Russian Vulnerability Scanner Database

Back to List

CVE-2001-0925

Scores

EPSS

0.895high89.5%
0%20%40%60%80%100%

Percentile: 89.5%

CVSS

5.0medium2.0
0246810

CVSS Score: 5.0/10

All CVSS Scores

CVSS 2.0
5.0

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Description

The default installation of Apache before 1.3.19 allows remote attackers to list directories instead of the multiview index.html file via an HTTP request for a path that contains many / (slash) characters, which causes the path to be mishandled by (1) mod_negotiation, (2) mod_dir, or (3) mod_autoindex.

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7

Sources

nvd

CWEs

CWE-22

Exploits

Exploit ID: 20692

Source: exploitdb

URL: https://www.exploit-db.com/exploits/20692

Exploit ID: 20693

Source: exploitdb

URL: https://www.exploit-db.com/exploits/20693

Exploit ID: 20694

Source: exploitdb

URL: https://www.exploit-db.com/exploits/20694

Exploit ID: 20695

Source: exploitdb

URL: https://www.exploit-db.com/exploits/20695

Vulnerable Software (2)

Type: Configuration

Vendor: *

Product: debian_linux

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

Type: Configuration

Vendor: *

Product: http_server

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:apache:http_server:1.3.11:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:apache:http_server:1.3.12:*:*:*:*:*:*...

Source: nvd

End of list