CVE Vulnerabilities

CVE-2002-0661

Published: Aug 12, 2002 | Modified: Nov 20, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Directory traversal vulnerability in Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote attackers to read arbitrary files and execute commands via .. (dot dot) sequences containing (backslash) characters.

Affected Software

Name Vendor Start Version End Version
Http_server Apache 2.0 (including) 2.0 (including)
Http_server Apache 2.0.28 (including) 2.0.28 (including)
Http_server Apache 2.0.28-beta (including) 2.0.28-beta (including)
Http_server Apache 2.0.32 (including) 2.0.32 (including)
Http_server Apache 2.0.32-beta (including) 2.0.32-beta (including)
Http_server Apache 2.0.34-beta (including) 2.0.34-beta (including)
Http_server Apache 2.0.35 (including) 2.0.35 (including)
Http_server Apache 2.0.36 (including) 2.0.36 (including)
Http_server Apache 2.0.37 (including) 2.0.37 (including)
Http_server Apache 2.0.38 (including) 2.0.38 (including)
Http_server Apache 2.0.39 (including) 2.0.39 (including)

References