CVE-2003-1418

Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote attackers to obtain sensitive information via (1) the ETag header, which reveals the inode number, or (2) multipart MIME boundary, which reveals child process IDs (PID).
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apache:http_server:1.3.22:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.23:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.24:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.25:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.26:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.27:*:*:*:*:*:*:*

History

20 Nov 2024, 23:47

Type Values Removed Values Added
References () http://www.openbsd.org/errata32.html - () http://www.openbsd.org/errata32.html -
References () http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html - () http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html -
References () http://www.securityfocus.com/bid/6939 - () http://www.securityfocus.com/bid/6939 -
References () http://www.securityfocus.com/bid/6943 - Patch () http://www.securityfocus.com/bid/6943 - Patch
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/11438 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/11438 -

Information

Published : 2003-12-31 05:00

Updated : 2024-11-20 23:47


NVD link : CVE-2003-1418

Mitre link : CVE-2003-1418

CVE.ORG link : CVE-2003-1418


JSON object : View

Products Affected

apache

  • http_server
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor