Lucene search
HistoryDec 31, 2003 - 5:00 a.m.
CVE-2003-1418
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
7.3 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
55.1%
Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote attackers to obtain sensitive information via (1) the ETag header, which reveals the inode number, or (2) multipart MIME boundary, which reveals child process IDs (PID).
Affected configurations
Node
apachehttp_serverMatch1.3.22
ORapachehttp_serverMatch1.3.23
ORapachehttp_serverMatch1.3.24
ORapachehttp_serverMatch1.3.25
ORapachehttp_serverMatch1.3.26
ORapachehttp_serverMatch1.3.27
Related
openvas
openvas
Apache HTTP Server ETag Header Information Disclosure Weakness
2011-03-21 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:0689-1)
2021-06-09 00:00:00
cve
cve
CVE-2003-1418
2007-10-20 10:00:00
nessus
nessus
Apache Server ETag Header Information Disclosure
2016-01-22 00:00:00
SuSE 11.3 Security Update : apache2 (SAT Patch Number 10533)
2015-04-09 00:00:00
cvelist
cvelist
CVE-2003-1418
2007-10-20 10:00:00
pentestpartners
pentestpartners
Vulnerabilities that arenβt. ETag headers
2022-02-04 06:24:59
f5
f5
K15904 : Multiple third-party application-server vulnerabilities
2014-12-11 00:00:00
SOL15904 - Multiple third-party application-server vulnerabilities
2014-12-11 00:00:00
oracle
oracle
Oracle Critical Patch Update - October 2017
2017-10-17 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
7.3 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
55.1%
Related for NVD:CVE-2003-1418