Apache 2.2.2, when running on Windows, allows remote malicious users to read source code of CGI programs via a request that contains uppercase (or alternate case) characters that bypass the case-sensitive ScriptAlias directive, but allow access to the file on case-insensitive file systems.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache http server 2.0.58 |
||
apache http server 2.2.2 |
||
apache http server 2.2.3 |