CVE-2006-4110

Apache 2.2.2, when running on Windows, allows remote attackers to read source code of CGI programs via a request that contains uppercase (or alternate case) characters that bypass the case-sensitive ScriptAlias directive, but allow access to the file on case-insensitive file systems.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apache:http_server:2.0.58:*:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.2:*:windows:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.3:*:windows:*:*:*:*:*

History

No history.

Information

Published : 2006-08-14 20:04

Updated : 2024-02-28 10:42


NVD link : CVE-2006-4110

Mitre link : CVE-2006-4110

CVE.ORG link : CVE-2006-4110


JSON object : View

Products Affected

apache

  • http_server