Bypassing .htaccess Access Restrictions in PHP Apache Module 4.0.4 and Earlier

Bypassing .htaccess Access Restrictions in PHP Apache Module 4.0.4 and Earlier

CVE-2001-0108 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested.

Learn more about our Cis Benchmark Audit For Apache Http Server.