Vulnerabilities > CVE-2002-0661 - Unspecified vulnerability in Apache Http Server
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Directory traversal vulnerability in Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote attackers to read arbitrary files and execute commands via .. (dot dot) sequences containing \ (backslash) characters.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 12 |
Exploit-Db
description | Apache 2.0 Encoded Backslash Directory Traversal Vulnerability. CVE-2002-0661. Remote exploit for windows platform |
id | EDB-ID:21697 |
last seen | 2016-02-02 |
modified | 2002-08-09 |
published | 2002-08-09 |
reporter | Auriemma Luigi |
source | https://www.exploit-db.com/download/21697/ |
title | Apache 2.0 Encoded Backslash Directory Traversal Vulnerability |
Nessus
NASL family | Web Servers |
NASL id | APACHE_WIN32_DIR_TRAV.NASL |
description | A security vulnerability in Apache 2.0.39 on Windows systems allows attackers to access files that would otherwise be inaccessible using a directory traversal attack. An attacker could use this to read sensitive files or potentially execute any command on your system. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 11092 |
published | 2002-08-18 |
reporter | This script is Copyright (C) 2002-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/11092 |
title | Apache <= 2.0.39 Win32 Crafted Traversal Arbitrary File Access |
code |
|
Statements
contributor | Mark J Cox |
lastmodified | 2008-07-02 |
organization | Apache |
statement | Fixed in Apache HTTP Server 2.0.40: http://httpd.apache.org/security/vulnerabilities_20.html |
References
- http://httpd.apache.org/info/security_bulletin_20020908a.txt
- http://www.securityfocus.com/bid/5434
- http://www.iss.net/security_center/static/9808.php
- http://marc.info/?l=bugtraq&m=102892744011436&w=2
- http://marc.info/?l=bugtraq&m=102951160411052&w=2
- https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E