CVE-2002-0661

Name of the Vulnerable Software and Affected Versions Apache versions 2.0 through 2.0.39

Description The issue allows remote attackers to read arbitrary files and execute commands via .. (dot dot) sequences containing (backslash) characters. Certain URIs can bypass security and allow users to invoke or access any file depending on the system configuration. This affects Windows, OS2, Netware, and Cygwin platforms.

Recommendations For Apache versions 2.0 through 2.0.39, consider restricting access to sensitive files and directories to minimize the risk of exploitation. As a temporary workaround, consider disabling the use of .. (dot dot) sequences containing (backslash) characters in URIs until a patch is available. Restrict access to sensitive URIs to prevent bypassing security measures.