CVE-2003-1138

Name of the Vulnerable Software and Affected Versions Apache versions 2.0.40

Description The default configuration of Apache allows remote attackers to list directory contents via a GET request containing a double slash (//), even if auto indexing is turned off and there is a default web page configured.

Recommendations For Apache version 2.0.40, consider updating the configuration to prevent directory indexing, or restrict access to sensitive directories until a patch is available.