CVE-2002-0107

Name of the Vulnerable Software and Affected Versions CacheFlow CacheOS versions 4.0.13 and earlier

Description The web administration interface in CacheFlow CacheOS allows remote attackers to obtain sensitive information via a series of GET requests that do not end with 'HTTP/1.0' or another version string. This causes the information to be leaked in the error message.

Recommendations For CacheFlow CacheOS versions 4.0.13 and earlier, consider restricting access to the web administration interface until a fix is available. As a temporary workaround, ensure that all GET requests to the interface include a valid HTTP version string to prevent information leakage.