Описание
The default configuration of Apache 2.0.40, as shipped with Red Hat Linux 9.0, allows remote attackers to list directory contents, even if auto indexing is turned off and there is a default web page configured, via a GET request containing a double slash (//).
Ссылки
- ExploitVendor Advisory
- Vendor Advisory
- ExploitVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:redhat:interchange:2.0.40_21.5:*:i386:*:*:*:*:*
EPSS
Процентиль: 86%
0.03178
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
debian
почти 22 года назад
The default configuration of Apache 2.0.40, as shipped with Red Hat Li ...
github
больше 3 лет назад
The default configuration of Apache 2.0.40, as shipped with Red Hat Linux 9.0, allows remote attackers to list directory contents, even if auto indexing is turned off and there is a default web page configured, via a GET request containing a double slash (//).
EPSS
Процентиль: 86%
0.03178
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other