PT-2003-2363 · Apache+1 · Apache Http Server+1
Published
2003-12-31
·
Updated
2025-09-22
·
CVE-2003-1418
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Apache HTTP Server versions 1.3.22 through 1.3.27
Description
The issue allows remote attackers to obtain sensitive information. This can be achieved via the ETag header, which reveals the inode number, or the multipart MIME boundary, which reveals child process IDs (PID).
Recommendations
For Apache HTTP Server versions 1.3.22 through 1.3.27, consider disabling the ETag header and restricting the use of multipart MIME boundaries to minimize the risk of exploitation.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apache Http Server
Suse