PT-2000-1792 · Apache · Apache
Published
2000-11-14
·
Updated
2017-10-10
·
CVE-2000-0869
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Apache version 1.3.12
Description
The default configuration of Apache enables WebDAV, allowing remote attackers to list arbitrary directories via the PROPFIND HTTP request method.
Recommendations
For Apache version 1.3.12, consider disabling WebDAV to prevent remote attackers from listing arbitrary directories. As a temporary workaround, restrict access to the PROPFIND HTTP request method until a more permanent solution is available.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Apache