Published: 14/08/2006 Updated: 17/10/2018

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Apache 2.2.2, when running on Windows, allows remote malicious users to read source code of CGI programs via a request that contains uppercase (or alternate case) characters that bypass the case-sensitive ScriptAlias directive, but allow access to the file on case-insensitive file systems.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apache http server 2.2.3
apache http server 2.0.58
apache http server 2.2.2

source: wwwsecurityfocuscom/bid/19447/info Apache is prone to an information-disclosure vulnerability because it fails to properly handle exceptional conditions An attacker can exploit this issue to retrieve script source code Information obtained may aid in further attacks Versions 222 for Microsoft Windows is vulnerable to this i ...

NVD-CWE-Other http://www.securityfocus.com/bid/19447 http://secunia.com/advisories/21490 http://www.osvdb.org/27913 http://securityreason.com/securityalert/1370 http://www.vupen.com/english/advisories/2006/3265 https://exchange.xforce.ibmcloud.com/vulnerabilities/28357 http://www.securityfocus.com/archive/1/443487/100/200/threaded http://www.securityfocus.com/archive/1/442882/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/28365/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-4110

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect