CVE-2002-0240

Name of the Vulnerable Software and Affected Versions PHP (affected versions not specified)

Description The issue allows remote attackers to obtain the full pathname of the server via the HTTP OPTIONS method. This is possible when PHP is installed with Apache and configured to search for index.php as a default web page, as the resulting error message reveals the pathname.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.