Vulnerability Details CVE-2001-1449
The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers to list the directory index of arbitrary web directories.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.054
EPSS Ranking 89.7%
CVSS Severity
CVSS v2 Score 7.5
References
- http://www.kb.cert.org/vuls/id/913704
- http://www.mandriva.com/security/advisories?name=MDKSA-2001:077-2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/8029
- http://www.kb.cert.org/vuls/id/913704
- http://www.mandriva.com/security/advisories?name=MDKSA-2001:077-2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/8029
Products affected by CVE-2001-1449
-
cpe:2.3:a:apache:http_server:1.3
-
cpe:2.3:a:apache:http_server:1.3.1
-
cpe:2.3:a:apache:http_server:1.3.11
-
cpe:2.3:a:apache:http_server:1.3.12
-
cpe:2.3:a:apache:http_server:1.3.14
-
cpe:2.3:a:apache:http_server:1.3.17
-
cpe:2.3:a:apache:http_server:1.3.18
-
cpe:2.3:a:apache:http_server:1.3.3
-
cpe:2.3:a:apache:http_server:1.3.4
-
cpe:2.3:a:apache:http_server:1.3.6
-
cpe:2.3:a:apache:http_server:1.3.9
-
cpe:2.3:a:mandrakesoft:mandrake_single_network_firewall:7.2
-
cpe:2.3:o:mandrakesoft:mandrake_linux:7.1
-
cpe:2.3:o:mandrakesoft:mandrake_linux:7.3
-
cpe:2.3:o:mandrakesoft:mandrake_linux:8.0
-
cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1