CVE-2000-0869

Apache HTTP Server 1.3.12 - Unauthenticated Directory Listing via WebDAV PROPFIND

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-0869. PoCs published by Mnemonix.

AI-analyzed exploit summary This exploit demonstrates an information leakage vulnerability in Apache WebDAV on SuSE 6.4. By sending a crafted PROPFIND request, an attacker can retrieve a directory listing of the server's file structure, exposing sensitive files and paths.

Description

The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary directories via the PROPFIND HTTP request method.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Mnemonix · textremotelinux
https://www.exploit-db.com/exploits/20210

This exploit demonstrates an information leakage vulnerability in Apache WebDAV on SuSE 6.4. By sending a crafted PROPFIND request, an attacker can retrieve a directory listing of the server's file structure, exposing sensitive files and paths.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Apache WebDAV on SuSE 6.4
No auth needed
Prerequisites: Network access to the target server · Apache WebDAV enabled on the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Vendor Advisory vendor-advisory x_refsource_suse
http://archives.neohapsis.com/archives/linux/suse/2000-q3/0906.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/5204
Vendor Advisory vendor-advisory x_refsource_atstake
http://www.atstake.com/research/advisories/2000/a090700-3.txt
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/1656

Scores

EPSS 0.5095
EPSS Percentile 98.8%

Details

Status published
Products (7)
apache/http_server 1.3.12
suse/suse_linux 6.0
suse/suse_linux 6.1 (2 CPE variants)
suse/suse_linux 6.2
suse/suse_linux 6.3 (3 CPE variants)
suse/suse_linux 6.4 (3 CPE variants)
suse/suse_linux 7.0
Published Nov 14, 2000
Tracked Since Feb 18, 2026