| VID |
22031 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The Apache Web Server with PHP has a file disclosure vulnerability.
Apache Web server version 1.3 running PHP on Microsoft Windows NT 4.0 or Windows 2000 could allow a remote attacker to view files on the Web server root. A remote attacker can request a specially-crafted URL to read a known file on the Web server. An attacker can use this vulnerability to obtain sensitive information on the Web server, such as configuration information in the httpd.conf file. This information could be useful in future attacks.
* References:
http://www.iss.net/security_center/static/5659.php
http://www.securityfocus.com/bid/2060 |
| Recommendation |
Upgrade to the latest version of Apache Server at http://httpd.apache.org/download.cgi |
| Related URL |
CVE-2001-0042 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
