Apache MS-DOS Device Name Vulnerability
Gravité: : Élevé
Identifiant(s) CVE: : CVE-2003-0016
Date du conseil: 21 juillet 2015
Description
Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows remote attackers to cause a denial of service or execute arbitrary code via an HTTP request containing MS-DOS device names.
Information Exposure Rating:
Apply associated Trend Micro DPI Rules.
Solutions
Trend Micro Deep Security DPI Rule Number: 1000632
Trend Micro Deep Security DPI Rule Name: 1000632 - Apache MS-DOS Device Name Vulnerability
Affected software and version:
- Apache Software Foundation Apache 2.0.36
- Apache Software Foundation Apache 2.0.37
- Apache Software Foundation Apache 2.0.38
- Apache Software Foundation Apache 2.0.39
- Apache Software Foundation Apache 2.0.40
- Apache Software Foundation Apache 2.0.41
- Apache Software Foundation Apache 2.0.42
- Apache Software Foundation Apache 2.0.43