.0.34
apache:http_server	apache http server	eq	2.0.39
apache:http_server	apache http server	eq	2.0.38
apache:http_server	apache http server	eq	2.0.36
apache:http_server	apache http server	eq	2.0

References

httpd.apache.org/info/security_bulletin_20020908a.txt

marc.info/?l=bugtraq&m=102892744011436&w=2

marc.info/?l=bugtraq&m=102951160411052&w=2

www.iss.net/security_center/static/9808.php

www.securityfocus.com/bid/5434

lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.96 High

EPSS

Percentile

99.4%

JSON

Related for CVE-2002-0661

securityvulns2 openvas1 debiancve1 httpd1 nessus1