CVE-2001-0042

Apache HTTP Server - Arbitrary File Read via Encoded Backslash Dot-Dot Attack

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-0042. PoCs published by china nsl.

AI-analyzed exploit summary This exploit leverages a path traversal vulnerability in Apache Web Server when used with PHP3 to disclose arbitrary files. The crafted URL bypasses directory restrictions to access sensitive files like httpd.conf.

Description

PHP 3.x (PHP3) on Apache 1.3.6 allows remote attackers to read arbitrary files via a modified .. (dot dot) attack containing "%5c" (encoded backslash) sequences.

Exploits (1)

exploitdb WORKING POC VERIFIED
by china nsl · textremotemultiple
https://www.exploit-db.com/exploits/20466

This exploit leverages a path traversal vulnerability in Apache Web Server when used with PHP3 to disclose arbitrary files. The crafted URL bypasses directory restrictions to access sensitive files like httpd.conf.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Apache Web Server with PHP3
No auth needed
Prerequisites: Apache Web Server with PHP3 enabled · Knowledge of target file paths
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Vendor Advisory mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/149210
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/5659
Exploit, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/2060

Scores

EPSS 0.0860
EPSS Percentile 94.4%

Details

Status published
Products (1)
apache/http_server 1.3
Published Feb 16, 2001
Tracked Since Feb 18, 2026