CVE-2006-4110

Apache 2.2.2, when running on Windows, allows remote attackers to read source code of CGI programs via a request that contains uppercase (or alternate case) characters that bypass the case-sensitive ScriptAlias directive, but allow access to the file on case-insensitive file systems.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apache:http_server:2.0.58:*:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.2:*:windows:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.3:*:windows:*:*:*:*:*

History

21 Nov 2024, 00:15

Type Values Removed Values Added
References () http://secunia.com/advisories/21490 - Exploit, Vendor Advisory () http://secunia.com/advisories/21490 - Exploit, Vendor Advisory
References () http://securityreason.com/securityalert/1370 - () http://securityreason.com/securityalert/1370 -
References () http://www.osvdb.org/27913 - () http://www.osvdb.org/27913 -
References () http://www.securityfocus.com/archive/1/442882/100/0/threaded - () http://www.securityfocus.com/archive/1/442882/100/0/threaded -
References () http://www.securityfocus.com/archive/1/443487/100/200/threaded - () http://www.securityfocus.com/archive/1/443487/100/200/threaded -
References () http://www.securityfocus.com/bid/19447 - Exploit () http://www.securityfocus.com/bid/19447 - Exploit
References () http://www.vupen.com/english/advisories/2006/3265 - () http://www.vupen.com/english/advisories/2006/3265 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/28357 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/28357 -

Information

Published : 2006-08-14 20:04

Updated : 2024-11-21 00:15


NVD link : CVE-2006-4110

Mitre link : CVE-2006-4110

CVE.ORG link : CVE-2006-4110


JSON object : View

Products Affected

apache

  • http_server