Apache Win32 DOS Batch File Arbitrary Command Execution - Ver2 (CVE-2002-0061)

A command execution vulnerability has been reported in Apache Software Foundation Apache HTTP Server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

Apache HTTP Server Remote Command Execution via .bat files

The Apache HTTP Server 2.0.x Win32 installation is shipped with a default script, /cgi-bin/test-cgi.bat, that allows an attacker to execute commands on the Apache server although it is reported that any .bat file could open this vulnerability. SPDX-FileCopyrightText: 2002 Matt Moore Some text...

CVE-2002-0061

Apache HTTP Server on Windows (Win32) is vulnerable prior to versions 1.3.24 and 2.0.x prior to 2.0.34-beta. The flaw allows remote attackers to execute arbitrary commands by sending shell metacharacters (a pipe |) as arguments to batch (.bat) or .cmd scripts, which reach the shell interpreter (c...

Apache on Windows < 1.3.24 / 2.0.x < 2.0.34 DOS Batch File Arbitrary Command Execution

Apache for Win32 prior to 1.3.24 and 2.0.x prior to 2.0.34-beta is shipped with a default script, '/cgi-bin/test-cgi.bat', that allows an attacker to remotely execute arbitrary commands on the host subject to the permissions of the affected application. An attacker can send a pipe character '|'...