mod_access in Apache 1.3 before 1.3.30, when running big-endian 64-bit platforms, does not properly parse Allow/Deny rules using IP addresses without a netmask, which could allow remote attackers to bypass intended access restrictions.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Http_server | Apache | 1.3 (including) | 1.3 (including) |
| Http_server | Apache | 1.3.1 (including) | 1.3.1 (including) |
| Http_server | Apache | 1.3.3 (including) | 1.3.3 (including) |
| Http_server | Apache | 1.3.4 (including) | 1.3.4 (including) |
| Http_server | Apache | 1.3.6 (including) | 1.3.6 (including) |
| Http_server | Apache | 1.3.7 (including) | 1.3.7 (including) |
| Http_server | Apache | 1.3.9 (including) | 1.3.9 (including) |
| Http_server | Apache | 1.3.11 (including) | 1.3.11 (including) |
| Http_server | Apache | 1.3.12 (including) | 1.3.12 (including) |
| Http_server | Apache | 1.3.14 (including) | 1.3.14 (including) |
| Http_server | Apache | 1.3.17 (including) | 1.3.17 (including) |
| Http_server | Apache | 1.3.18 (including) | 1.3.18 (including) |
| Http_server | Apache | 1.3.19 (including) | 1.3.19 (including) |
| Http_server | Apache | 1.3.20 (including) | 1.3.20 (including) |
| Http_server | Apache | 1.3.22 (including) | 1.3.22 (including) |
| Http_server | Apache | 1.3.23 (including) | 1.3.23 (including) |
| Http_server | Apache | 1.3.24 (including) | 1.3.24 (including) |
| Http_server | Apache | 1.3.25 (including) | 1.3.25 (including) |
| Http_server | Apache | 1.3.26 (including) | 1.3.26 (including) |
| Http_server | Apache | 1.3.27 (including) | 1.3.27 (including) |
| Http_server | Apache | 1.3.28 (including) | 1.3.28 (including) |
| Http_server | Apache | 1.3.29 (including) | 1.3.29 (including) |