Vulnerabilities > Apache > Jserv
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-10-05 | CVE-2000-1247 | Configuration vulnerability in Apache Jserv 1.1.2 The default configuration of the jserv-status handler in jserv.conf in Apache JServ 1.1.2 includes an "allow from 127.0.0.1" line, which allows local users to discover JDBC passwords or other sensitive information via a direct request to the jserv/ URI. | 2.1 |