Description

This alert was generated using only banner information. It may be a false positive.

Apache has reported a vulnerability in the mod_cgid module when the threaded MPM is used. This could potentially expose sensitive information or incorrectly grant unauthorized access.

Affected Apache versions (up to 2.0.47).

Remediation

Upgrade Apache 2.x to the latest version.

References

BID 8926

Apache homepage

Related Vulnerabilities

MediaWiki Improper Input Validation Vulnerability (CVE-2011-1579)

PHP Other Vulnerability (CVE-2007-2369)

WebLogic Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-29425)

WordPress Plugin Ad-minister Cross-Site Scripting (0.6)

IBM WebSEAL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1886)

Severity

Medium

Classification

CVE-2003-0542 CVE-2003-0789 CWE-119 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Tags

Denial Of Service Information Disclosure Missing Update