Apache 1.3.12 Default Configuration Source Code Disclosure Vulnerability

Apache 1.3.12 Default Configuration Source Code Disclosure Vulnerability

CVE-2000-0868 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The default configuration of Apache 1.3.12 in SuSE Linux 6.4 allows remote attackers to read source code for CGI scripts by replacing the /cgi-bin/ in the requested URL with /cgi-bin-sdb/.

Learn more about our Cis Benchmark Audit For Apache Http Server.