Published: 31/12/2003 Updated: 20/10/2017
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Vulnerability Summary

Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote malicious users to obtain sensitive information via (1) the ETag header, which reveals the inode number, or (2) multipart MIME boundary, which reveals child process IDs (PID).

Vulnerability Trend

Affected Products

Vendor Product Versions
ApacheHttp Server1.3.22, 1.3.23, 1.3.24, 1.3.25, 1.3.26, 1.3.27

Vendor Advisories

Oracle Critical Patch Update Advisory - October 2017 Description A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the ...

Github Repositories