1.1.2

DATE	CVE	VULNERABILITY TITLE	RISK
2011-10-05	CVE-2000-1247	Configuration vulnerability in Apache Jserv 1.1.2 The default configuration of the jserv-status handler in jserv.conf in Apache JServ 1.1.2 includes an "allow from 127.0.0.1" line, which allows local users to discover JDBC passwords or other sensitive information via a direct request to the jserv/ URI. local low complexity apache CWE-16	2.1

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.