Vulnerability in N/a

CVE-2001-0731

Apache 1.3.20 with Multiviews enabled allows remote attackers to view directory contents and bypass the index page via a URL containing the "M=D" query string.

EPSS: 0.808 (99.2th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

References

RHSA-2001:164 (x_refsource_REDHAT, vendor-advisory)
www.apacheweek.com/issues/01-10-05 (x_refsource_CONFIRM)
MDKSA-2001:077 (vendor-advisory, x_refsource_MANDRAKE)
RHSA-2001:126 (x_refsource_REDHAT, vendor-advisory)
20010709 How Google indexed a file with no external link (mailing-list, x_refsource_BUGTRAQ)
apache-multiviews-directory-listing(8275) (vdb-entry, x_refsource_XF)
3009 (vdb-entry, x_refsource_BID)
[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ (mailing-list, x_refsource_MLIST)
[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html (mailing-list, x_refsource_MLIST)
[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ (mailing-list, x_refsource_MLIST)