PT-2002-2149 · Apache · Apache+1
Published
2002-10-03
·
Updated
2021-06-06
·
CVE-2002-1156
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
Apache version 2.0.42
Description:
The issue allows remote attackers to view the source code of a CGI script. This occurs when a POST request is made to a directory where both WebDAV and CGI are enabled.
Recommendations:
For Apache version 2.0.42, consider disabling WebDAV or CGI in locations where both are currently enabled to prevent the source code of CGI scripts from being revealed to remote users.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Apache
Apache Http Server