CVE-2003-1418

MEDIUM

Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote attackers to obtain sensitive information via (1) the ETag header, which reveals the inode number, or (2) multipart MIME boundary, which reveals child process IDs (PID).

Score CVSS v2.0

4.3

/ 10.0

MEDIUM

AV:N/AC:M/Au:N/C:P/I:N/A:N

Informations

Publié: 31 déc. 2003
Mis à jour: 16 avr. 2026
Statut: Modified
Source: cve@mitre.org

Produits affectés

apache http serverToutes les CVE Apache HTTP Server →

Versions : 1.3.22, 1.3.23, 1.3.24, 1.3.25, 1.3.26

Faiblesses (CWE)

CWE-200

Références (10)

http://www.openbsd.org/errata32.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
http://www.securityfocus.com/bid/6939
http://www.securityfocus.com/bid/6943
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/11438
http://www.openbsd.org/errata32.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
http://www.securityfocus.com/bid/6939
http://www.securityfocus.com/bid/6943
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/11438

CVEs similaires

Autres vulnérabilités de type CWE-200

Loading…

Surveillez vos produits

Recevez une alerte automatique à chaque nouvelle CVE affectant vos équipements.

Activer la surveillance