7.3 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
55.1%
Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote attackers to obtain sensitive information via (1) the ETag header, which reveals the inode number, or (2) multipart MIME boundary, which reveals child process IDs (PID).
www.openbsd.org/errata32.html
www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
www.securityfocus.com/bid/6939
www.securityfocus.com/bid/6943
exchange.xforce.ibmcloud.com/vulnerabilities/11438