PT-2001-2172 · Xcache · Xcache

Published

2001-09-21

Updated

2017-12-19

CVE-2001-1023

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Xcache version 2.1

Description The issue allows remote attackers to determine the absolute path of web server documents. This is achieved by requesting a URL that is not cached, which returns the full pathname in the Content-PageName header.

Recommendations For Xcache version 2.1, update to a version where this issue is fixed, as the current version allows attackers to obtain sensitive information about the web server's document path.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-1023

Affected Products

Xcache

PT-2001-2172 · Xcache · Xcache

CVE-2001-1023

Related Identifiers

Affected Products

References · 4