CVE-2003-1418

MEDIUM

Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote attackers to obtain sensitive information via (1) the ETag header, which reveals the inode number, or (2) multipart MIME boundary, which reveals child process IDs (PID).

CVSS v2.0 Score

4.3

/ 10.0

MEDIUM

AV:N/AC:M/Au:N/C:P/I:N/A:N

Information

Published: 31 déc. 2003
Updated: 16 avr. 2026
Status: Modified
Source: cve@mitre.org

Affected products

apache http serverAll Apache HTTP Server CVEs →

Versions : 1.3.22, 1.3.23, 1.3.24, 1.3.25, 1.3.26

Weaknesses (CWE)

CWE-200

References (10)

http://www.openbsd.org/errata32.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
http://www.securityfocus.com/bid/6939
http://www.securityfocus.com/bid/6943
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/11438
http://www.openbsd.org/errata32.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
http://www.securityfocus.com/bid/6939
http://www.securityfocus.com/bid/6943
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/11438

Similar CVEs

Other vulnerabilities of type CWE-200

Loading…

Monitor your products

Get automatic alerts for every new CVE affecting your equipment.

Enable monitoring