Vulnerabilities > CVE-2002-0240 - Path Disclosure vulnerability in Apache Http Server 2.0.28
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
PHP, when installed with Apache and configured to search for index.php as a default web page, allows remote attackers to obtain the full pathname of the server via the HTTP OPTIONS method, which reveals the pathname in the resulting error message.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |