Lucene search
Apache Team FoundationHTTPD:7AEE8B3130DC88AED80E271BB01A632FHistoryOct 13, 2000 - 12:00 a.m.
Apache Httpd < 1.3.14 : Rewrite rules that include references allow access to any file
2000-10-1300:00:00
Apache Team Foundation
httpd.apache.org
15
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
0.005
Percentile
77.0%
The Rewrite module, mod_rewrite, can allow access to any file on the web server. The vulnerability occurs only with certain specific cases of using regular expression references in RewriteRule directives: If the destination of a RewriteRule contains regular expression references then an attacker will be able to access any file on the server.
Affected configurations
Node
apacheapache_httpdMatch1.3.12
ORapacheapache_httpdMatch1.3.11
ORapacheapache_httpdMatch1.3.9
ORapacheapache_httpdMatch1.3.6
ORapacheapache_httpdMatch1.3.4
ORapacheapache_httpdMatch1.3.3
ORapacheapache_httpdMatch1.3.2
ORapacheapache_httpdMatch1.3.1
ORapacheapache_httpdMatch1.3.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| apache | apache_httpd | 1.3.12 | cpe:2.3:a:apache:apache_httpd:1.3.12:*:*:*:*:*:*:* |
| apache | apache_httpd | 1.3.11 | cpe:2.3:a:apache:apache_httpd:1.3.11:*:*:*:*:*:*:* |
| apache | apache_httpd | 1.3.9 | cpe:2.3:a:apache:apache_httpd:1.3.9:*:*:*:*:*:*:* |
| apache | apache_httpd | 1.3.6 | cpe:2.3:a:apache:apache_httpd:1.3.6:*:*:*:*:*:*:* |
| apache | apache_httpd | 1.3.4 | cpe:2.3:a:apache:apache_httpd:1.3.4:*:*:*:*:*:*:* |
| apache | apache_httpd | 1.3.3 | cpe:2.3:a:apache:apache_httpd:1.3.3:*:*:*:*:*:*:* |
| apache | apache_httpd | 1.3.2 | cpe:2.3:a:apache:apache_httpd:1.3.2:*:*:*:*:*:*:* |
| apache | apache_httpd | 1.3.1 | cpe:2.3:a:apache:apache_httpd:1.3.1:*:*:*:*:*:*:* |
| apache | apache_httpd | 1.3.0 | cpe:2.3:a:apache:apache_httpd:1.3.0:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2000-0913
2001-01-22 05:00:00
nessus
nessus
Mandrake Linux Security Advisory : apache (MDKSA-2000:060-2)
2012-09-06 00:00:00
cve
cve
CVE-2000-0913
2001-01-22 05:00:00
nvd
nvd
CVE-2000-0913
2000-12-19 05:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
0.005
Percentile
77.0%
Related for HTTPD:7AEE8B3130DC88AED80E271BB01A632F