CVE-2001-0042

Name of the Vulnerable Software and Affected Versions: PHP versions 3.x

Description: The issue allows remote attackers to read arbitrary files via a modified .. (dot dot) attack containing "%5c" (encoded backslash) sequences. This is possible when PHP 3.x is used on Apache 1.3.6.

Recommendations: For PHP version 3.x, consider upgrading to a newer version that is not affected by this issue, or apply configuration changes to restrict access to sensitive files. As a temporary workaround, restrict access to the vulnerable directory traversal functionality until a patch is available.