Description

The default configuration of Apache 1.3.12 in SuSE Linux 6.4 allows remote attackers to read source code for CGI scripts by replacing the /cgi-bin/ in the requested URL with /cgi-bin-sdb/.

Remediation

References

CVE-2000-0868

Related Vulnerabilities

PHP Other Vulnerability (CVE-2007-0909)

Tiny URL Cross-Site Scripting (1.3.2)

ownCloud Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-0202)

BuddyPress Cross-Site Scripting (2.2.2.1)

WordPress 5.0.x Multiple Vulnerabilities (5.0 - 5.0.10)

Severity

Medium

Classification

CVE-2000-0868

Tags

Missing Update Known Vulnerabilities