Vulnerabilities > CVE-2001-1013 - Unspecified vulnerability in Redhat Linux 7.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Apache on Red Hat Linux with with the UserDir directive enabled generates different error codes when a username exists and there is no public_html directory and when the username does not exist, which could allow remote attackers to determine valid usernames on the server.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 1 |
Exploit-Db
description | Red Hat Linux 7.0 Apache Remote Username Enumeration Vulnerability. CVE-2001-1013. Remote exploit for linux platform |
id | EDB-ID:21112 |
last seen | 2016-02-02 |
modified | 2001-09-12 |
published | 2001-09-12 |
reporter | Gabriel A Maggiotti |
source | https://www.exploit-db.com/download/21112/ |
title | Red Hat Linux 7.0 Apache Remote Username Enumeration Vulnerability |
Metasploit
description | Apache with the UserDir directive enabled generates different error codes when a username exists and there is no public_html directory and when the username does not exist, which could allow remote attackers to determine valid usernames on the server. |
id | MSF:AUXILIARY/SCANNER/HTTP/APACHE_USERDIR_ENUM |
last seen | 2020-06-07 |
modified | 1976-01-01 |
published | 1976-01-01 |
references | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1013 |
reporter | Rapid7 |
source | https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/scanner/http/apache_userdir_enum.rb |
title | Apache "mod_userdir" User Enumeration |
Nessus
NASL family | Web Servers |
NASL id | APACHE_USERNAME.NASL |
description | When configured with the |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 10766 |
published | 2001-09-18 |
reporter | This script is Copyright (C) 2001-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/10766 |
title | Apache UserDir Directive Username Enumeration |
code |
|
References
- http://archives.neohapsis.com/archives/vuln-dev/2000-q3/0083.html
- http://archives.neohapsis.com/archives/vuln-dev/2000-q3/0083.html
- http://archives.neohapsis.com/archives/vuln-dev/2000-q3/0087.html
- http://archives.neohapsis.com/archives/vuln-dev/2000-q3/0087.html
- http://archives.neohapsis.com/archives/vuln-dev/2000-q3/0094.html
- http://archives.neohapsis.com/archives/vuln-dev/2000-q3/0094.html
- http://www.securityfocus.com/archive/1/213667
- http://www.securityfocus.com/archive/1/213667
- http://www.securityfocus.com/bid/3335
- http://www.securityfocus.com/bid/3335
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7129
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7129