Описание
PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:php:php:4.0:*:*:*:*:*:*:*
cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*
cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*
EPSS
Процентиль: 60%
0.004
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
redhat
больше 24 лет назад
PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested.
github
около 3 лет назад
PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested.
EPSS
Процентиль: 60%
0.004
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other