Apache Web Server illegal Character HTTP Request File Disclosure Vulnerability
Publish Date: 21 Juli 2015
Schweregrad:: Mittel
CVE Kennungen:: CVE-2003-0017
Hinweisdatum: 21 Juli 2015
Beschreibung
Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as ">", which causes a different filename to be processed and served.
Trend Micro Lösungen
Apply associated Trend Micro DPI Rules.
Lösungen
Trend Micro Deep Security DPI Rule Number: 1000626
Trend Micro Deep Security DPI Rule Name: 1000626 - Apache Web Server Illegal Character HTTP Request File Disclosure Vulnerability
Betroffene Software und Version:
- Apache Software Foundation Apache 2.0.36
- Apache Software Foundation Apache 2.0.37
- Apache Software Foundation Apache 2.0.38
- Apache Software Foundation Apache 2.0.39
- Apache Software Foundation Apache 2.0.40
- Apache Software Foundation Apache 2.0.41
- Apache Software Foundation Apache 2.0.42
- Apache Software Foundation Apache 2.0.43